Pinned Repositories
backslash-powered-scanner
Finds unknown classes of injection vulnerabilities
bambdas
Bambdas collection for Burp Suite Professional and Community.
BChecks
BChecks collection for Burp Suite Professional and Burp Suite DAST
burp-extensions-montoya-api
Burp Extensions Api
burp-extensions-montoya-api-examples
Examples for using the Montoya API with Burp Suite
extension-template-project
Contains a ready-to-use extension template to help you start writing your extension immediately.
http-request-smuggler
param-miner
turbo-intruder
Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
xss-cheatsheet-data
This repository contains all the XSS cheatsheet data to allow contributions from the community.
PortSwigger's Repositories
PortSwigger/turbo-intruder
Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
PortSwigger/http-request-smuggler
PortSwigger/bambdas
Bambdas collection for Burp Suite Professional and Community.
PortSwigger/ip-rotate
Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.
PortSwigger/burp-extensions-montoya-api-examples
Examples for using the Montoya API with Burp Suite
PortSwigger/hackvertor
PortSwigger/certsquirt
A golang PKI in less than 1000 lines of code.
PortSwigger/burp-suite-enterprise-edition-ami
PortSwigger/http-hacker
PortSwigger/websocket-turbo-intruder
Fuzz WebSockets with custom Python code
PortSwigger/enterprise-helm-charts
Helm charts for Burp Suite DAST Kubernetes installation.
PortSwigger/blazor-traffic-processor
PortSwigger/type-xplorer
Check all possible content-type misconfiguration between body and header
PortSwigger/extension-template-project
Contains a ready-to-use extension template to help you start writing your extension immediately.
PortSwigger/formatify
Formatify is a Burp Suite extension that instantly converts HTTP requests into multiple formats like cURL, Python, PowerShell, and more—saving time and streamlining your workflow. 🚀
PortSwigger/grpc-web-coder
Encode/Decode gRPC-Web payloads automatically. Copied from nxenon/grpc-pentest-suite
PortSwigger/harbringer
True HAR importer for Portswigger Burpsuite
PortSwigger/http-batch-tool
BurpFire (HTTP Batch Tool) is a Burp Suite extension designed to facilitate fast and bulk HTTP requests from a user-provided list of URLs. Ideal for pentesting, reconnaissance, and endpoint validation.
PortSwigger/http-history-to-pcap
Burp extension that enables export of selected traffic in Burp HTTP History tab to a PCAP file.
PortSwigger/linebreaker
LineBreaker – A Burp Suite extension that automatically enables newline view by default, making payload analysis cleaner and more readable. No more manual toggling—just break lines and break apps!
PortSwigger/curl-commander
Quickly converts curl commands into Burp Suite Repeater requests.
PortSwigger/cvss-v3-1-visual-calculator
💡 Burp Suite extension for calculating and visualizing CVSS v3.1 scores with an interactive UI and risk meter - perfect for quick reporting.
PortSwigger/inline-decoder
Burp Suite extension that automatically extracts and decodes values from HTTP responses into the Intruder Comment field.
PortSwigger/jwt-monitor
This Burp Suite extension monitors a provided JWT token for its expiration and replaces any already present JWT token in outgoing requests with the provided one
PortSwigger/organizer-notes
A Burp Suite extension that helps streamline your pentesting workflow by making note-taking effortless
PortSwigger/payloads-manager
A Burp Suite extension that helps you manage your custom payloads
PortSwigger/spring-boot-dump-scanner
This is to scan exposed heapdump and threaddump
PortSwigger/tick-tock-enumerator
Time Based Enumeration Burp Extension
PortSwigger/websocket-history-exporter
Plugin that adds a way to quickly export your WebSocket history in Burp Suite
PortSwigger/wordlist-importer
A Burp extension, written in Python, which allows seamless importing of wordlists hosted on the Internet directly into Burp Suite.