RescopeRescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.
Stars: ✭ 156 (+102.6%)
BurpyA plugin that allows you execute python and get return to BurpSuite.
Stars: ✭ 155 (+101.3%)
HuntNo description or website provided.
Stars: ✭ 1,681 (+2083.12%)
Burp Send ToAdds a customizable "Send to..."-context-menu to your BurpSuite.
Stars: ✭ 114 (+48.05%)
Burp Fofa基于BurpSuite的一款FOFA Pro 插件
Stars: ✭ 113 (+46.75%)
Burp Unauth Checkerburpsuite extension for check unauthorized vulnerability
Stars: ✭ 99 (+28.57%)
Decoder Plus PlusAn extensible application for penetration testers and software developers to decode/encode data into various formats.
Stars: ✭ 79 (+2.6%)
Docker burpBurp Pro as a Docker Container
Stars: ✭ 53 (-31.17%)
Powerful PluginsPowerful plugins and add-ons for hackers
Stars: ✭ 621 (+706.49%)
AutorepeaterAutomated HTTP Request Repeating With Burp Suite
Stars: ✭ 546 (+609.09%)
BurpsuitehttpsmugglerA Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques
Stars: ✭ 529 (+587.01%)
Iprotate burp extensionExtension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.
Stars: ✭ 484 (+528.57%)
Hack🔰渗透测试资源库🔰黑客工具🔰维基解密文件🔰木马免杀🔰信息安全🔰技能树🔰数据库泄露🔰
Stars: ✭ 460 (+497.4%)
BurpaBurp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).
Stars: ✭ 427 (+454.55%)
AutorizeAutomatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
Stars: ✭ 406 (+427.27%)
HaeHaE - BurpSuite Highlighter and Extractor
Stars: ✭ 397 (+415.58%)
Myscanmyscan 被动扫描
Stars: ✭ 373 (+384.42%)
Kalirouterintercepting kali router
Stars: ✭ 374 (+385.71%)
BurpdeveltrainingMaterial for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"
Stars: ✭ 302 (+292.21%)
Ethical Hacking ToolsComplete Listing and Usage of Tools used for Ethical Hacking
Stars: ✭ 272 (+253.25%)
FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+4053.25%)
Commodity Injection SignaturesCommodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT
Stars: ✭ 267 (+246.75%)
burp data collectorA Burp plugin that collects Burp request parameters, directories, paths and file names into the database for sorting
Stars: ✭ 58 (-24.68%)
Burp-Suite|| Activate Burp Suite Pro with Loader and Key-Generator ||
Stars: ✭ 94 (+22.08%)
CaACaA - BurpSuite Collector and Analyzer
Stars: ✭ 292 (+279.22%)
VulnerableAppOWASP VulnerableApp Project: For Security Enthusiasts by Security Enthusiasts.
Stars: ✭ 109 (+41.56%)
GurpBurp Commander written in Go
Stars: ✭ 56 (-27.27%)
eslinterManual JavaScript Linting is a Bug
Stars: ✭ 47 (-38.96%)
googleauthenticatorBurp Suite plugin that dynamically generates Google 2FA codes for use in session handling rules (approved by PortSwigger for inclusion in their official BApp Store).
Stars: ✭ 18 (-76.62%)
Burp-AppSecFlowThe extension of Burp Suite for Conviso Platform aims to serve as an integration between them, making the life of an analyst easier, because he can now send vulnerabilities directly from Burp to the platform.
Stars: ✭ 36 (-53.25%)
Jasmin-RansomwareJasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.
Stars: ✭ 84 (+9.09%)
Burp Molly ScannerTurn your Burp suite into headless active web application vulnerability scanner
Stars: ✭ 146 (+89.61%)
Jsonpjsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints. This could help reveal cross-site script inclusion vulnerabilities or aid in bypassing content security policies.
Stars: ✭ 131 (+70.13%)
Struts2 RceA Burp Extender for checking for struts 2 RCE vulnerabilities.
Stars: ✭ 114 (+48.05%)
U2cUnicode To Chinese -- U2C : A burpsuite Extender That Convert Unicode To Chinese 【Unicode编码转中文的burp插件】
Stars: ✭ 83 (+7.79%)
Mssqli DuetSQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing
Stars: ✭ 82 (+6.49%)
Log Requests To SqliteBURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.
Stars: ✭ 44 (-42.86%)
Awesome Burp SuiteAwesome Burp Suite Resources. 400+ open source Burp plugins, 400+ posts and videos.
Stars: ✭ 712 (+824.68%)
Domain hunterA Burp Suite Extension that try to find all sub-domain, similar-domain and related-domain of an organization automatically! 基于流量自动收集整个企业或组织的子域名、相似域名、相关域名的burp插件
Stars: ✭ 594 (+671.43%)
GadgetprobeProbe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
Stars: ✭ 381 (+394.81%)
BadintentIntercept, modify, repeat and attack Android's Binder transactions using Burp Suite
Stars: ✭ 303 (+293.51%)
ReSignA burp extender that recalculate signature value automatically after you modified request parameter value.
Stars: ✭ 52 (-32.47%)
burp-piperPiper Burp Suite Extender plugin
Stars: ✭ 85 (+10.39%)
AxiomThe dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!
Stars: ✭ 2,424 (+3048.05%)
leaky-pathsA collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.
Stars: ✭ 507 (+558.44%)