123 Open Source Burpsuite Software Projects
Free and open source burpsuite code projects including engines, APIs, generators, and tools.
Intruderpayloads 2714 ⭐
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
Burpbounty 1165 ⭐
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
Recaptcha 652 ⭐
reCAPTCHA = REcognize CAPTCHA: A Burp Suite Extender that recognize CAPTCHA and use for intruder payload 自动识别图形验证码并用于burp intruder爆破模块的插件
Burpsuitehttpsmuggler 571 ⭐
A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques
Burpsuite Collections 1440 ⭐
有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file
Burpa 455 ⭐
Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).
Burpsuite Secret_finder 417 ⭐
Burp Suite extension to discover apikeys/accesstokens and sensitive data from HTTP response.
Iprotate_burp_extension 536 ⭐
Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.
Autorize 473 ⭐
Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
Commodity Injection Signatures 288 ⭐
Burpcrypto 448 ⭐
BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). 支持多种加密算法或直接执行JS代码的用于爆破前端加密的BurpSuite插件
Codingo Minesweeper 168 ⭐
A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Content Bruteforcing Wordlist 182 ⭐
Wordlist for content(directory) bruteforce discovering with Burp or dirsearch
Rescope 238 ⭐
Rescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.
Burpdeveltraining 320 ⭐
Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"
Burp Exporter 142 ⭐
Exporter is a Burp Suite extension to copy a request to a file or the clipboard as multiple programming languages functions.
Swurg 99 ⭐
Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in their official BApp Store).
Sqli Query Tampering 118 ⭐
SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.
Cstc 103 ⭐
CSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef
Burpsuite Xkeys 158 ⭐
A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.
Bitblinder 77 ⭐
BurpSuite extension to inject custom cross-site scripting payloads on every form/request submitted to detect blind XSS vulnerabilities
Privatecollaborator 93 ⭐
A script for installing private Burp Collaborator with free Let's Encrypt SSL-certificate
Report Ng 60 ⭐
Generate MS Word template-based reports with HP WebInspect / Burp Suite Pro input, own custom data and knowledge base.
Burp Suite Error Message Checks 48 ⭐
Burp Suite extension to passively scan for applications revealing server error messages
Similar Request Excluder 44 ⭐
A Burp Suite extension that automatically marks similar requests as 'out-of-scope'.
Bearerauthtoken 42 ⭐
This burpsuite extender provides a solution on testing Enterprise applications that involve security Authorization tokens into every HTTP requests.Furthermore, this solution provides a better approach to solve the problem of Burp suite automated scanning failures when Authorization tokens exist.
Burp_data_collector 53 ⭐
A Burp plugin that collects Burp request parameters, directories, paths and file names into the database for sorting
Kaiiyer Webtech 44 ⭐
Identify the technologies used on websites. (Dig-deep into web tech from your terminal)
Burp Flow 42 ⭐
Extension providing view with filtering capabilities for both complete and incomplete requests from all burp tools.
Hae Java 31 ⭐
Flarequench 35 ⭐
Burp Suite plugin that adds additional checks to the passive scanner to reveal the origin IP(s) of Cloudflare-protected web applications.
Burp_suite_extension_ruby 23 ⭐
BurpSuite Extension Ruby Template to speed up building a Burp Extension using Ruby
Burpcontextawarefuzzer 30 ⭐
BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JSON; XML; GWT; binary) and following encoding-scheme applied originally.
Burp Suite Software Version Checks 30 ⭐
Burp extension to passively scan for applications revealing software version numbers
Burp Wildcard 44 ⭐
Burp extension intended to compact Burp extension tabs by hijacking them to own tab.
Turbodataminer 33 ⭐
The objective of this Burp Suite extension is the flexible and dynamic extraction, correlation, and structured presentation of information from the Burp Suite project as well as the flexible and dynamic on-the-fly modification of outgoing or incoming HTTP requests using Python scripts. Thus, Turbo Data Miner shall aid in gaining a better and faster understanding of the data collected by Burp Suite.
Web_security_testing 17 ⭐
Repository contains an online education portal filled with web vulnerabilities.
Web Penetration Testing With Kali Linux Third Edition 17 ⭐
Web Penetration Testing with Kali Linux - Third Edition, published by Packt
Poi Slinger 28 ⭐
Automatically identify serialization issues in PHP Frameworks by means of an Burp Suite active scan
Burp Suite Gwt Scan 12 ⭐
Burp Suite plugin identifies insertion points for GWT (Google Web Toolkit) requests
Null 11 ⭐
Burp Suite plugin that dynamically generates Google 2FA codes for use in session handling rules (approved by PortSwigger for inclusion in their official BApp Store).
Vulnrepo 151 ⭐
VULNRΞPO - Free vulnerability report generator and repository end-to-end encrypted. Complete templates of issues, CWE, CVE, MITRE ATT&CK, PCI DSS, AES encryption, Nmap/Nessus/Burp/OpenVAS issues import, Jira export, TXT/HTML/PDF report, attachments, automatic changelog, statistics, vulnerability management, Security report builder.
Null 124 ⭐
Burp Automator - A Burp Suite Automation Tool. It provides a high level CLI and Python interfaces to Burp Suite scanner and can be used to setup Dynamic Application Security Testing (DAST).
Null 87 ⭐
An extensible application for penetration testers and software developers to decode/encode data into various formats.
Null 67 ⭐
Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.
Null 62 ⭐
A Burp Suite plugin/extension that offers a shell in Burp. Both useful for OS Command injection and LFI exploration