Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

The objective of this Burp Suite extension is the flexible and dynamic extraction, correlation, and structured presentation of information from the Burp Suite project as well as the flexible and dynamic on-the-fly modification of outgoing or incoming HTTP requests using Python scripts. Thus, Turbo Data Miner shall aid in gaining a better and fas…

Stars: ✭ 46 (+31.43%)

Mutual labels: burp-plugin, burpsuite

SQLi-Query-Tampering

SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.

Stars: ✭ 123 (+251.43%)

Mutual labels: burp-plugin, burpsuite

Burp Info Extractor

burpsuite extension for extract information from data

Stars: ✭ 27 (-22.86%)

Mutual labels: burpsuite, burp-plugin

burp-wildcard

Burp extension intended to compact Burp extension tabs by hijacking them to own tab.

Stars: ✭ 119 (+240%)

Mutual labels: burp-plugin, burpsuite

Burpcrypto

BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite).

Stars: ✭ 350 (+900%)

Mutual labels: burpsuite, burp-plugin

Hackbar

HackBar plugin for Burpsuite

Stars: ✭ 917 (+2520%)

Mutual labels: burpsuite, burp-plugin

Recaptcha

reCAPTCHA = REcognize CAPTCHA: A Burp Suite Extender that recognize CAPTCHA and use for intruder payload 自动识别图形验证码并用于burp intruder爆破模块的插件

Stars: ✭ 596 (+1602.86%)

Mutual labels: burpsuite, burp-plugin

flarequench

Burp Suite plugin that adds additional checks to the passive scanner to reveal the origin IP(s) of Cloudflare-protected web applications.

Stars: ✭ 44 (+25.71%)

Mutual labels: burp-plugin, burpsuite

burp-suite-utils

Utilities for creating Burp Suite Extensions.

Stars: ✭ 19 (-45.71%)

Mutual labels: burp-plugin, burpsuite

googleauthenticator

Burp Suite plugin that dynamically generates Google 2FA codes for use in session handling rules (approved by PortSwigger for inclusion in their official BApp Store).

Stars: ✭ 18 (-48.57%)

Mutual labels: burp-plugin, burpsuite

burp-token-rewrite

Burp extension for automated handling of CSRF tokens

Stars: ✭ 15 (-57.14%)

Mutual labels: burp-plugin, burpsuite

Aes Killer

Burp plugin to decrypt AES Encrypted traffic of mobile apps on the fly

Stars: ✭ 446 (+1174.29%)

Mutual labels: burpsuite, burp-plugin

Burp Suite Software Version Checks

Burp extension to passively scan for applications revealing software version numbers

Stars: ✭ 29 (-17.14%)

Mutual labels: burpsuite, burp-plugin

Minesweeper

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

Stars: ✭ 162 (+362.86%)

Mutual labels: burpsuite, burp-plugin

Headless Burp

Automate security tests using Burp Suite.

Stars: ✭ 192 (+448.57%)

Mutual labels: burpsuite, burp-plugin

Burpdeveltraining

Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"

Stars: ✭ 302 (+762.86%)

Mutual labels: burpsuite, burp-plugin

View All Similar Projects ➔

burp-sensive-param-extractor

概述

检测并提取请求参数中的敏感参数名，如userid，username，方便测试越权漏洞，并形成敏感参数字典。

关于该插件的实现细节，参考burpsuite插件开发总结

快速开始

param-regular.cfg：参数正则配置文件，id表示请求参数中包含id的参数，如userid，idcard等。

sensitive-params.txt：参数字典文件。

支持4种参数检测

self.requestParamDict['urlParams'] = []

self.requestParamDict['BodyParams'] = []

self.requestParamDict['cookieParams'] = []

self.requestParamDict['jsonParams'] = []

界面右侧的列表即参数正则，可实时增删，删除只需单击列表元素再点击删除按钮即可。

反馈

issues

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Stars: ✭ 35

Visit Git Page 🔗Visit User Page 🔗Visit Issues Page (0) 🔗