BurpbountyBurp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
Stars: ✭ 1,026 (+734.15%)
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (+31.71%)
frida setupOne-click installer for Frida and Burp certs for SSL Pinning bypass
Stars: ✭ 47 (-61.79%)
RecaptchareCAPTCHA = REcognize CAPTCHA: A Burp Suite Extender that recognize CAPTCHA and use for intruder payload 自动识别图形验证码并用于burp intruder爆破模块的插件
Stars: ✭ 596 (+384.55%)
burp-flowExtension providing view with filtering capabilities for both complete and incomplete requests from all burp tools.
Stars: ✭ 45 (-63.41%)
Jasmin-RansomwareJasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.
Stars: ✭ 84 (-31.71%)
flarequenchBurp Suite plugin that adds additional checks to the passive scanner to reveal the origin IP(s) of Cloudflare-protected web applications.
Stars: ✭ 44 (-64.23%)
CstcCSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef
Stars: ✭ 91 (-26.02%)
Aes KillerBurp plugin to decrypt AES Encrypted traffic of mobile apps on the fly
Stars: ✭ 446 (+262.6%)
burp-wildcardBurp extension intended to compact Burp extension tabs by hijacking them to own tab.
Stars: ✭ 119 (-3.25%)
Burpsuite CollectionsBurpSuite收集:包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程,欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar
Stars: ✭ 1,081 (+778.86%)
auth analyzerBurp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.
Stars: ✭ 77 (-37.4%)
TurboDataMinerThe objective of this Burp Suite extension is the flexible and dynamic extraction, correlation, and structured presentation of information from the Burp Suite project as well as the flexible and dynamic on-the-fly modification of outgoing or incoming HTTP requests using Python scripts. Thus, Turbo Data Miner shall aid in gaining a better and fas…
Stars: ✭ 46 (-62.6%)
burp-suite-utilsUtilities for creating Burp Suite Extensions.
Stars: ✭ 19 (-84.55%)
BurpcryptoBurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite).
Stars: ✭ 350 (+184.55%)
burp-token-rewriteBurp extension for automated handling of CSRF tokens
Stars: ✭ 15 (-87.8%)
HackbarHackBar plugin for Burpsuite
Stars: ✭ 917 (+645.53%)
vafVaf is a cross-platform very advanced and fast web fuzzer written in nim
Stars: ✭ 294 (+139.02%)
KnifeA burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅
Stars: ✭ 626 (+408.94%)
SwurgParse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in their official BApp Store).
Stars: ✭ 94 (-23.58%)
Headless BurpAutomate security tests using Burp Suite.
Stars: ✭ 192 (+56.1%)
RescopeRescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.
Stars: ✭ 156 (+26.83%)
KnaryA simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support
Stars: ✭ 187 (+52.03%)
IntruderpayloadsA collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
Stars: ✭ 2,779 (+2159.35%)
Awesome Bugbounty WriteupsA curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
Stars: ✭ 2,429 (+1874.8%)
Reconky-Automated Bash ScriptReconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
Stars: ✭ 167 (+35.77%)
PinaakA vulnerability fuzzing tool written in bash, it contains the most commonly used tools to perform vulnerability scan
Stars: ✭ 69 (-43.9%)
NightingaleIt's a Docker Environment for pentesting which having all the required tool for VAPT.
Stars: ✭ 119 (-3.25%)
Bucket-FlawsBucket Flaws ( S3 Bucket Mass Scanner ): A Simple Lightweight Script to Check for Common S3 Bucket Misconfigurations
Stars: ✭ 43 (-65.04%)
aquatoneA Tool for Domain Flyovers
Stars: ✭ 43 (-65.04%)
sub404A python tool to check subdomain takeover vulnerability
Stars: ✭ 205 (+66.67%)
swiss-bugbounty-programsList of bug bounty and coordinated vulnerability disclosure programs of companies/organisations in Switzerland
Stars: ✭ 25 (-79.67%)
SubcertSubcert is an subdomain enumeration tool, that finds all the subdomains from certificate transparency logs.
Stars: ✭ 58 (-52.85%)
Offensive DockerOffensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Stars: ✭ 328 (+166.67%)
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (+313.82%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+5791.06%)
SubdomainizerA tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.
Stars: ✭ 915 (+643.9%)
DeadDNSDNS hijacking via dead records automation tool
Stars: ✭ 44 (-64.23%)
RenginereNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
Stars: ✭ 3,439 (+2695.93%)
SuboverA Powerful Subdomain Takeover Tool
Stars: ✭ 607 (+393.5%)
burp-copy-as-ffufBurp Extension that copies a request and builds a FFUF skeleton
Stars: ✭ 77 (-37.4%)
Awesome BbhtA bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.
Stars: ✭ 190 (+54.47%)
Di.we.hRepositório com conteúdo sobre web hacking em português
Stars: ✭ 156 (+26.83%)
VPS-Bug-Bounty-ToolsScript that automates the installation of the main tools used for web application penetration testing and Bug Bounty.
Stars: ✭ 44 (-64.23%)
Cracker-ToolAll in One CRACKER911181's Tool. This Tool For Hacking and Pentesting. 🎭
Stars: ✭ 181 (+47.15%)
BbrAn open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.
Stars: ✭ 142 (+15.45%)
ReconftwreconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (+691.87%)
BlackwidowA Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (+621.14%)