A curated list of awesome Burp Extensions for bug hunter. groups by vulnerability types
Autorize - One Burp extension that kept cropping up here was Autorize, by Barak Tawily. Autorize helps you to test for authentication vulnerabilities, and can save you a lot of time in doing this.
Turbo Intruder : Turbo Intruder, by PortSwigger Research's James Kettle was another popular entry. Turbo Intruder enables automated attacks even where extreme speed or complexity is required.
JS Link Finder - Burp Extension for a passively scanning JavaScript files for endpoint links.
SQLiPy Sqlmap Integration - This extension integrates Burp Suite with SQLMap.
Burp NoSQLi Scanner - NoSQL Injection scans for Burp
InQL Scanner - A Comprehensive Burp Extension for GraphQL Security Testing.
Logger++ is a multithreaded logging extension for Burp Suite.
Param Miner - This extension identifies hidden, unlinked parameters. It's particularly useful for finding web cache poisoning vulnerabilities.
Upload Scanner - A Burp Suite Pro extension to do security tests for HTTP file uploads.