Open Source Libs
Find Open Source Packages
Open Source Libraries
👉
Security
👉
Burp Extensions
67 Open Source Burp Extensions Software Projects
Free and open source burp extensions code projects including engines, APIs, generators, and tools.
D3vilbug Hackbar
818 ⭐
HackBar plugin for Burpsuite
Burpbounty
845 ⭐
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
Awesome Burp Suite
632 ⭐
Awesome Burp Suite Resources. 400+ open source Burp plugins, 400+ posts and videos.
Inql
630 ⭐
InQL - A Burp Extension for GraphQL Security Testing
Recaptcha
547 ⭐
reCAPTCHA = REcognize CAPTCHA: A Burp Suite Extender that recognize CAPTCHA and use for intruder payload 自动识别图形验证码并用于burp intruder爆破模块的插件
Domain_hunter
524 ⭐
A Burp Suite Extender that try to find all sub-domain, similar-domain and related-domain of an organization automatically! 基于流量自动收集整个企业或组织的子域名、相似域名、相关域名的burp插件
Knife
520 ⭐
A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅
Burpsuite Collections
562 ⭐
有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file
Burpsuite Secret_finder
417 ⭐
Burp Suite extension to discover apikeys/accesstokens and sensitive data from HTTP response.
Aes Killer
409 ⭐
Burp plugin to decrypt AES Encrypted traffic of mobile apps on the fly
Badintent
296 ⭐
Intercept, modify, repeat and attack Android's Binder transactions using Burp Suite
Gadgetprobe
302 ⭐
Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
Sqlmap4burp Plus Plus
240 ⭐
sqlmap4burp++是一款兼容Windows,mac,linux多个系统平台的Burp与sqlmap联动插件
Captcha Killer
236 ⭐
burp验证码识别接口调用插件
Pwnback
199 ⭐
Burp Extender plugin that generates a sitemap of a website using Wayback Machine
Burpcrypto
224 ⭐
BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite).
Headless Burp
186 ⭐
Automate security tests using Burp Suite.
Codingo Minesweeper
156 ⭐
A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Burp Molly Scanner
143 ⭐
Turn your Burp suite into headless active web application vulnerability scanner
Kapytein JSonp
125 ⭐
jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints. This could help reveal cross-site script inclusion vulnerabilities or aid in bypassing content security policies.
Burp Molly Pack
119 ⭐
Security checks pack for Burp Suite
Httpheadmodifer
95 ⭐
一款快速修改HTTP数据包头的Burp Suite插件
Burp Exporter
85 ⭐
Exporter is a Burp Suite extension to copy a request to the clipboard as multiple programming languages functions.
U2c
84 ⭐
Unicode To Chinese -- U2C : A burpsuite Extender That Convert Unicode To Chinese 【Unicode编码转中文的burp插件】
Swurg
81 ⭐
Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in their official BApp Store).
Sqli Query Tampering
90 ⭐
SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.
Mssqli Duet
77 ⭐
SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing
Cstc
73 ⭐
CSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef
Burpsuite Xkeys
116 ⭐
A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.
Bitblinder
62 ⭐
Burp extension helps in finding blind xss vulnerabilities
Virtualhost Payload Generator
60 ⭐
BURP extension providing a set of values for the HTTP request "Host" header for the "BURP Intruder" in order to abuse virtual host resolution.
Burp Piper
59 ⭐
Piper Burp Suite Extender plugin
Progress Burp
51 ⭐
Burp Suite extension to track vulnerability assessment progress
Sink Logger
46 ⭐
Transparently log all data passed into known JavaScript sinks - Sink Logger extension for Burp.
Typeerror Bookmarks
44 ⭐
A Burp Suite Extension to take back your repeater tabs
Resign
42 ⭐
A burp extender that recalculate signature value automatically after you modified request parameter value.
Burp Suite Error Message Checks
43 ⭐
Burp Suite extension to passively scan for applications revealing server error messages
Log Requests To Sqlite
42 ⭐
BURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.
Bearerauthtoken
38 ⭐
This burpsuite extender provides a solution on testing Enterprise applications that involve security Authorization tokens into every HTTP requests.Furthermore, this solution provides a better approach to solve the problem of Burp suite automated scanning failures when Authorization tokens exist.
Burp Flow
34 ⭐
Extension providing view with filtering capabilities for both complete and incomplete requests from all burp tools.
Burp Bounty
35 ⭐
Hae Java
31 ⭐
HaE-Java是基于Java开发的一款burpsuite插件,其支持自定义正则表达式,可扩展性强,并内置九种高亮颜色,可高亮(Highlight)标记敏感请求,并(And)提取(Extract)关键数据,方便后续深度挖掘。代码内部维护了一个简单的缓存池,burp界面响应速度佳。
Flarequench
30 ⭐
Burp Suite plugin that adds additional checks to the passive scanner to reveal the origin IP(s) of Cloudflare-protected web applications.
Bugbounty
56 ⭐
Bug Bounty stuffs, payloads, scripts, profiles, tips and tricks, ...
Xss Sql Fuzz
26 ⭐
burpsuite 插件对GP所有参数(过滤特殊参数)一键自动添加xss sql payload 进行fuzz
Graphql_beautifier
26 ⭐
Burp Suite extension to help make Graphql request more readable
Ctfhelper
25 ⭐
A simple Burp extension for scanning stuffs in CTF
Burp_suite_extension_ruby
23 ⭐
BurpSuite Extension Ruby Template to speed up building a Burp Extension using Ruby
Burp Wildcard
21 ⭐
Burp extension intended to compact Burp extension tabs by hijacking them to own tab.
Burpcontextawarefuzzer
22 ⭐
BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JSON; XML; GWT; binary) and following encoding-scheme applied originally.
Burp Suite Software Version Checks
23 ⭐
Burp extension to passively scan for applications revealing software version numbers
Burp Aem Scanner
26 ⭐
Burp Scanner extension to fingerprint and actively scan instances of the Adobe Experience Manager CMS. It checks the website for common misconfigurations and security holes.
Turbodataminer
19 ⭐
The objective of this Burp Suite extension is the flexible and dynamic extraction, correlation, and structured presentation of information from the Burp Suite project as well as the flexible and dynamic on-the-fly modification of outgoing or incoming HTTP requests using Python scripts. Thus, Turbo Data Miner shall aid in gaining a better and faster understanding of the data collected by Burp Suite.
Burp Suite JSonpath
18 ⭐
JSONPath extension for BurpSuite
Jdser Dcomp
16 ⭐
A Burp Extender plugin that will allow you to tamper with requests containing compressed, serialized java objects.
Teabreak
15 ⭐
A productivity burp extension which reminds to take break while you are at work!
Struts2 Rce
17 ⭐
A Burp Extender for checking for struts 2 RCE vulnerabilities.
Poi Slinger
15 ⭐
Automatically identify serialization issues in PHP Frameworks by means of an Burp Suite active scan
Burp Suite Utils
13 ⭐
Utilities for creating Burp Suite Extensions.
Burp Multistep Csrf Poc
14 ⭐
Burp extension to generate multi-step CSRF POC.
Burp Token Rewrite
12 ⭐
Burp extension for automated handling of CSRF tokens
Burp Tabnabbing Extension
11 ⭐
Burp Suite Professional extension in Java for Tabnabbing attack
Burp Suite Token Fetcher
10 ⭐
Burp Extender to add unique form tokens to scanner requests.
Gqlraider
12 ⭐
GQL Burp Extension
Burp Suite Gwt Scan
10 ⭐
Burp Suite plugin identifies insertion points for GWT (Google Web Toolkit) requests
bad-slug
11 ⭐
It becomes the extension of Burp suite. The cookie set by the BipIP server may include a private IP, which is an extension to detect that IP
bad-slug
10 ⭐
Target Redirector is a Burp Suite Extension written in Kotlin, which redirects all Burp requests destined for a chosen target to a different target of your choice. The hostname/IP, port and protocol (HTTP/HTTPS) can all be configured to an alternative destination.