burp-plugin

There are 146 repositories under burp-plugin topic.

  • aress31/burpgpt

    A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities and enables running traffic-based analysis of any type.

    Language:Java2k340234
  • bit4woo/knife

    A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅

    Language:Java1.6k2877200
  • summitt/Nope-Proxy

    TCP/UDP Non-HTTP Proxy Extension (NoPE) for Burp Suite.

    Language:Java1.6k5974237
  • d3vilbug/HackBar

    HackBar plugin for Burpsuite

    Language:Java1.6k652261
  • f0ng/captcha-killer-modified

    captcha-killer的修改版,支持关键词识别base64编码的图片,添加免费ocr库,用于验证码爆破,适配新版Burpsuite

    Language:Java1.6k2065150
  • whwlsfb/BurpCrypto

    BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). 支持多种加密算法或直接执行JS代码的用于爆破前端加密的BurpSuite插件

    Language:Java1.5k1446171
  • f0ng/autoDecoder

    Burp插件,根据自定义来达到对数据包的处理(适用于加解密、爆破等),类似mitmproxy,不同点在于经过了burp中转,在自动加解密的基础上,不影响APP、网站加解密正常逻辑等。

    Language:Java985103581
  • Quitten/Autorize

    Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests

    Language:Python9702582203
  • c0ny1/captcha-killer

    burp验证码识别接口调用插件

    Language:Java8831625120
  • nccgroup/AutoRepeater

    Automated HTTP Request Repeating With Burp Suite

    Language:Java8553471107
  • bit4woo/reCAPTCHA

    reCAPTCHA = REcognize CAPTCHA: A Burp Suite Extender that recognize CAPTCHA and use for intruder payload 自动识别图形验证码并用于burp intruder爆破模块的插件

    Language:Java8052220155
  • f0ng/log4j2burpscanner

    CVE-2021-44228 Log4j2 BurpSuite Scanner,Customize ceye.io api or other apis,including internal networks

    Language:Java8051163111
  • outlaws-bai/Galaxy

    一个想让你测试加密流量像测试明文一样简单高效的 Burp 插件。 A Burp plugin that makes testing encrypted traffic as simple and efficient as testing plaintext.

    Language:Java799122858
  • vaycore/OneScan

    OneScan 是一款用于递归目录扫描的 BurpSuite 插件

    Language:Java737103232
  • synacktiv/HopLa

    HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite

    Language:Java71313579
  • bit4woo/domain_hunter

    A Burp Suite Extension that try to find all sub-domain, similar-domain and related-domain of an organization automatically! 基于流量自动收集整个企业或组织的子域名、相似域名、相关域名的burp插件

    Language:Java667248130
  • Ebryx/AES-Killer

    Burp Plugin to decrypt AES encrypted traffic on the fly

    Language:Java6342515122
  • Acmesec/Sylas

    新一代子域名主/被动收集工具 - Subdomain automatic/passive collection tool

    Language:Java488121550
  • silentsignal/burp-log4shell

    Log4Shell scanner for Burp Suite

    Language:Kotlin480131472
  • doyensec/burpdeveltraining

    Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"

    Language:Java34730069
  • saoshao/DetSql

    Burp插件,快速探测可能存在SQL注入的请求并标记,提高测试效率

    Language:Java28921215
  • bit4woo/u2c

    Unicode To Chinese -- U2C : A burpsuite Extender That Convert Unicode To Chinese 【Unicode编码转中文的burp插件】

    Language:Java2374127
  • theLSA/burp-unauth-checker

    burpsuite extension for check unauthorized vulnerability

    Language:Python2307125
  • NetsOSS/headless-burp

    Automate security tests using Burp Suite.

    Language:Java223203156
  • usdAG/cstc

    CSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef

    Language:Java22352526
  • h3xstream/burp-retire-js

    Burp/ZAP/Maven extension that integrate Retire.js repository to find vulnerable Javascript libraries.

    Language:JavaScript200224956
  • codingo/Minesweeper

    A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

    Language:Python19818248
  • aress31/openapi-parser

    Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in their official BApp Store).

    Language:Java19675651
  • PyCript

    Anof-cyber/PyCript

    Burp Suite extension for bypassing client-side encryption for pentesting and bug bounty

    Language:Python1935926
  • simioni87/auth_analyzer

    Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.

    Language:Java18664249
  • moloch--/CSP-Bypass

    A Burp Plugin for Detecting Weaknesses in Content Security Policies

    Language:Python16314538
  • xer0times/SQLi-Query-Tampering

    SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.

    Language:Python1516123
  • GoSecure/csp-auditor

    Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a Website

    Language:Java13812734
  • yandex/burp-molly-pack

    Security checks pack for Burp Suite

    Language:Java13811319
  • hvqzao/burp-wildcard

    Burp extension intended to compact Burp extension tabs by hijacking them to own tab.

    Language:Java1287815
  • silentsignal/burp-piper

    Piper Burp Suite Extender plugin

    Language:Kotlin115122512