Pinned Repositories
backslash-powered-scanner
Finds unknown classes of injection vulnerabilities
BChecks
BChecks collection for Burp Suite Professional and Burp Suite Enterprise Edition
collaborator-everywhere
A Burp Suite Pro extension which augments your proxy traffic by injecting non-invasive headers designed to reveal backend systems by causing pingbacks to Burp Collaborator
distribute-damage
Evenly distributes scanner load across targets
http-request-smuggler
httpoxy-scanner
A Burp Suite extension that checks for the HTTPoxy vulnerability.
param-miner
turbo-intruder
Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
upload-scanner
HTTP file upload scanner for Burp Proxy
xss-cheatsheet-data
This repository contains all the XSS cheatsheet data to allow contributions from the community.
PortSwigger's Repositories
PortSwigger/upload-scanner
HTTP file upload scanner for Burp Proxy
PortSwigger/autowasp
BurpSuite Extension: A one-stop pen testing checklist and logger tool
PortSwigger/sqli-py
SQLiPy is a Python plugin for Burp Suite that integrates SQLMap using the SQLMap API.
PortSwigger/auto-repeater
Automated HTTP Request Repeating With Burp Suite
PortSwigger/js-miner
This tool tries to find interesting stuff inside static files; mainly JavaScript and JSON files.
PortSwigger/server-side-prototype-pollution
PortSwigger/nuclei-burp-integration
Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.
PortSwigger/exiftool-scanner
Burp extension, reads metadata using ExifTool
PortSwigger/iis-tilde-enumeration-scanner
Burp extension for exploiting IIS Tilde Enumeration vulnerability
PortSwigger/postman-importer
PortSwigger/route-vul-scan
Burpsuite - Route Vulnerable Scanning 递归式被动检测脆弱路径的burp插件
PortSwigger/burpkit
Next-gen BurpSuite penetration testing tool
PortSwigger/semgrepper
An extension to use Semgrep inside Burp Suite.
PortSwigger/aws-sigv4
Anvil Ventures' Burp extension for signing AWS requests with SigV4
PortSwigger/c-surfer
A CSRF guard hiding extension that keeps track of the latest guard value per session and update new requests accordingly
PortSwigger/directory-importer
This is a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an alternative to proxying bruteforcing tools through burp to catch the results.
PortSwigger/header-issue-reporter
Headers Burp Extension
PortSwigger/pesd-exporter
PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams
PortSwigger/request-randomizer
Randomize parts of requests with a session handling rule action.
PortSwigger/burp-auto-drop
Burp extension to automatically drop requests that match a certain regex.
PortSwigger/copy-headers-as-arguments
Copy request headers in -H format (cURL, Wfuzz, Gobuster etc.)
PortSwigger/gat-digital-integration
Burp and GAT Core Integration - Risk-based Information Security Management Platform
PortSwigger/look-over-there
PortSwigger/odata-explorer
OData Explorer is a Burp Suite extension specifically designed for black-box security testing of OData services.
PortSwigger/open-day
PortSwigger/blind-xss-injector
Burp Suite plugin to test for blind XSS vulnerabilities
PortSwigger/burptrast
Burp Plugin for Contrast Security
PortSwigger/copy-to-bcheck
BurpSuite extension to convert requests into bcheck scripts
PortSwigger/hacker-one-vulnerability-drafter
This Burp Suite Extension provides a custom context menu for sending Repeater requests or Scanner findings to HackerOne's vulnerability submission endpoint.
PortSwigger/heartbleed
Burp Heartbleed Extension