109 Open source projects that are alternatives of or similar to burp-flow

JSON JTree viewer for Burp Suite

Vendor-Neutral Security Tool Automation Controller (over REST)

Simple socket-based gateway to the Burp Collaborator

Burp/ZAP/Maven extension that integrate Retire.js repository to find vulnerable Javascript libraries.

A Burp Plugin for Detecting Weaknesses in Content Security Policies

Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a Website

一键生成Java代码的burp插件/Generate Java script for fuzzing in Burp。

The main SamuraiWTF collaborative distro repo.

A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.

Burp extension to detect alias traversal via NGINX misconfiguration at scale.

A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support

Identify technologies used on websites.

Wordlist for content(directory) bruteforce discovering with Burp or dirsearch

Rescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.

A plugin that allows you execute python and get return to BurpSuite.

No description or website provided.

Adds a customizable "Send to..."-context-menu to your BurpSuite.

基于BurpSuite的一款FOFA Pro 插件

An extensible application for penetration testers and software developers to decode/encode data into various formats.

Burp Bounty profiles compilation, feel free to contribute!

Burp Pro as a Docker Container

Powerful plugins and add-ons for hackers

A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques

Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.

🔰渗透测试资源库🔰黑客工具🔰维基解密文件🔰木马免杀🔰信息安全🔰技能树🔰数据库泄露🔰

Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).

HaE - BurpSuite Highlighter and Extractor

Burpsuite-Plugins-Usage

myscan 被动扫描

intercepting kali router

这是基于Burp Suite官方文档翻译而来的中文版文档

百宝箱

Complete Listing and Usage of Tools used for Ethical Hacking

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT

A Burp plugin that collects Burp request parameters, directories, paths and file names into the database for sorting

|| Activate Burp Suite Pro with Loader and Key-Generator ||

CaA - BurpSuite Collector and Analyzer

OWASP VulnerableApp Project: For Security Enthusiasts by Security Enthusiasts.

Turn your Burp suite into headless active web application vulnerability scanner

jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints. This could help reveal cross-site script inclusion vulnerabilities or aid in bypassing content security policies.

A Burp Extender for checking for struts 2 RCE vulnerabilities.

BURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.

Awesome Burp Suite Resources. 400+ open source Burp plugins, 400+ posts and videos.

Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.

sqlmap4burp++是一款兼容Windows，mac，linux多个系统平台的Burp与sqlmap联动插件

Intercept, modify, repeat and attack Android's Binder transactions using Burp Suite

A burp extender that recalculate signature value automatically after you modified request parameter value.