burp-plugin
There are 146 repositories under burp-plugin topic.
aress31/burpgpt
A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities and enables running traffic-based analysis of any type.
bit4woo/knife
A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅
summitt/Nope-Proxy
TCP/UDP Non-HTTP Proxy Extension (NoPE) for Burp Suite.
d3vilbug/HackBar
HackBar plugin for Burpsuite
f0ng/captcha-killer-modified
captcha-killer的修改版,支持关键词识别base64编码的图片,添加免费ocr库,用于验证码爆破,适配新版Burpsuite
whwlsfb/BurpCrypto
BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). 支持多种加密算法或直接执行JS代码的用于爆破前端加密的BurpSuite插件
f0ng/autoDecoder
Burp插件,根据自定义来达到对数据包的处理(适用于加解密、爆破等),类似mitmproxy,不同点在于经过了burp中转,在自动加解密的基础上,不影响APP、网站加解密正常逻辑等。
Quitten/Autorize
Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
c0ny1/captcha-killer
burp验证码识别接口调用插件
nccgroup/AutoRepeater
Automated HTTP Request Repeating With Burp Suite
bit4woo/reCAPTCHA
reCAPTCHA = REcognize CAPTCHA: A Burp Suite Extender that recognize CAPTCHA and use for intruder payload 自动识别图形验证码并用于burp intruder爆破模块的插件
f0ng/log4j2burpscanner
CVE-2021-44228 Log4j2 BurpSuite Scanner,Customize ceye.io api or other apis,including internal networks
outlaws-bai/Galaxy
一个想让你测试加密流量像测试明文一样简单高效的 Burp 插件。 A Burp plugin that makes testing encrypted traffic as simple and efficient as testing plaintext.
vaycore/OneScan
OneScan 是一款用于递归目录扫描的 BurpSuite 插件
synacktiv/HopLa
HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite
bit4woo/domain_hunter
A Burp Suite Extension that try to find all sub-domain, similar-domain and related-domain of an organization automatically! 基于流量自动收集整个企业或组织的子域名、相似域名、相关域名的burp插件
Ebryx/AES-Killer
Burp Plugin to decrypt AES encrypted traffic on the fly
Acmesec/Sylas
新一代子域名主/被动收集工具 - Subdomain automatic/passive collection tool
silentsignal/burp-log4shell
Log4Shell scanner for Burp Suite
doyensec/burpdeveltraining
Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"
saoshao/DetSql
Burp插件,快速探测可能存在SQL注入的请求并标记,提高测试效率
bit4woo/u2c
Unicode To Chinese -- U2C : A burpsuite Extender That Convert Unicode To Chinese 【Unicode编码转中文的burp插件】
theLSA/burp-unauth-checker
burpsuite extension for check unauthorized vulnerability
NetsOSS/headless-burp
Automate security tests using Burp Suite.
usdAG/cstc
CSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef
h3xstream/burp-retire-js
Burp/ZAP/Maven extension that integrate Retire.js repository to find vulnerable Javascript libraries.
codingo/Minesweeper
A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
aress31/openapi-parser
Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in their official BApp Store).
Anof-cyber/PyCript
Burp Suite extension for bypassing client-side encryption for pentesting and bug bounty
simioni87/auth_analyzer
Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.
moloch--/CSP-Bypass
A Burp Plugin for Detecting Weaknesses in Content Security Policies
xer0times/SQLi-Query-Tampering
SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.
GoSecure/csp-auditor
Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a Website
yandex/burp-molly-pack
Security checks pack for Burp Suite
hvqzao/burp-wildcard
Burp extension intended to compact Burp extension tabs by hijacking them to own tab.
silentsignal/burp-piper
Piper Burp Suite Extender plugin