114 Open source projects that are alternatives of or similar to burp-copy-as-ffuf

Rescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.

A plugin that allows you execute python and get return to BurpSuite.

No description or website provided.

Adds a customizable "Send to..."-context-menu to your BurpSuite.

基于BurpSuite的一款FOFA Pro 插件

burpsuite extension for check unauthorized vulnerability

An extensible application for penetration testers and software developers to decode/encode data into various formats.

Burp Bounty profiles compilation, feel free to contribute!

Burp Pro as a Docker Container

burpsuite extension for check and extract sensitive request parameter

burpsuite extension for extract information from data

Powerful plugins and add-ons for hackers

Automated HTTP Request Repeating With Burp Suite

A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques

Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.

🔰渗透测试资源库🔰黑客工具🔰维基解密文件🔰木马免杀🔰信息安全🔰技能树🔰数据库泄露🔰

Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).

Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests

HaE - BurpSuite Highlighter and Extractor

Burpsuite-Plugins-Usage

myscan 被动扫描

intercepting kali router

这是基于Burp Suite官方文档翻译而来的中文版文档

Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"

百宝箱

Complete Listing and Usage of Tools used for Ethical Hacking

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT

A Burp plugin that collects Burp request parameters, directories, paths and file names into the database for sorting

|| Activate Burp Suite Pro with Loader and Key-Generator ||

CaA - BurpSuite Collector and Analyzer

OWASP VulnerableApp Project: For Security Enthusiasts by Security Enthusiasts.

Burp Commander written in Go

Manual JavaScript Linting is a Bug

Burp Suite plugin that dynamically generates Google 2FA codes for use in session handling rules (approved by PortSwigger for inclusion in their official BApp Store).

The extension of Burp Suite for Conviso Platform aims to serve as an integration between them, making the life of an analyst easier, because he can now send vulnerabilities directly from Burp to the platform.

Jasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.

Turn your Burp suite into headless active web application vulnerability scanner

jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints. This could help reveal cross-site script inclusion vulnerabilities or aid in bypassing content security policies.

A Burp Extender for checking for struts 2 RCE vulnerabilities.

Unicode To Chinese -- U2C : A burpsuite Extender That Convert Unicode To Chinese 【Unicode编码转中文的burp插件】

SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing

BURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.

Awesome Burp Suite Resources. 400+ open source Burp plugins, 400+ posts and videos.

A Burp Suite Extension that try to find all sub-domain, similar-domain and related-domain of an organization automatically! 基于流量自动收集整个企业或组织的子域名、相似域名、相关域名的burp插件

Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.

burp验证码识别接口调用插件

sqlmap4burp++是一款兼容Windows，mac，linux多个系统平台的Burp与sqlmap联动插件

Intercept, modify, repeat and attack Android's Binder transactions using Burp Suite

A burp extender that recalculate signature value automatically after you modified request parameter value.

Piper Burp Suite Extender plugin

The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!

A collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.