MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (+32.79%)
InqlInQL - A Burp Extension for GraphQL Security Testing
Stars: ✭ 715 (+486.07%)
PwnbackBurp Extender plugin that generates a sitemap of a website using Wayback Machine
Stars: ✭ 203 (+66.39%)
SQLi-Query-TamperingSQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.
Stars: ✭ 123 (+0.82%)
SwurgParse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in their official BApp Store).
Stars: ✭ 94 (-22.95%)
flarequenchBurp Suite plugin that adds additional checks to the passive scanner to reveal the origin IP(s) of Cloudflare-protected web applications.
Stars: ✭ 44 (-63.93%)
burp-token-rewriteBurp extension for automated handling of CSRF tokens
Stars: ✭ 15 (-87.7%)
Burpsuite Secret finderBurp Suite extension to discover apikeys/accesstokens and sensitive data from HTTP response.
Stars: ✭ 483 (+295.9%)
RescopeRescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.
Stars: ✭ 156 (+27.87%)
KnaryA simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support
Stars: ✭ 187 (+53.28%)
burp-flowExtension providing view with filtering capabilities for both complete and incomplete requests from all burp tools.
Stars: ✭ 45 (-63.11%)
GadgetprobeProbe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
Stars: ✭ 381 (+212.3%)
auth analyzerBurp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.
Stars: ✭ 77 (-36.89%)
Myscanmyscan 被动扫描
Stars: ✭ 373 (+205.74%)
BurpaBurp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).
Stars: ✭ 427 (+250%)
burp-wildcardBurp extension intended to compact Burp extension tabs by hijacking them to own tab.
Stars: ✭ 119 (-2.46%)
CstcCSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef
Stars: ✭ 91 (-25.41%)
Headless BurpAutomate security tests using Burp Suite.
Stars: ✭ 192 (+57.38%)
TurboDataMinerThe objective of this Burp Suite extension is the flexible and dynamic extraction, correlation, and structured presentation of information from the Burp Suite project as well as the flexible and dynamic on-the-fly modification of outgoing or incoming HTTP requests using Python scripts. Thus, Turbo Data Miner shall aid in gaining a better and fas…
Stars: ✭ 46 (-62.3%)
burp-copy-as-ffufBurp Extension that copies a request and builds a FFUF skeleton
Stars: ✭ 77 (-36.89%)
BurpcryptoBurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite).
Stars: ✭ 350 (+186.89%)
HackbarHackBar plugin for Burpsuite
Stars: ✭ 917 (+651.64%)
KnifeA burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅
Stars: ✭ 626 (+413.11%)
Burpsuite XkeysA Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.
Stars: ✭ 144 (+18.03%)
burp-suite-utilsUtilities for creating Burp Suite Extensions.
Stars: ✭ 19 (-84.43%)
RecaptchareCAPTCHA = REcognize CAPTCHA: A Burp Suite Extender that recognize CAPTCHA and use for intruder payload 自动识别图形验证码并用于burp intruder爆破模块的插件
Stars: ✭ 596 (+388.52%)
Aes KillerBurp plugin to decrypt AES Encrypted traffic of mobile apps on the fly
Stars: ✭ 446 (+265.57%)
BurpbountyBurp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
Stars: ✭ 1,026 (+740.98%)
Burpsuite CollectionsBurpSuite收集:包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程,欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar
Stars: ✭ 1,081 (+786.07%)
Hacker ContainerContainer with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters
Stars: ✭ 105 (-13.93%)
DockleContainer Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
Stars: ✭ 1,713 (+1304.1%)
KarnSimplifying Seccomp enforcement in containerized or non-containerized apps
Stars: ✭ 104 (-14.75%)
M4ngl3m3Common password pattern generator using strings list
Stars: ✭ 103 (-15.57%)
TerrascanDetect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
Stars: ✭ 2,687 (+2102.46%)
Burp Fofa基于BurpSuite的一款FOFA Pro 插件
Stars: ✭ 113 (-7.38%)
Security ScriptsA collection of public offensive and defensive security related scripts for InfoSec students.
Stars: ✭ 101 (-17.21%)
FugaciousOSSSM (awesome). Open source short-term secure messaging
Stars: ✭ 100 (-18.03%)
Snopfsnopf USB password token
Stars: ✭ 113 (-7.38%)
Awesome Aws SecurityCurated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS Security
Stars: ✭ 100 (-18.03%)
ArlARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
Stars: ✭ 1,357 (+1012.3%)
Horn3tPowerful Visual Subdomain Enumeration at the Click of a Mouse
Stars: ✭ 120 (-1.64%)
SojoboA binary analysis framework
Stars: ✭ 116 (-4.92%)
BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (-7.38%)
PowershellarmouryA PowerShell armoury for penetration testers or other random security guys
Stars: ✭ 99 (-18.85%)
WsmanagerWebshell Manager
Stars: ✭ 99 (-18.85%)
Outisoutis is a custom Remote Administration Tool (RAT) or something like that. It was build to support various transport methods (like DNS) and platforms (like Powershell).
Stars: ✭ 111 (-9.02%)
SliverAdversary Simulation Framework
Stars: ✭ 1,348 (+1004.92%)
Scilla🏴☠️ Information Gathering tool 🏴☠️ DNS / Subdomains / Ports / Directories enumeration
Stars: ✭ 116 (-4.92%)
Nordvpn NetworkmanagerA CLI tool for automating the importing, securing and usage of NordVPN (and in the future, more) OpenVPN servers through NetworkManager.
Stars: ✭ 111 (-9.02%)
Burp Unauth Checkerburpsuite extension for check unauthorized vulnerability
Stars: ✭ 99 (-18.85%)
SquealerTelling tales on you for leaking secrets!
Stars: ✭ 97 (-20.49%)
Docbleach🚿 Sanitising your documents, one threat at a time. — Content Disarm & Reconstruction Software
Stars: ✭ 110 (-9.84%)
VsauditVOIP Security Audit Framework
Stars: ✭ 97 (-20.49%)
Keylogger🔐 Open Source Python Keylogger Collection
Stars: ✭ 97 (-20.49%)