MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (+458.62%)
burp-token-rewriteBurp extension for automated handling of CSRF tokens
Stars: ✭ 15 (-48.28%)
burp-flowExtension providing view with filtering capabilities for both complete and incomplete requests from all burp tools.
Stars: ✭ 45 (+55.17%)
HackbarHackBar plugin for Burpsuite
Stars: ✭ 917 (+3062.07%)
Aes KillerBurp plugin to decrypt AES Encrypted traffic of mobile apps on the fly
Stars: ✭ 446 (+1437.93%)
Headless BurpAutomate security tests using Burp Suite.
Stars: ✭ 192 (+562.07%)
flarequenchBurp Suite plugin that adds additional checks to the passive scanner to reveal the origin IP(s) of Cloudflare-protected web applications.
Stars: ✭ 44 (+51.72%)
auth analyzerBurp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.
Stars: ✭ 77 (+165.52%)
SwurgParse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in their official BApp Store).
Stars: ✭ 94 (+224.14%)
Burpsuite CollectionsBurpSuite收集:包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程,欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar
Stars: ✭ 1,081 (+3627.59%)
RecaptchareCAPTCHA = REcognize CAPTCHA: A Burp Suite Extender that recognize CAPTCHA and use for intruder payload 自动识别图形验证码并用于burp intruder爆破模块的插件
Stars: ✭ 596 (+1955.17%)
Mssqli DuetSQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing
Stars: ✭ 82 (+182.76%)
BurpcryptoBurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite).
Stars: ✭ 350 (+1106.9%)
TurboDataMinerThe objective of this Burp Suite extension is the flexible and dynamic extraction, correlation, and structured presentation of information from the Burp Suite project as well as the flexible and dynamic on-the-fly modification of outgoing or incoming HTTP requests using Python scripts. Thus, Turbo Data Miner shall aid in gaining a better and fas…
Stars: ✭ 46 (+58.62%)
SQLi-Query-TamperingSQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.
Stars: ✭ 123 (+324.14%)
burp-suite-utilsUtilities for creating Burp Suite Extensions.
Stars: ✭ 19 (-34.48%)
CstcCSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef
Stars: ✭ 91 (+213.79%)
burp-wildcardBurp extension intended to compact Burp extension tabs by hijacking them to own tab.
Stars: ✭ 119 (+310.34%)
KnifeA burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅
Stars: ✭ 626 (+2058.62%)
googleauthenticatorBurp Suite plugin that dynamically generates Google 2FA codes for use in session handling rules (approved by PortSwigger for inclusion in their official BApp Store).
Stars: ✭ 18 (-37.93%)
burp-api-commoncommon methods that used by my burp extension projects
Stars: ✭ 29 (+0%)
GurpBurp Commander written in Go
Stars: ✭ 56 (+93.1%)
burp-piperPiper Burp Suite Extender plugin
Stars: ✭ 85 (+193.1%)
LiteOTPMulti OTP Spam Amp/Paralell threads
Stars: ✭ 50 (+72.41%)
burp-copy-as-ffufBurp Extension that copies a request and builds a FFUF skeleton
Stars: ✭ 77 (+165.52%)
argusArgus Advanced Remote & Local Keylogger For macOS and Windows
Stars: ✭ 87 (+200%)
MailRipV3SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.
Stars: ✭ 28 (-3.45%)
WriteupsThis repository contains writeups for various CTFs I've participated in (Including Hack The Box).
Stars: ✭ 61 (+110.34%)
Pwncatpwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
Stars: ✭ 904 (+3017.24%)
FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+10927.59%)
InqlInQL - A Burp Extension for GraphQL Security Testing
Stars: ✭ 715 (+2365.52%)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (+20.69%)
SubscraperSubdomain enumeration through various techniques
Stars: ✭ 265 (+813.79%)
ShonyDanzaA customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
Stars: ✭ 86 (+196.55%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (+11979.31%)
aquatoneA Tool for Domain Flyovers
Stars: ✭ 43 (+48.28%)
HopLaHopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite
Stars: ✭ 446 (+1437.93%)
OsmedeusFully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: ✭ 3,391 (+11593.1%)
SublertSublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
Stars: ✭ 699 (+2310.34%)
Awesome InfosecA curated list of awesome infosec courses and training resources.
Stars: ✭ 3,779 (+12931.03%)
SifterSifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (+1289.66%)
KaboomA tool to automate penetration tests
Stars: ✭ 322 (+1010.34%)
Slackor A Golang implant that uses Slack as a command and control server
Stars: ✭ 392 (+1251.72%)
AutorizeAutomatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
Stars: ✭ 406 (+1300%)
JusttryharderJustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Stars: ✭ 450 (+1451.72%)
Burpsuite Secret finderBurp Suite extension to discover apikeys/accesstokens and sensitive data from HTTP response.
Stars: ✭ 483 (+1565.52%)
BurpdeveltrainingMaterial for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"
Stars: ✭ 302 (+941.38%)
PwndocPentest Report Generator
Stars: ✭ 417 (+1337.93%)
Thc ArchiveAll releases of the security research group (a.k.a. hackers) The Hacker's Choice
Stars: ✭ 474 (+1534.48%)
Awesome OscpA curated list of awesome OSCP resources
Stars: ✭ 804 (+2672.41%)
AutorepeaterAutomated HTTP Request Repeating With Burp Suite
Stars: ✭ 546 (+1782.76%)
ScantronA distributed nmap / masscan scanning framework complete with an API client for automation workflows
Stars: ✭ 542 (+1768.97%)