779 Open source projects that are alternatives of or similar to Burp Suite Error Message Checks

Burp extension to passively scan for applications revealing software version numbers

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

HackBar plugin for Burpsuite

SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.

BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite).

Burp plugin to decrypt AES Encrypted traffic of mobile apps on the fly

Burp extension intended to compact Burp extension tabs by hijacking them to own tab.

Extension providing view with filtering capabilities for both complete and incomplete requests from all burp tools.

Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.

SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing

BurpSuite收集：包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程，欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar

Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in their official BApp Store).

CSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef

Burp extension for automated handling of CSRF tokens

A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅

Automate security tests using Burp Suite.

reCAPTCHA = REcognize CAPTCHA: A Burp Suite Extender that recognize CAPTCHA and use for intruder payload 自动识别图形验证码并用于burp intruder爆破模块的插件

Burp Suite plugin that adds additional checks to the passive scanner to reveal the origin IP(s) of Cloudflare-protected web applications.

Security checks pack for Burp Suite

Utilities for creating Burp Suite Extensions.

The objective of this Burp Suite extension is the flexible and dynamic extraction, correlation, and structured presentation of information from the Burp Suite project as well as the flexible and dynamic on-the-fly modification of outgoing or incoming HTTP requests using Python scripts. Thus, Turbo Data Miner shall aid in gaining a better and fas…

Burp Commander written in Go

burpsuite extension for extract information from data

Kali Live Build Scripts

Piper Burp Suite Extender plugin

SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.

Multi OTP Spam Amp/Paralell threads

Argus Advanced Remote & Local Keylogger For macOS and Windows

common methods that used by my burp extension projects

Burp Suite plugin that dynamically generates Google 2FA codes for use in session handling rules (approved by PortSwigger for inclusion in their official BApp Store).

Offensive Reverse Shell (Cheat Sheet)

Common Web Managers Fuzz Wordlists

pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

This Burp extension helps you to find usages of postMessage and recvMessage

HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite

Yet Another PHP Shell - The most complete PHP reverse shell

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

Fully automated offensive security framework for reconnaissance and vulnerability scanning

Next generation web scanner

A curated list of awesome OSCP resources

Burp Extension that copies a request and builds a FFUF skeleton

A Tool for Domain Flyovers

Subdomain enumeration through various techniques

Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

A curated list of awesome infosec courses and training resources.

burp验证码识别接口调用插件

Sifter aims to be a fully loaded Op Centre for Pentesters

A tool to automate penetration tests

A Golang implant that uses Slack as a command and control server

Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

Penetration Testing notes, resources and scripts

Burp Suite extension to discover apikeys/accesstokens and sensitive data from HTTP response.

Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"

Pentest Report Generator

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.