auth analyzerBurp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.
Stars: ✭ 77 (-81.03%)
TurboDataMinerThe objective of this Burp Suite extension is the flexible and dynamic extraction, correlation, and structured presentation of information from the Burp Suite project as well as the flexible and dynamic on-the-fly modification of outgoing or incoming HTTP requests using Python scripts. Thus, Turbo Data Miner shall aid in gaining a better and fas…
Stars: ✭ 46 (-88.67%)
AutorepeaterAutomated HTTP Request Repeating With Burp Suite
Stars: ✭ 546 (+34.48%)
Mssqli DuetSQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing
Stars: ✭ 82 (-79.8%)
JWTweakDetects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.
Stars: ✭ 85 (-79.06%)
Burp Unauth Checkerburpsuite extension for check unauthorized vulnerability
Stars: ✭ 99 (-75.62%)
Headless BurpAutomate security tests using Burp Suite.
Stars: ✭ 192 (-52.71%)
SwurgParse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in their official BApp Store).
Stars: ✭ 94 (-76.85%)
KnifeA burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅
Stars: ✭ 626 (+54.19%)
burp-token-rewriteBurp extension for automated handling of CSRF tokens
Stars: ✭ 15 (-96.31%)
HackbarHackBar plugin for Burpsuite
Stars: ✭ 917 (+125.86%)
BurpcryptoBurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite).
Stars: ✭ 350 (-13.79%)
RecaptchareCAPTCHA = REcognize CAPTCHA: A Burp Suite Extender that recognize CAPTCHA and use for intruder payload 自动识别图形验证码并用于burp intruder爆破模块的插件
Stars: ✭ 596 (+46.8%)
CstcCSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef
Stars: ✭ 91 (-77.59%)
burp-wildcardBurp extension intended to compact Burp extension tabs by hijacking them to own tab.
Stars: ✭ 119 (-70.69%)
Aes KillerBurp plugin to decrypt AES Encrypted traffic of mobile apps on the fly
Stars: ✭ 446 (+9.85%)
BurpdeveltrainingMaterial for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"
Stars: ✭ 302 (-25.62%)
Burpsuite CollectionsBurpSuite收集:包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程,欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar
Stars: ✭ 1,081 (+166.26%)
burp-suite-utilsUtilities for creating Burp Suite Extensions.
Stars: ✭ 19 (-95.32%)
flarequenchBurp Suite plugin that adds additional checks to the passive scanner to reveal the origin IP(s) of Cloudflare-protected web applications.
Stars: ✭ 44 (-89.16%)
googleauthenticatorBurp Suite plugin that dynamically generates Google 2FA codes for use in session handling rules (approved by PortSwigger for inclusion in their official BApp Store).
Stars: ✭ 18 (-95.57%)
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (-60.1%)
SQLi-Query-TamperingSQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.
Stars: ✭ 123 (-69.7%)
burp-flowExtension providing view with filtering capabilities for both complete and incomplete requests from all burp tools.
Stars: ✭ 45 (-88.92%)
CheatsheetseriesThe OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Stars: ✭ 19,302 (+4654.19%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (+762.81%)
StuntmanLibrary for impersonating users during development leveraging ASP.NET Identity.
Stars: ✭ 285 (-29.8%)
SantaA binary authorization system for macOS
Stars: ✭ 3,586 (+783.25%)
FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+687.68%)
StprivilegedtaskAn NSTask-like wrapper around the macOS Security Framework's AEWP function to run shell commands with root privileges in Objective-C / Cocoa.
Stars: ✭ 335 (-17.49%)
CaslCASL is an isomorphic authorization JavaScript library which restricts what resources a given user is allowed to access
Stars: ✭ 3,610 (+789.16%)
Application Security Engineer Interview QuestionsSome of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
Stars: ✭ 267 (-34.24%)
Myscanmyscan 被动扫描
Stars: ✭ 373 (-8.13%)
ConsulScope-based authorization for Ruby on Rails.
Stars: ✭ 268 (-33.99%)
Commodity Injection SignaturesCommodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT
Stars: ✭ 267 (-34.24%)
SixUltra lite authorization library
Stars: ✭ 323 (-20.44%)
Ember CanSimple authorisation addon for Ember apps
Stars: ✭ 262 (-35.47%)
TaipanWeb application vulnerability scanner
Stars: ✭ 359 (-11.58%)
burp data collectorA Burp plugin that collects Burp request parameters, directories, paths and file names into the database for sorting
Stars: ✭ 58 (-85.71%)
GrantOAuth Proxy
Stars: ✭ 3,509 (+764.29%)
HopLaHopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite
Stars: ✭ 446 (+9.85%)
approver-policyapprover-policy is a cert-manager approver that allows users to define policies that restrict what certificates can be requested.
Stars: ✭ 37 (-90.89%)
HaeHaE - BurpSuite Highlighter and Extractor
Stars: ✭ 397 (-2.22%)
Play Pac4jSecurity library for Play framework 2 in Java and Scala: OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
Stars: ✭ 375 (-7.64%)
GatekeeperGatekeeper: An Authentication & Authorization Library
Stars: ✭ 356 (-12.32%)
Burp-Suite|| Activate Burp Suite Pro with Loader and Key-Generator ||
Stars: ✭ 94 (-76.85%)