Pinned Repositories
backslash-powered-scanner
Finds unknown classes of injection vulnerabilities
BChecks
BChecks collection for Burp Suite Professional and Burp Suite Enterprise Edition
collaborator-everywhere
A Burp Suite Pro extension which augments your proxy traffic by injecting non-invasive headers designed to reveal backend systems by causing pingbacks to Burp Collaborator
distribute-damage
Evenly distributes scanner load across targets
http-request-smuggler
httpoxy-scanner
A Burp Suite extension that checks for the HTTPoxy vulnerability.
param-miner
turbo-intruder
Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
upload-scanner
HTTP file upload scanner for Burp Proxy
xss-cheatsheet-data
This repository contains all the XSS cheatsheet data to allow contributions from the community.
PortSwigger's Repositories
PortSwigger/param-miner
PortSwigger/BChecks
BChecks collection for Burp Suite Professional and Burp Suite Enterprise Edition
PortSwigger/xss-cheatsheet-data
This repository contains all the XSS cheatsheet data to allow contributions from the community.
PortSwigger/bambdas
Bambdas collection for Burp Suite Professional and Community.
PortSwigger/replicator
Burp extension to help developers replicate findings from pen tests
PortSwigger/auth-analyzer
PortSwigger/software-vulnerability-scanner
Vulnerability scanner based on vulners.com search API
PortSwigger/highlighter-and-extractor
HaE - BurpSuite Highlighter and Extractor
PortSwigger/jwt-editor
A Burp Suite extension for creating and editing JSON Web Tokens. This tool supports signing and verification of JWS, encryption and decryption of JWE and automation of several well-known attacks against applications that consume JWT.
PortSwigger/reshaper
Burp Suite Extension - Trigger actions and reshape HTTP request and response traffic using configurable rules
PortSwigger/sensitive-discoverer
Introduction to CYS4-SensitiveDiscoverer, a Burp extension that discovers sensitive information inside HTTP messages.
PortSwigger/enterprise-reference-stack-for-aws
PortSwigger/get-all-parameters
Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist
PortSwigger/certsquirt
A golang PKI in less than 1000 lines of code.
PortSwigger/research-labs
This repository contains a number of insecure self-hosted applications that allows interested security engineers to test vulnerabilities found by Portswigger Research team.
PortSwigger/enterprise-helm-charts
Helm charts for BSEE Kubernetes installation.
PortSwigger/json-query
JSONPath extension for BurpSuite
PortSwigger/sign-saboteur
SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokens
PortSwigger/burp-suite-enterprise-edition-ami
PortSwigger/ci-cd-platform-scanning-examples
PortSwigger/cookie-monster
A Burp Suite plugin to easily manage cookies
PortSwigger/jwt-scanner
JWT-attacker Burp Extension
PortSwigger/asset-saver
Burp Suite extension for saving previously loaded assets
PortSwigger/copy-as-ffuf-command
Copy as FFUF Command for Burp Suite
PortSwigger/kerberos-upstream-proxy
PortSwigger/levo-burp-integration
Build OpenApi specs for your APIs from Burp's traffic using Levo.ai. Also detect the PII in your APIs.
PortSwigger/paste-curl-to-repeater
A Burp Suite extension to allow pasting cURL commands as raw HTTP requests in a new tab in Repeater.
PortSwigger/prototype-pollution-gadgets-finder
PortSwigger/sheet-intruder
Enables transparent use of Excel files in Burp Suite
PortSwigger/swagger-parser