burp-extensions
There are 255 repositories under burp-extensions topic.
Mr-xn/BurpSuite-collections
有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file
aress31/burpgpt
A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities, and enables running traffic-based analysis of any type.
API-Security/APIKit
APIKit:Discovery, Scan and Audit APIs Toolkit All In One.
wagiro/BurpBounty
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
summitt/Nope-Proxy
TCP/UDP Non-HTTP Proxy Extension (NoPE) for Burp Suite.
bit4woo/knife
A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅
d3vilbug/HackBar
HackBar plugin for Burpsuite
doyensec/inql
InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.
whwlsfb/BurpCrypto
BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). 支持多种加密算法或直接执行JS代码的用于爆破前端加密的BurpSuite插件
f0ng/captcha-killer-modified
captcha-killer的修改版,支持关键词识别base64编码的图片,添加免费ocr库,用于验证码爆破,适配新版Burpsuite
bit4woo/Fiora
Fiora:漏洞PoC框架Nuclei的图形版。快捷搜索PoC、一键运行Nuclei。即可作为独立程序运行,也可作为burp插件使用。
alphaSeclab/awesome-burp-suite
Awesome Burp Suite Resources. 400+ open source Burp plugins, 400+ posts and videos.
sleeyax/burp-awesome-tls
Burp extension to evade TLS fingerprinting. Bypass WAF, spoof any browser.
c0ny1/captcha-killer
burp验证码识别接口调用插件
hisxo/ReconAIzer
A Burp Suite extension to add OpenAI (GPT) on Burp and help you with your Bug Bounty recon to discover endpoints, params, URLs, subdomains and more!
bit4woo/reCAPTCHA
reCAPTCHA = REcognize CAPTCHA: A Burp Suite Extender that recognize CAPTCHA and use for intruder payload 自动识别图形验证码并用于burp intruder爆破模块的插件
f0ng/log4j2burpscanner
CVE-2021-44228 Log4j2 BurpSuite Scanner,Customize ceye.io api or other apis,including internal networks
c0ny1/sqlmap4burp-plus-plus
sqlmap4burp++是一款兼容Windows,mac,linux多个系统平台的Burp与sqlmap联动插件
bit4woo/domain_hunter
A Burp Suite Extension that try to find all sub-domain, similar-domain and related-domain of an organization automatically! 基于流量自动收集整个企业或组织的子域名、相似域名、相关域名的burp插件
Ebryx/AES-Killer
Burp Plugin to decrypt AES encrypted traffic on the fly
synacktiv/HopLa
HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite
vaycore/OneScan
OneScan是递归目录扫描的BurpSuite插件
BishopFox/GadgetProbe
Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
silentsignal/burp-log4shell
Log4Shell scanner for Burp Suite
Acmesec/Sylas
新一代子域名主/被动收集工具 - Subdomain automatic/passive collection tool
hisxo/JSpector
A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues
1ultimat3/BadIntent
Intercept, modify, repeat and attack Android's Binder transactions using Burp Suite
volkandindar/agartha
a burp extension creates dynamic payloads to reveal injection flaws(LFI, RCE, SQLi), generates user access tables to spot authentication/authorization issues, and copys Http requests as JavaScript code.
prakharathreya/Struts2-RCE
A Burp Extender for checking for struts 2 RCE vulnerabilities.
c0ny1/HTTPHeadModifer
一款快速修改HTTP数据包头的Burp Suite插件
vsec7/BurpSuite-Xkeys
A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.
bit4woo/u2c
Unicode To Chinese -- U2C : A burpsuite Extender That Convert Unicode To Chinese 【Unicode编码转中文的burp插件】
P3GLEG/PwnBack
Burp Extender plugin that generates a sitemap of a website using Wayback Machine
d3mondev/burp-vps-proxy
This Burp Suite extension allows for the automatic creation and deletion of an upstream SOCKS5 proxy on popular cloud services.
NetsOSS/headless-burp
Automate security tests using Burp Suite.
codingo/Minesweeper
A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).