Pinned Repositories
backslash-powered-scanner
Finds unknown classes of injection vulnerabilities
BChecks
BChecks collection for Burp Suite Professional and Burp Suite Enterprise Edition
collaborator-everywhere
A Burp Suite Pro extension which augments your proxy traffic by injecting non-invasive headers designed to reveal backend systems by causing pingbacks to Burp Collaborator
distribute-damage
Evenly distributes scanner load across targets
http-request-smuggler
httpoxy-scanner
A Burp Suite extension that checks for the HTTPoxy vulnerability.
param-miner
turbo-intruder
Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
upload-scanner
HTTP file upload scanner for Burp Proxy
xss-cheatsheet-data
This repository contains all the XSS cheatsheet data to allow contributions from the community.
PortSwigger's Repositories
PortSwigger/turbo-intruder
Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
PortSwigger/param-miner
PortSwigger/BChecks
BChecks collection for Burp Suite Professional and Burp Suite Enterprise Edition
PortSwigger/backslash-powered-scanner
Finds unknown classes of injection vulnerabilities
PortSwigger/bypass-bot-detection
Burp Suite extension that mutates ciphers to bypass TLS-fingerprint based bot detection
PortSwigger/bambdas
Bambdas collection for Burp Suite Professional and Community.
PortSwigger/burp-extensions-montoya-api
Burp Extensions Api
PortSwigger/burp-extensions-montoya-api-examples
Examples for using the Montoya API with Burp Suite
PortSwigger/hackvertor
PortSwigger/url-cheatsheet-data
This is the data that powers the PortSwigger URL validation bypass cheat sheet.
PortSwigger/ai-http-analyzer
AIHTTPAnalyzer revolutionizes web application security testing by bringing artificial intelligence capabilities to Burp Suite. This innovative extension harnesses the power of AI to automate vulnerability detection, provide intelligent analysis, and assist security professionals in identifying complex security issues.
PortSwigger/spoofproof
PortSwigger/certsquirt
A golang PKI in less than 1000 lines of code.
PortSwigger/shadow-repeater
PortSwigger/enterprise-helm-charts
Helm charts for BSEE Kubernetes installation.
PortSwigger/trufflehog-integration
Official TruffleHog Burp Suite Extension. Scan Burp Suite traffic for 800+ different types of secrets (API keys, passwords, SSH keys, etc) using TruffleHog.
PortSwigger/burp-suite-enterprise-edition-ami
PortSwigger/burp-variables
Burp Suite extension that extends Burp to support storing and reusing variables in requests
PortSwigger/faraday
Faraday Burp Extension
PortSwigger/ai-prompt-fuzzer
Burp extension to fuzz/brute force GenAI/LLM prompts using a list of various payloads.
PortSwigger/html-content-extractor
Burp extension to filter HTML elements on the fly with CSS selectors in the HTTP message viewer.
PortSwigger/raw-hexler
PortSwigger/timestamp-injector
Burp Suite Extension to inject timestamps into HTTP requests
PortSwigger/429-bypasser
PortSwigger/copy-as-python-httpx
It helps you to export HTTP/1.1 and HTTP/2 requests for use in Python.
PortSwigger/extension-template-project-wrapper
Contains a ready-to-use extension template to help you start writing your extension immediately.
PortSwigger/java-object-deserializer
BurpJDSer-ng
PortSwigger/json-unicode-escaper
Burp Extender providing JSON Unicode-escaping/unescaping capabilities
PortSwigger/report-lm
PortSwigger/sticky-burp
A Burp Suite extension written in Kotlin that enables persistent sticky session handling in web application testing. Built with the Montoya API and modern Kotlin tooling.