#Burp-extensions

Showing 38 of 38 repositories tagged #burp-extensions, ranked by stars

aress31
aress31
burpgpt

A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities and enables running traffic-based analysis of any type.

Score
94
★ 2.3k ⑂ 284
Java
sleeyax
sleeyax
burp-awesome-tls

Burp extension to evade TLS fingerprinting. Bypass WAF, spoof any browser.

Score
0
★ 1.9k ⑂ 116 +12/day
Java
doyensec
doyensec
inql

InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.

Score
100
★ 1.8k ⑂ 188 +4/day
Kotlin
summitt
summitt
Nope-Proxy

TCP/UDP Non-HTTP Proxy Extension (NoPE) for Burp Suite.

Score
91
★ 1.7k ⑂ 240 +1/day
Java
whwlsfb
whwlsfb
BurpCrypto

BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). 支持多种加密算法或直接执行JS代码的用于爆破前端加密的BurpSuite插件

Score
88
★ 1.6k ⑂ 175 +2/day
Java
six2dez
six2dez
burp-ai-agent

Burp Suite extension that adds built-in MCP tooling, AI-assisted analysis, privacy controls, passive and active scanning and more

Score
0
★ 1.3k ⑂ 203 +4/day
Kotlin
WuliRuler
WuliRuler
AutorizePro

🧿 AutorizePro是一款强大越权检测 Burp 插件,通过增加 AI 辅助分析 && 进一步优化检测逻辑,大幅降低误报率,提升越权漏洞检出效率。 [ AutorizePro is a authorization enforcement detection extension for burp suite. By adding Ai-assisted analysis, it significantly reduces the false positive rate and improves the efficiency of vulnerability detection.

Score
100
★ 608 ⑂ 33
Python
volkandindar
volkandindar
agartha

A Burp Suite extension for identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violations. It supports dynamic payload generation, including BCheck syntax, and can automatically generate Bambdas scripts. Additionally, it offers "Copy as JavaScript" to convert HTTP requests for enhanced XSS testing.

Score
97
★ 400 ⑂ 81
Python
vsec7
vsec7
BurpSuite-Xkeys

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

Score
72
★ 313 ⑂ 67
Python
NetsOSS
NetsOSS
headless-burp

Automate security tests using Burp Suite.

Score
0
★ 235 ⑂ 57
Java
Anof-cyber
Anof-cyber
PyCript

Burp Suite extension to decrypt/encrypt any encrypted traffic (AES/RSA/Encodings and more) with custom code in any language

Score
84
★ 220 ⑂ 34
Java
codingo
codingo
Minesweeper

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

Score
66
★ 203 ⑂ 47
Python
moeinfatehi
moeinfatehi
Backup-Finder

A burp suite extension that reviews backup, old, temporary and unreferenced files on web server for sensitive information (OWASP WSTG-CONF-04, OTG-CONFIG-004)

Score
62
★ 166 ⑂ 27 +1/day
Java
Anof-cyber
Anof-cyber
ParaForge

A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing

Score
56
★ 142 ⑂ 19
Python
moeinfatehi
moeinfatehi
Admin-Panel_Finder

A burp suite extension that enumerates infrastructure and application admin interfaces (OTG-CONFIG-005)

Score
53
★ 122 ⑂ 21
Java
yeswehack
yeswehack
YesWeBurp

YesWeHack Api Extension for Burp

Score
50
★ 112 ⑂ 25
Kotlin
Keramas
Keramas
mssqli-duet

SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing

Score
44
★ 91 ⑂ 18
Python
Anof-cyber
Anof-cyber
PyCript-WebSocket

PyCript Websocket is now merge into https://github.com/Anof-cyber/PyCript, this repo is not available anymore.

Score
75
★ 82 ⑂ 9
Java
gnothiseautonlw
gnothiseautonlw
burp-shell-fwd-lfi

A Burp Suite plugin/extension that offers a shell in Burp. Both useful for OS Command injection and LFI exploration

Score
38
★ 79 ⑂ 16
Python
alpernae
alpernae
AIHTTPAnalyzer

AIHTTPAnalyzer revolutionizes web application security testing by bringing artificial intelligence capabilities to Burp Suite. This innovative extension harnesses the power of AI to automate vulnerability detection, provide intelligent analysis, and assist security professionals in identifying complex security issues.

Score
0
★ 77 ⑂ 20 +1/day
Java
Teycir
Teycir
BurpAPISecuritySuite

Burp Suite extension for API security testing with 15 attack types, 108+ payloads, intelligent fuzzing, BOLA/IDOR detection, AI integration, and automated reconnaissance. Supports REST/GraphQL/SOAP APIs with Nuclei, Turbo Intruder, and external tool integration. OWASP API Top 10 coverage.

Score
81
★ 73 ⑂ 9
Python
augustd
augustd
burp-suite-error-message-checks

Burp Suite extension to passively scan for applications revealing server error messages

Score
41
★ 66 ⑂ 24
Java
okuken
okuken
integrated-security-testing-environment

Integrated Security Testing Environment for Web Applications as Burp Extension.

Score
28
★ 62 ⑂ 5
Java
ztgrace
ztgrace
mole

Mole is a framework for identifying and exploiting out-of-band application vulnerabilities.

Score
31
★ 58 ⑂ 13
Python
chawdamrunal
chawdamrunal
JWTLens

JWTLens - Burp Suite extension for automated JWT security testing. 62 checks: passive scanning, algorithm confusion, signature bypass, KID injection, weak secret brute force, and a built-in JWT Forge tab. Works automatically as you browse.

Score
78
★ 55 ⑂ 9
Java
mgeeky
mgeeky
burpContextAwareFuzzer

BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JSON; XML; GWT; binary) and following encoding-scheme applied originally.

Score
25
★ 41 ⑂ 15
Python
ZishanAdThandar
ZishanAdThandar
HackerProxyPro

Burp Suite Proxy Toggler Lite Add-on for Mozilla Firefox.

Score
59
★ 36 ⑂ 7
JavaScript
intrudir
intrudir
BypassFuzzer-Burp

The Java Burp Extension version of my BypassFuzzer tool

Score
69
★ 33 ⑂ 3
Java
augustd
augustd
burp-suite-software-version-checks

Burp extension to passively scan for applications revealing software version numbers

Score
22
★ 33 ⑂ 17
Java
yeswehack
yeswehack
BCheck-Burp-scripts

Bcheck scripts for Burp

Score
16
★ 31 ⑂ 6
rip1s
rip1s
CTFHelper

A simple Burp extension for scanning stuffs in CTF

Score
19
★ 30 ⑂ 10
Python
augustd
augustd
burp-suite-jsonpath

JSONPath extension for BurpSuite

Score
47
★ 30 ⑂ 9
Java
augustd
augustd
burp-suite-swaggy

Burp Suite extension for parsing Swagger web service definition files

Score
12
★ 20 ⑂ 7
Java
augustd
augustd
burp-suite-token-fetcher

Burp Extender to add unique form tokens to scanner requests.

Score
3
★ 14 ⑂ 4
Java
augustd
augustd
burp-suite-gwt-scan

Burp Suite plugin identifies insertion points for GWT (Google Web Toolkit) requests

Score
9
★ 13 ⑂ 7
Java
oneclick-burp
oneclick-burp
BurpFusion-Core

One-Click BurpSuite Installer with essential plugins for penetration testers

Score
6
★ 13 ⑂ 2
Batchfile
marksowell
marksowell
Info-Leakage

Burp Suite extension designed to help security professionals search for custom sensitive information in HTTP responses

Score
0
★ 10 ⑂ 1
Python
SnailSploit
SnailSploit
Burp-MCP-Security-Analysis-Toolkit

Burp MCP Security Analysis Toolkit

Score
34
★ 10 ⑂ 0
Python
Related Topics
#burpsuite#penetration-testing#burp-plugin#burp#pentesting#bugbounty#burpsuite-extender#hacking#java#security-tools#pentest#cybersecurity

© 2026 GitRepoTrend · GitHub repositories by topic · Updated weekly