#Burpsuite
Showing 60 of 73 repositories tagged #burpsuite, ranked by stars
Cyber Security ALL-IN-ONE Platform
Open Source Vulnerability Management Platform
HaE - Highlighter and Extractor, Empower ethical hacker for efficient operations. 赋能白帽,高效作战!
A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities and enables running traffic-based analysis of any type.
Complete Listing and Usage of Tools used for Ethical Hacking
Burp extension to evade TLS fingerprinting. Bypass WAF, spoof any browser.
InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.
TCP/UDP Non-HTTP Proxy Extension (NoPE) for Burp Suite.
BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). 支持多种加密算法或直接执行JS代码的用于爆破前端加密的BurpSuite插件
Automated HTTP Request Repeating With Burp Suite
Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.
承影,愿你在光影之间,找到属于自己的锋芒。开源的类 BurpSuite 应用 ChYing — may you find your own edge between light and shadow. An open-source, BurpSuite-like application.
🧿 AutorizePro是一款强大越权检测 Burp 插件,通过增加 AI 辅助分析 && 进一步优化检测逻辑,大幅降低误报率,提升越权漏洞检出效率。 [ AutorizePro is a authorization enforcement detection extension for burp suite. By adding Ai-assisted analysis, it significantly reduces the false positive rate and improves the efficiency of vulnerability detection.
VULNRΞPO - Free vulnerability report generator and repository, end-to-end encrypted! Templates of issues, CWE,CVE,MITRE ATT&CK,PCI DSS, import Nmap/Nessus/Burp/OpenVAS/Bugcrowd/Trivy, Jira export, TXT/JSON/MARKDOWN/HTML/DOCX, attachments, automatic changelog, stats, vulnerability management, bugbounty, local ai/llm, super fast pentest reporting!
Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).
A list of 350+ free TryHackMe rooms💻 to kick off your cybersecurity learning, organized by topics for easy exploration and practical skill-building !💀💥
Hello, aspiring hackers! 🕵️♂️ Here’s a list of 500+ Free TryHackMe rooms to kickstart your cybersecurity journey. These rooms are absolutely free, and I’ve organized them by topic to help you dive in right away. 🛠️
Roadmap for Web Application Penetration Testing | FREE Resources (Not Pirated)
Cervantes is an open-source, collaborative platform designed specifically for pentesters and red teams. It serves as a comprehensive management tool, streamlining the organization of projects, clients, vulnerabilities, and reports in a single, centralized location.
A Burp Suite extension for identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violations. It supports dynamic payload generation, including BCheck syntax, and can automatically generate Bambdas scripts. Additionally, it offers "Copy as JavaScript" to convert HTTP requests for enhanced XSS testing.
Writeups for PortSwigger WebSecurity Academy
Burp proxy flutter apps
BrowserBruter is a powerful web form fuzzing automation tool designed for web security professionals and penetration testers. This Python-based tool leverages Selenium and Selenium-Wire to automate web form fuzzing, making it easier to identify potential vulnerabilities in web applications.
Vaf is a cross-platform very advanced and fast web fuzzer written in nim
A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.
A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams/Lark/Telegram & Pushover support
Jasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.
Script to Automate installtion of Apps ,frida server and moving Burpsuite certificate to root folder
Automate security tests using Burp Suite.
A compact guide to network pivoting for penetration testings / CTF challenges.
Burp Suite extension to decrypt/encrypt any encrypted traffic (AES/RSA/Encodings and more) with custom code in any language
A script for installing private Burp Collaborator with free Let's Encrypt SSL-certificate
Bug Bounty writeups, Vulnerability Research, Tutorials, Tips&Tricks
A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
INE/eLearnSecurity Web Application Penetration Tester (eWPTv2) Notes
Adds a customizable "Send to..."-context-menu to your BurpSuite.
A burp suite extension that reviews backup, old, temporary and unreferenced files on web server for sensitive information (OWASP WSTG-CONF-04, OTG-CONFIG-004)
Burp Bounty profiles compilation, feel free to contribute!
A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing
List, utilize and cheatsheet of Ethical Hacking tools
A burp suite extension that enumerates infrastructure and application admin interfaces (OTG-CONFIG-005)
Scripts to set up your own Android 📱 app hacking lab
Black Hat Ruby book | Lab files | Buy the book https://www.amazon.com/dp/B08JHSF6GT
PyCript Websocket is now merge into https://github.com/Anof-cyber/PyCript, this repo is not available anymore.
Weaponize Your Burp is a repository for automation your Bug Bounty Hunting mindset in Burp Suite
A Burp Suite plugin/extension that offers a shell in Burp. Both useful for OS Command injection and LFI exploration
AIHTTPAnalyzer revolutionizes web application security testing by bringing artificial intelligence capabilities to Burp Suite. This innovative extension harnesses the power of AI to automate vulnerability detection, provide intelligent analysis, and assist security professionals in identifying complex security issues.
Burp Suite extension to passively scan for applications revealing server error messages
Integrated Security Testing Environment for Web Applications as Burp Extension.
JWTLens - Burp Suite extension for automated JWT security testing. 62 checks: passive scanning, algorithm confusion, signature bypass, KID injection, weak secret brute force, and a built-in JWT Forge tab. Works automatically as you browse.
A BurpSuite extension that allows you to use Chromium with PwnFox
Burp Suite Extension with MCP Server to enhance manual application security testing
BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JSON; XML; GWT; binary) and following encoding-scheme applied originally.
A passive recursive path probing extension for Burp Suite, built on the Montoya API with YAML rules and low-noise vulnerability detection.
Burp Suite Proxy Toggler Lite Add-on for Mozilla Firefox.
Burp extension to passively scan for applications revealing software version numbers
The Java Burp Extension version of my BypassFuzzer tool
This is a project to perform a BRUTE FORCE attack on a self hosted website to better the understanding of the importance of cybersecurity.
Web Penetration Testing with Kali Linux - Third Edition, published by Packt
JSONPath extension for BurpSuite