44 Open Source Burp Plugin Software Projects
Free and open source burp plugin code projects including engines, APIs, generators, and tools.
Recaptcha 547 ⭐
reCAPTCHA = REcognize CAPTCHA: A Burp Suite Extender that recognize CAPTCHA and use for intruder payload 自动识别图形验证码并用于burp intruder爆破模块的插件
Domain_hunter 524 ⭐
A Burp Suite Extender that try to find all sub-domain, similar-domain and related-domain of an organization automatically! 基于流量自动收集整个企业或组织的子域名、相似域名、相关域名的burp插件
Autorize 356 ⭐
Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
Burpcrypto 224 ⭐
BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite).
Codingo Minesweeper 156 ⭐
A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Burp Retire JS 151 ⭐
Csp Auditor 115 ⭐
Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a Website
Burpdeveltraining 174 ⭐
Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"
Wase 92 ⭐
The Web Audit Search Engine - Index and Search HTTP Requests and Responses in Web Application Audits with ElasticSearch
U2c 84 ⭐
Unicode To Chinese -- U2C : A burpsuite Extender That Convert Unicode To Chinese 【Unicode编码转中文的burp插件】
Swurg 81 ⭐
Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in their official BApp Store).
Sqli Query Tampering 90 ⭐
SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.
Mssqli Duet 77 ⭐
SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing
Cstc 73 ⭐
CSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef
Burp Suite Error Message Checks 43 ⭐
Burp Suite extension to passively scan for applications revealing server error messages
Burp Flow 34 ⭐
Extension providing view with filtering capabilities for both complete and incomplete requests from all burp tools.
Hae Java 31 ⭐
Flarequench 30 ⭐
Burp Suite plugin that adds additional checks to the passive scanner to reveal the origin IP(s) of Cloudflare-protected web applications.
Burp Aem Scanner 26 ⭐
Burp Scanner extension to fingerprint and actively scan instances of the Adobe Experience Manager CMS. It checks the website for common misconfigurations and security holes.
Burp Suite Software Version Checks 23 ⭐
Burp extension to passively scan for applications revealing software version numbers
Burp Wildcard 21 ⭐
Burp extension intended to compact Burp extension tabs by hijacking them to own tab.
Turbodataminer 19 ⭐
The objective of this Burp Suite extension is the flexible and dynamic extraction, correlation, and structured presentation of information from the Burp Suite project as well as the flexible and dynamic on-the-fly modification of outgoing or incoming HTTP requests using Python scripts. Thus, Turbo Data Miner shall aid in gaining a better and faster understanding of the data collected by Burp Suite.
Poi Slinger 15 ⭐
Automatically identify serialization issues in PHP Frameworks by means of an Burp Suite active scan
Burp Suite Gwt Scan 10 ⭐
Burp Suite plugin identifies insertion points for GWT (Google Web Toolkit) requests