burp-extensions

There are 290 repositories under burp-extensions topic.

  • Mr-xn/BurpSuite-collections

    有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file

    Language:HTML3.7k766695

  • aress31/burpgpt

    A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities and enables running traffic-based analysis of any type.

    Language:Java2.2k350273

  • API-Security/APIKit

    APIKit:Discovery, Scan and Audit APIs Toolkit All In One.

    Language:Java2.2k2272176

  • bit4woo/knife

    A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅

    Language:Java1.8k2881208

  • f0ng/captcha-killer-modified

    captcha-killer的修改版,支持关键词识别base64编码的图片,添加免费ocr库,用于验证码爆破,适配新版Burpsuite

    Language:Java1.8k2180167

  • wagiro/BurpBounty

    Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.

    Language:Java1.8k58103342
  • inql

    doyensec/inql

    InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.

    Language:Kotlin1.7k29107170

  • summitt/Nope-Proxy

    TCP/UDP Non-HTTP Proxy Extension (NoPE) for Burp Suite.

    Language:Java1.6k5776241

  • d3vilbug/HackBar

    HackBar plugin for Burpsuite

    Language:Java1.6k642257

  • whwlsfb/BurpCrypto

    BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). 支持多种加密算法或直接执行JS代码的用于爆破前端加密的BurpSuite插件

    Language:Java1.6k1548173

  • sleeyax/burp-awesome-tls

    Burp extension to evade TLS fingerprinting. Bypass WAF, spoof any browser.

    Language:Java1.6k137293

  • bit4woo/Fiora

    Fiora:漏洞PoC框架Nuclei的图形版。快捷搜索PoC、一键运行Nuclei。即可作为独立程序运行,也可作为burp插件使用。

    Language:Java1.3k1721148

  • vaycore/OneScan

    OneScan 是一款用于递归目录扫描的 BurpSuite 插件

    Language:Java1.2k103470

  • alphaSeclab/awesome-burp-suite

    Awesome Burp Suite Resources. 400+ open source Burp plugins, 400+ posts and videos.

    1k340252

  • c0ny1/captcha-killer

    burp验证码识别接口调用插件

    Language:Java9101525121

  • hisxo/ReconAIzer

    A Burp Suite extension to add OpenAI (GPT) on Burp and help you with your Bug Bounty recon to discover endpoints, params, URLs, subdomains and more!

    Language:Python8791010115

  • f0ng/log4j2burpscanner

    CVE-2021-44228 Log4j2 BurpSuite Scanner,Customize ceye.io api or other apis,including internal networks

    Language:Java8361163109

  • bit4woo/reCAPTCHA

    reCAPTCHA = REcognize CAPTCHA: A Burp Suite Extender that recognize CAPTCHA and use for intruder payload 自动识别图形验证码并用于burp intruder爆破模块的插件

    Language:Java8102120154

  • c0ny1/sqlmap4burp-plus-plus

    sqlmap4burp++是一款兼容Windows,mac,linux多个系统平台的Burp与sqlmap联动插件

    Language:Java782161081

  • synacktiv/HopLa

    HopLa Burp Suite Extender plugin - Brings AI capabilities, autocompletion support, and a set of useful payloads to Burp Suite

    Language:Java77612581

  • bit4woo/domain_hunter

    A Burp Suite Extension that try to find all sub-domain, similar-domain and related-domain of an organization automatically! 基于流量自动收集整个企业或组织的子域名、相似域名、相关域名的burp插件

    Language:Java677248130

  • Ebryx/AES-Killer

    Burp Plugin to decrypt AES encrypted traffic on the fly

    Language:Java6452415124

  • saoshao/DetSql

    Burp插件,快速探测可能存在SQL注入的请求并标记,提高测试效率

    Language:Java62642334

  • BishopFox/GadgetProbe

    Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.

    Language:Java60815197

  • Acmesec/Sylas

    新一代子域名主/被动收集工具 - Subdomain automatic/passive collection tool

    Language:Java493121551

  • silentsignal/burp-log4shell

    Log4Shell scanner for Burp Suite

    Language:Kotlin486121474

  • WuliRuler/AutorizePro

    🧿 AutorizePro是一款强大越权检测 Burp 插件,通过增加 AI 辅助分析 && 进一步优化检测逻辑,大幅降低误报率,提升越权漏洞检出效率。 [ AutorizePro is a authorization enforcement detection extension for burp suite. By adding Ai-assisted analysis, it significantly reduces the false positive rate and improves the efficiency of vulnerability detection.

    Language:Python44412111

  • volkandindar/agartha

    A Burp Suite extension for identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violations. It supports dynamic payload generation, including BCheck syntax, and can automatically generate Bambdas scripts. Additionally, it offers "Copy as JavaScript" to convert HTTP requests for enhanced XSS testing.

    Language:Python3765780

  • hisxo/JSpector

    A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues

    Language:Python3665339

  • 1ultimat3/BadIntent

    Intercept, modify, repeat and attack Android's Binder transactions using Burp Suite

    Language:Java32231849

  • vsec7/BurpSuite-Xkeys

    A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

    Language:Python28914361

  • prakharathreya/Struts2-RCE

    A Burp Extender for checking for struts 2 RCE vulnerabilities.

    2855141

  • c0ny1/HTTPHeadModifer

    一款快速修改HTTP数据包头的Burp Suite插件

    Language:Java2573138

  • bit4woo/u2c

    Unicode To Chinese -- U2C : A burpsuite Extender That Convert Unicode To Chinese 【Unicode编码转中文的burp插件】

    Language:Java2534127

  • f0ng/autoDecoder-usages

    autoDecoder的用法及案例,包含加解密方法、绕waf、替换参数等操作。

    Language:Python2492231

  • d3mondev/burp-vps-proxy

    This Burp Suite extension allows for the automatic creation and deletion of an upstream SOCKS5 proxy on popular cloud services.

    Language:Java2415228