#Burpsuite

Showing 60 of 73 repositories tagged #burpsuite, ranked by stars

yaklang
yaklang
yakit

Cyber Security ALL-IN-ONE Platform

Score
100
★ 7.6k ⑂ 817 +6/day
TypeScript
infobyte
infobyte
faraday

Open Source Vulnerability Management Platform

Score
0
★ 6.6k ⑂ 1.1k +5/day
Python
gh0stkey
gh0stkey
HaE

HaE - Highlighter and Extractor, Empower ethical hacker for efficient operations. 赋能白帽,高效作战!

Score
100
★ 4.3k ⑂ 313 +35/day
Java
aress31
aress31
burpgpt

A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities and enables running traffic-based analysis of any type.

Score
88
★ 2.3k ⑂ 284
Java
hhhrrrttt222111
hhhrrrttt222111
Ethical-Hacking-Tools

Complete Listing and Usage of Tools used for Ethical Hacking

Score
87
★ 2.1k ⑂ 325 +3/day
sleeyax
sleeyax
burp-awesome-tls

Burp extension to evade TLS fingerprinting. Bypass WAF, spoof any browser.

Score
50
★ 1.9k ⑂ 116 +12/day
Java
doyensec
doyensec
inql

InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.

Score
100
★ 1.8k ⑂ 188 +4/day
Kotlin
summitt
summitt
Nope-Proxy

TCP/UDP Non-HTTP Proxy Extension (NoPE) for Burp Suite.

Score
85
★ 1.7k ⑂ 240 +1/day
Java
whwlsfb
whwlsfb
BurpCrypto

BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). 支持多种加密算法或直接执行JS代码的用于爆破前端加密的BurpSuite插件

Score
83
★ 1.6k ⑂ 175 +2/day
Java
nccgroup
nccgroup
AutoRepeater

Automated HTTP Request Repeating With Burp Suite

Score
78
★ 894 ⑂ 120
Java
RhinoSecurityLabs
RhinoSecurityLabs
IPRotate_Burp_Extension

Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.

Score
97
★ 894 ⑂ 150
Python
yhy0
yhy0
ChYing

承影,愿你在光影之间,找到属于自己的锋芒。开源的类 BurpSuite 应用 ChYing — may you find your own edge between light and shadow. An open-source, BurpSuite-like application.

Score
0
★ 710 ⑂ 65 +1/day
Go
WuliRuler
WuliRuler
AutorizePro

🧿 AutorizePro是一款强大越权检测 Burp 插件,通过增加 AI 辅助分析 && 进一步优化检测逻辑,大幅降低误报率,提升越权漏洞检出效率。 [ AutorizePro is a authorization enforcement detection extension for burp suite. By adding Ai-assisted analysis, it significantly reduces the false positive rate and improves the efficiency of vulnerability detection.

Score
100
★ 608 ⑂ 33
Python
kac89
kac89
vulnrepo

VULNRΞPO - Free vulnerability report generator and repository, end-to-end encrypted! Templates of issues, CWE,CVE,MITRE ATT&CK,PCI DSS, import Nmap/Nessus/Burp/OpenVAS/Bugcrowd/Trivy, Jira export, TXT/JSON/MARKDOWN/HTML/DOCX, attachments, automatic changelog, stats, vulnerability management, bugbounty, local ai/llm, super fast pentest reporting!

Score
98
★ 564 ⑂ 118 +1/day
TypeScript
0x4D31
0x4D31
burpa

Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).

Score
77
★ 535 ⑂ 116
Python
uttambodara
uttambodara
TryHackMeRoadmap

A list of 350+ free TryHackMe rooms💻 to kick off your cybersecurity learning, organized by topics for easy exploration and practical skill-building !💀💥

Score
95
★ 476 ⑂ 93 +3/day
Hunterdii
Hunterdii
TryHackMe-Roadmap

Hello, aspiring hackers! 🕵️‍♂️ Here’s a list of 500+ Free TryHackMe rooms to kickstart your cybersecurity journey. These rooms are absolutely free, and I’ve organized them by topic to help you dive in right away. 🛠️

Score
80
★ 471 ⑂ 123 +6/day
ossamayasserr
ossamayasserr
WebAppPentestRoadmap

Roadmap for Web Application Penetration Testing | FREE Resources (Not Pirated)

Score
72
★ 447 ⑂ 87
Python
CervantesSec
CervantesSec
cervantes

Cervantes is an open-source, collaborative platform designed specifically for pentesters and red teams. It serves as a comprehensive management tool, streamlining the organization of projects, clients, vulnerabilities, and reports in a single, centralized location.

Score
92
★ 442 ⑂ 69 +1/day
C#
volkandindar
volkandindar
agartha

A Burp Suite extension for identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violations. It supports dynamic payload generation, including BCheck syntax, and can automatically generate Bambdas scripts. Additionally, it offers "Copy as JavaScript" to convert HTTP requests for enhanced XSS testing.

Score
93
★ 400 ⑂ 81
Python
frank-leitner
frank-leitner
portswigger-websecurity-academy

Writeups for PortSwigger WebSecurity Academy

Score
73
★ 386 ⑂ 121 +1/day
Python
hackcatml
hackcatml
frida-flutterproxy

Burp proxy flutter apps

Score
100
★ 350 ⑂ 78 +1/day
JavaScript
netsquare
netsquare
BrowserBruter

BrowserBruter is a powerful web form fuzzing automation tool designed for web security professionals and penetration testers. This Python-based tool leverages Selenium and Selenium-Wire to automate web form fuzzing, making it easier to identify potential vulnerabilities in web applications.

Score
75
★ 333 ⑂ 49
JavaScript
andreiverse
andreiverse
vaf

Vaf is a cross-platform very advanced and fast web fuzzer written in nim

Score
63
★ 318 ⑂ 44
Nim
vsec7
vsec7
BurpSuite-Xkeys

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

Score
67
★ 313 ⑂ 67
Python
sudosammy
sudosammy
knary

A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams/Lark/Telegram & Pushover support

Score
90
★ 305 ⑂ 52
Go
codesiddhant
codesiddhant
Jasmin-Ransomware

Jasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.

Score
65
★ 286 ⑂ 81
C#
raoshaab
raoshaab
Pen-Andro

Script to Automate installtion of Apps ,frida server and moving Burpsuite certificate to root folder

Score
67
★ 271 ⑂ 49
Shell
NetsOSS
NetsOSS
headless-burp

Automate security tests using Burp Suite.

Score
33
★ 235 ⑂ 57
Java
t3l3machus
t3l3machus
pentest-pivoting

A compact guide to network pivoting for penetration testings / CTF challenges.

Score
58
★ 226 ⑂ 44
Anof-cyber
Anof-cyber
PyCript

Burp Suite extension to decrypt/encrypt any encrypted traffic (AES/RSA/Encodings and more) with custom code in any language

Score
82
★ 220 ⑂ 34
Java
putsi
putsi
privatecollaborator

A script for installing private Burp Collaborator with free Let's Encrypt SSL-certificate

Score
55
★ 211 ⑂ 46
Shell
bl4de
bl4de
research

Bug Bounty writeups, Vulnerability Research, Tutorials, Tips&Tricks

Score
53
★ 211 ⑂ 46
JavaScript
codingo
codingo
Minesweeper

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

Score
52
★ 203 ⑂ 47
Python
dev-angelist
dev-angelist
eWPTv2-Notes

INE/eLearnSecurity Web Application Penetration Tester (eWPTv2) Notes

Score
48
★ 173 ⑂ 43 +1/day
bytebutcher
bytebutcher
burp-send-to

Adds a customizable "Send to..."-context-menu to your BurpSuite.

Score
40
★ 169 ⑂ 21
Java
moeinfatehi
moeinfatehi
Backup-Finder

A burp suite extension that reviews backup, old, temporary and unreferenced files on web server for sensitive information (OWASP WSTG-CONF-04, OTG-CONFIG-004)

Score
42
★ 166 ⑂ 27 +1/day
Java
six2dez
six2dez
burp-bounty-profiles

Burp Bounty profiles compilation, feel free to contribute!

Score
43
★ 151 ⑂ 37
BlitzBasic
Anof-cyber
Anof-cyber
ParaForge

A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing

Score
37
★ 142 ⑂ 19
Python
dev-angelist
dev-angelist
Ethical-Hacking-Tools

List, utilize and cheatsheet of Ethical Hacking tools

Score
45
★ 136 ⑂ 50
moeinfatehi
moeinfatehi
Admin-Panel_Finder

A burp suite extension that enumerates infrastructure and application admin interfaces (OTG-CONFIG-005)

Score
35
★ 122 ⑂ 21
Java
adityatelange
adityatelange
MobSleuth

Scripts to set up your own Android 📱 app hacking lab

Score
0
★ 100 ⑂ 15
Shell
blackhatruby
blackhatruby
BHR_Labs

Black Hat Ruby book | Lab files | Buy the book https://www.amazon.com/dp/B08JHSF6GT

Score
32
★ 91 ⑂ 32
Ruby
Anof-cyber
Anof-cyber
PyCript-WebSocket

PyCript Websocket is now merge into https://github.com/Anof-cyber/PyCript, this repo is not available anymore.

Score
68
★ 82 ⑂ 9
Java
cyspad
cyspad
Weaponize-Your-Burp

Weaponize Your Burp is a repository for automation your Bug Bounty Hunting mindset in Burp Suite

Score
0
★ 81 ⑂ 18
gnothiseautonlw
gnothiseautonlw
burp-shell-fwd-lfi

A Burp Suite plugin/extension that offers a shell in Burp. Both useful for OS Command injection and LFI exploration

Score
28
★ 79 ⑂ 16
Python
alpernae
alpernae
AIHTTPAnalyzer

AIHTTPAnalyzer revolutionizes web application security testing by bringing artificial intelligence capabilities to Burp Suite. This innovative extension harnesses the power of AI to automate vulnerability detection, provide intelligent analysis, and assist security professionals in identifying complex security issues.

Score
0
★ 77 ⑂ 20 +1/day
Java
augustd
augustd
burp-suite-error-message-checks

Burp Suite extension to passively scan for applications revealing server error messages

Score
30
★ 66 ⑂ 24
Java
okuken
okuken
integrated-security-testing-environment

Integrated Security Testing Environment for Web Applications as Burp Extension.

Score
27
★ 62 ⑂ 5
Java
chawdamrunal
chawdamrunal
JWTLens

JWTLens - Burp Suite extension for automated JWT security testing. 62 checks: passive scanning, algorithm confusion, signature bypass, KID injection, weak secret brute force, and a built-in JWT Forge tab. Works automatically as you browse.

Score
70
★ 55 ⑂ 9
Java
adeadfed
adeadfed
PwnFox-For-Chromium

A BurpSuite extension that allows you to use Chromium with PwnFox

Score
50
★ 52 ⑂ 5 +1/day
Java
swgee
swgee
BurpMCP

Burp Suite Extension with MCP Server to enhance manual application security testing

Score
57
★ 51 ⑂ 2
Java
mgeeky
mgeeky
burpContextAwareFuzzer

BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JSON; XML; GWT; binary) and following encoding-scheme applied originally.

Score
25
★ 41 ⑂ 15
Python
ThestaRY7
ThestaRY7
RouteVulScan-2.0

A passive recursive path probing extension for Burp Suite, built on the Montoya API with YAML rules and low-noise vulnerability detection.

Score
60
★ 41 ⑂ 0
Java
ZishanAdThandar
ZishanAdThandar
HackerProxyPro

Burp Suite Proxy Toggler Lite Add-on for Mozilla Firefox.

Score
38
★ 36 ⑂ 7
JavaScript
augustd
augustd
burp-suite-software-version-checks

Burp extension to passively scan for applications revealing software version numbers

Score
23
★ 33 ⑂ 17
Java
intrudir
intrudir
BypassFuzzer-Burp

The Java Burp Extension version of my BypassFuzzer tool

Score
62
★ 33 ⑂ 3
Java
akshatmiglani
akshatmiglani
Brute-force-for-login-bypass-on-a-local-website

This is a project to perform a BRUTE FORCE attack on a self hosted website to better the understanding of the importance of cybersecurity.

Score
20
★ 33 ⑂ 10
HTML
PacktPublishing
PacktPublishing
Web-Penetration-Testing-with-Kali-Linux-Third-Edition

Web Penetration Testing with Kali Linux - Third Edition, published by Packt

Score
22
★ 31 ⑂ 14
HTML
augustd
augustd
burp-suite-jsonpath

JSONPath extension for BurpSuite

Score
33
★ 30 ⑂ 9
Java
Related Topics
#penetration-testing#burp-extensions#hacking#bugbounty#pentesting#security#cybersecurity#burp-plugin#burp#security-tools#pentest#burpsuite-extender

© 2026 GitRepoTrend · GitHub repositories by topic · Updated weekly