Pinned Repositories
backslash-powered-scanner
Finds unknown classes of injection vulnerabilities
BChecks
BChecks collection for Burp Suite Professional and Burp Suite Enterprise Edition
collaborator-everywhere
A Burp Suite Pro extension which augments your proxy traffic by injecting non-invasive headers designed to reveal backend systems by causing pingbacks to Burp Collaborator
distribute-damage
Evenly distributes scanner load across targets
http-request-smuggler
httpoxy-scanner
A Burp Suite extension that checks for the HTTPoxy vulnerability.
param-miner
turbo-intruder
Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
upload-scanner
HTTP file upload scanner for Burp Proxy
xss-cheatsheet-data
This repository contains all the XSS cheatsheet data to allow contributions from the community.
PortSwigger's Repositories
PortSwigger/logger-plus-plus
Burp Suite Logger++: Log activities of all the tools in Burp Suite
PortSwigger/auth-analyzer
PortSwigger/openapi-parser
Parse OpenAPI specifications, previously known as Swagger specifications, into the BurpSuite for automating RESTful API testing – approved by Burp for inclusion in their official BApp Store.
PortSwigger/ator
PortSwigger/co2
A collection of enhancements for Portswigger's popular Burp Suite web penetration testing tool.
PortSwigger/enterprise-reference-stack-for-aws
PortSwigger/xss-cheatsheet
PortSwigger/source-mapper
Burpsuite extension for injecting offline source maps for easier JavaScript debugging
PortSwigger/sharpener
PortSwigger/copy-as-go-request
Burp Suite extension to copy requests as Go
PortSwigger/add-to-tls-pass-through
Burp Extension to add context menus for configuration of the Add to TLS Pass Through setting
PortSwigger/copy-as-ffuf-command
Copy as FFUF Command for Burp Suite
PortSwigger/ci-cd-platform-scanning-examples
PortSwigger/cookie-monster
A Burp Suite plugin to easily manage cookies
PortSwigger/dradis-framework
Dradis Framework extension for Burp Suite
PortSwigger/dns-exfilnspector
Automagically decode DNS Exfiltration queries to convert Blind RCE into proper RCE via Burp Collaborator
PortSwigger/json-query
JSONPath extension for BurpSuite
PortSwigger/passkey-scanner
PortSwigger/jscriptor
Pre-Script and Post-Script like Postman extension for Burpsuite
PortSwigger/levo-burp-integration
Build OpenApi specs for your APIs from Burp's traffic using Levo.ai. Also detect the PII in your APIs.
PortSwigger/swagger-parser
PortSwigger/timeinator
Timeinator is an extension for Burp Suite that can be used to perform timing attacks over an unreliable network such as the internet.
PortSwigger/history-explorer
Simple extension to filter search results per host
PortSwigger/asset-saver
Burp Suite extension for saving previously loaded assets
PortSwigger/clickjacking-poc-generator
This BurpSuite extension facilitates the generation of Proof-of-Concept (PoC) code for Clickjacking vulnerabilities.
PortSwigger/faction-integration
The Faction Burp Suite Extension
PortSwigger/kerberos-upstream-proxy
PortSwigger/paste-curl-to-repeater
A Burp Suite extension to allow pasting cURL commands as raw HTTP requests in a new tab in Repeater.
PortSwigger/reproducer
Reproducer plugin for Burp Suite
PortSwigger/sheet-intruder
Enables transparent use of Excel files in Burp Suite