A natural evolution of Burp Suite's Repeater tool
☆201Feb 9, 2024Updated 2 years ago
Alternatives and similar repositories for Stepper
Users that are interested in Stepper are comparing it to the libraries listed below
Sorting:
- Burp Suite Extension to monitor new scope☆200Mar 31, 2021Updated 4 years ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…☆1,774Apr 26, 2024Updated last year
- Piper Burp Suite Extender plugin☆129Jan 14, 2026Updated last month
- Hacked together script for feeding urls into Burp's Sitemap☆92Dec 7, 2025Updated 2 months ago
- Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"☆356Oct 14, 2020Updated 5 years ago
- ☆562Mar 27, 2025Updated 11 months ago
- ☆95Sep 18, 2021Updated 4 years ago
- Burp Suite extension to discover assets from HTTP response.☆232Jan 22, 2025Updated last year
- Automated blind-xss search for Burp Suite☆285Oct 10, 2019Updated 6 years ago
- This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …☆260Oct 16, 2022Updated 3 years ago
- websocket-connection-smuggler☆66Jan 22, 2020Updated 6 years ago
- Custom scripts for the PIPER Burp extensions.☆97Sep 24, 2023Updated 2 years ago
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆303Feb 12, 2023Updated 3 years ago
- A simple SSRF-testing sheriff written in Go☆336Oct 31, 2024Updated last year
- Burp Extension for AWS Signing☆90Jan 10, 2025Updated last year
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆613Mar 4, 2021Updated 4 years ago
- ☆13Oct 3, 2023Updated 2 years ago
- The Serverless Blind XSS App☆338Feb 21, 2026Updated last week
- Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.☆469Nov 14, 2019Updated 6 years ago
- ☆32May 30, 2019Updated 6 years ago
- Match and Replace script used to automatically generate JSON option file to BurpSuite☆215May 13, 2019Updated 6 years ago
- ☆17Aug 3, 2021Updated 4 years ago
- A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques☆736May 4, 2019Updated 6 years ago
- This changes the style of Burp Suite's Repeater tabs to help the testers☆29Jul 3, 2019Updated 6 years ago
- ☆102May 5, 2020Updated 5 years ago
- Burp Extension for copying requests safely. It redacts headers like Cookie, Authorization and X-CSRF-Token for now. More support can be a…☆18May 17, 2020Updated 5 years ago
- A natural evolution of Burp Suite's Repeater tool☆94Sep 7, 2023Updated 2 years ago
- Prototype Pollution and useful Script Gadgets☆1,584Jan 27, 2024Updated 2 years ago
- A malicious LDAP server for JNDI injection attacks☆76Nov 15, 2024Updated last year
- A simple framework for sending test payloads for known web CVEs.☆132Dec 16, 2020Updated 5 years ago
- GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations☆406Dec 24, 2022Updated 3 years ago
- Detects request smuggling via HTTP/2 downgrades.☆94Jul 30, 2022Updated 3 years ago
- This repository includes a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard cer…☆295Jan 15, 2025Updated last year
- A curated list of amazingly awesome Burp Extensions☆3,372Feb 17, 2026Updated last week
- Burp Extension for a passive scanning JS files for endpoint links.☆815Mar 22, 2024Updated last year
- Client Side Prototype Pollution Scanner☆523Sep 17, 2022Updated 3 years ago
- Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.☆158Jul 10, 2025Updated 7 months ago
- An hourly updated list of subdomains gathered from certificate transparency logs☆349Oct 13, 2021Updated 4 years ago
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆953Dec 31, 2021Updated 4 years ago