GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → bit4woo → Knife

bit4woo / Knife

Licence: mit
A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅

Programming Languages

java
68154 projects - #9 most used programming language

Labels

menucookieburpsuiteburp-extensionsburp-plugin

Projects that are alternatives of or similar to Knife

Recaptcha
reCAPTCHA = REcognize CAPTCHA: A Burp Suite Extender that recognize CAPTCHA and use for intruder payload 自动识别图形验证码并用于burp intruder爆破模块的插件
Stars: ✭ 596 (-4.79%)
Mutual labels:  burpsuite, burp-extensions, burp-plugin
TurboDataMiner
The objective of this Burp Suite extension is the flexible and dynamic extraction, correlation, and structured presentation of information from the Burp Suite project as well as the flexible and dynamic on-the-fly modification of outgoing or incoming HTTP requests using Python scripts. Thus, Turbo Data Miner shall aid in gaining a better and fas…
Stars: ✭ 46 (-92.65%)
Mutual labels:  burp-plugin, burpsuite, burp-extensions
Burp Molly Pack
Security checks pack for Burp Suite
Stars: ✭ 123 (-80.35%)
Mutual labels:  burpsuite, burp-extensions, burp-plugin
SQLi-Query-Tampering
SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.
Stars: ✭ 123 (-80.35%)
Mutual labels:  burp-plugin, burpsuite, burp-extensions
Burpcrypto
BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite).
Stars: ✭ 350 (-44.09%)
Mutual labels:  burpsuite, burp-extensions, burp-plugin
Swurg
Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in their official BApp Store).
Stars: ✭ 94 (-84.98%)
Mutual labels:  burpsuite, burp-extensions, burp-plugin
auth analyzer
Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.
Stars: ✭ 77 (-87.7%)
Mutual labels:  burp-plugin, burpsuite, burp-extensions
Burp Suite Software Version Checks
Burp extension to passively scan for applications revealing software version numbers
Stars: ✭ 29 (-95.37%)
Mutual labels:  burpsuite, burp-extensions, burp-plugin
burp-token-rewrite
Burp extension for automated handling of CSRF tokens
Stars: ✭ 15 (-97.6%)
Mutual labels:  burp-plugin, burpsuite, burp-extensions
burp-wildcard
Burp extension intended to compact Burp extension tabs by hijacking them to own tab.
Stars: ✭ 119 (-80.99%)
Mutual labels:  burp-plugin, burpsuite, burp-extensions
Cstc
CSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef
Stars: ✭ 91 (-85.46%)
Mutual labels:  burpsuite, burp-extensions, burp-plugin
flarequench
Burp Suite plugin that adds additional checks to the passive scanner to reveal the origin IP(s) of Cloudflare-protected web applications.
Stars: ✭ 44 (-92.97%)
Mutual labels:  burp-plugin, burpsuite, burp-extensions
Burpsuite Collections
BurpSuite收集:包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程,欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar
Stars: ✭ 1,081 (+72.68%)
Mutual labels:  burpsuite, burp-extensions, burp-plugin
burp-flow
Extension providing view with filtering capabilities for both complete and incomplete requests from all burp tools.
Stars: ✭ 45 (-92.81%)
Mutual labels:  burp-plugin, burpsuite, burp-extensions
Burp Suite Error Message Checks
Burp Suite extension to passively scan for applications revealing server error messages
Stars: ✭ 45 (-92.81%)
Mutual labels:  burpsuite, burp-extensions, burp-plugin
Minesweeper
A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (-74.12%)
Mutual labels:  burpsuite, burp-extensions, burp-plugin
Hackbar
HackBar plugin for Burpsuite
Stars: ✭ 917 (+46.49%)
Mutual labels:  burpsuite, burp-extensions, burp-plugin
Headless Burp
Automate security tests using Burp Suite.
Stars: ✭ 192 (-69.33%)
Mutual labels:  burpsuite, burp-extensions, burp-plugin
burp-suite-utils
Utilities for creating Burp Suite Extensions.
Stars: ✭ 19 (-96.96%)
Mutual labels:  burp-plugin, burpsuite, burp-extensions
Aes Killer
Burp plugin to decrypt AES Encrypted traffic of mobile apps on the fly
Stars: ✭ 446 (-28.75%)
Mutual labels:  burpsuite, burp-extensions, burp-plugin
View All Similar Projects ➔

Open Source Love MIT Licence

knife (中文说明请点这里)

A extension that add some small function[ one key to update cookie, one key add host to scope] to right click context menu.

Caution

Please change configurations to yourself payload first before use this tool !!! especially configurations that type starts with "Action"!!!

Video

https://www.bilibili.com/video/bv1BC4y1s7nS

Authors

bit4woo

Package

git clone https://github.com/bit4woo/knife
cd knife
mvn package

Functions

Menus (simple is beautiful,some menu deleted)

  1. update cookie

    update current request cookie which in repeater within the latest cookie fetched from proxy history.

  2. add host to scope

    add current request host to burp scope not URL.

  3. update header

    update Header that likes token,authorization .

  4. open with browser

    open URL of current request or selected URL with browser you configured.

  5. Custom Payload

    you can config your own payloads with string or base64 formate.

  6. Set Cookie scenes: when you visit a website with IP address, It may not contains cookie, but you know it should contains same cookie with some site. you can use this function in Proxy. It will edit response to set the same cookie to let whole web site use the specified cookie.

  7. Dismiss

    Dismiss useless requests (eg. *.firefox.com *.mozilla.com) from proxy. see below screen shot to know more.

  8. Run SQLMap

    One key to run sqlmap with current selected request.

  9. Insert XSS

    One key to insert XSS payload to parameters that not in cookie and not number.

Tab

  1. U2C

    convert Unicode To Chinese (eg. \u4e2d\u6587-->中文)

request edit
  1. auto remove some headers , eg. Last-Modified,If-Modified-Since,If-None-Match. it's for all requests
  2. auto add/update/append some headers, you can control which requests to enable for.
  3. use proxy
  4. chunked encoding

Screen shot

update cookie:

updatecookie

update header:

open with browser:

openwithbrowser

custom payload:

insertpayload

Dismiss:

dismiss

Run SQLMap:

runsqlmap

any issue, advice, suggestion are welcome, Thanks!

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].