a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to spot authentication/authorization issues, and converts Http requests to Javascript for further XSS exploitation.
☆30Oct 21, 2025Updated 4 months ago
Alternatives and similar repositories for agartha
Users that are interested in agartha are comparing it to the libraries listed below
Sorting:
- 资产测绘输出xlsx表格☆14Sep 10, 2024Updated last year
- A Burp extension to Fuzz URLs for HTTP parser inconsistencies☆12Jan 9, 2024Updated 2 years ago
- 爬取知识星球内容,并制作 PDF 电子书。☆15Mar 18, 2020Updated 5 years ago
- Used to AES encrypt shellcode, can take password or use built in default should be used with Iron Injector to generate and execute shellc…☆15Mar 18, 2022Updated 3 years ago
- 🕸️ A curated list of dark web (.onion) links — for educational and research purposes only. You can buy and read the Dark Web book based…☆38Sep 21, 2025Updated 5 months ago
- Automating SQL Injection in a list of URLs or Request Files☆13Aug 8, 2016Updated 9 years ago
- Spring Boot whitelabel error page SpEL rce EXP☆13May 24, 2024Updated last year
- A tool to generate OpenXML XXE Payloads written in Python3.☆16Aug 21, 2019Updated 6 years ago
- Get all NetNTLM Hashes via Different zero-click Methodologies from LLMNR Poisoning☆18Mar 16, 2022Updated 3 years ago
- 本项目是一个插件项目,用于演示插件的使用方法 快速打造自己的谷歌插件该项目使用 vue2.0 + webpack4.0 + less + es6 + vue-router + vuex + axios + element-ui + chrome-plugin 等其他插件开发…☆15Oct 18, 2023Updated 2 years ago
- A burp-suite plugin that extract all parameter names from in-scope requests☆29Nov 9, 2021Updated 4 years ago
- Fuzz WebSockets with custom Python code☆20Aug 21, 2024Updated last year
- 一个既可主动,又可被动提取链接的burp插件☆45Mar 29, 2024Updated last year
- ☆16Mar 11, 2024Updated last year
- Small tool to scan On-Premises Exchange servers, useful for analytical purposes and patch management☆20Aug 28, 2022Updated 3 years ago
- A steganography based shellcode hider to bypass AV☆17Aug 7, 2022Updated 3 years ago
- 使用java编写的CRLF-Injection-burp被动扫描插件☆45Dec 20, 2022Updated 3 years ago
- This repository contains a number of insecure self-hosted applications that allows interested security engineers to test vulnerabilities …☆26Apr 30, 2025Updated 10 months ago
- Sensitive Discoverer, a Burp extension to discovers sensitive information inside HTTP messages.☆50Jan 26, 2026Updated last month
- Scripts that automate portions of pentests.☆57Updated this week
- Burp Suite Extension for inserting a magic byte into responder's request☆24Sep 22, 2023Updated 2 years ago
- 红队自动化打点神器!!! ARL使用代理池联动nuclei,xray并通过企业微信机器人告警。☆26Sep 29, 2024Updated last year
- 使用 Java 实现的将 Burp 流量异步转发到 Xray 的 Burp 插件,内含多种功能☆16Jun 11, 2023Updated 2 years ago
- 结合chrome-devtools-mcp的能力并加上Skill的规范,实现JSRPC+Flask+autoDecoder方案的前端JS逆向自动化分析,提升JS逆向的效率☆56Feb 12, 2026Updated 3 weeks ago
- Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.☆215Nov 4, 2025Updated 4 months ago
- ☆26Dec 13, 2024Updated last year
- ☆28Jul 21, 2025Updated 7 months ago
- Bounty Prompt is an Open-Source Burp Suite extension by Bounty Security that leverages advanced AI via Burp AI and Groq AI. It enables us…☆115Feb 23, 2025Updated last year
- Get list of subsidiaries for a selected company☆31Dec 21, 2024Updated last year
- A Burp extension to detect and exploit versions of Telerik Web UI vulnerable to CVE-2017-9248.☆97Aug 14, 2018Updated 7 years ago
- Introduction to CYS4-SensitiveDiscoverer, a Burp extension that discovers sensitive information inside HTTP messages.☆23Nov 26, 2024Updated last year
- BurpSuite extension to convert requests into bcheck scripts☆33Jul 18, 2023Updated 2 years ago
- Nuclei template to detect Apache servers vulnerable to CVE-2024-38473☆29Aug 24, 2024Updated last year
- 与鉴权、认证、RABC、OAuth 等等一系列相关的笔记☆33Feb 1, 2025Updated last year
- A collection of awesome tools, books, resources, software, documents and cool stuff about IoT and HW security.☆33May 4, 2025Updated 10 months ago
- 一个用于修改右键插件菜单层级的Burpsuite插件。A simple BurpSuite extension to change extension context menu level.☆30Feb 4, 2024Updated 2 years ago
- 用于解决渗透测试加解密的难题,让你的burp像测试明文这么简单☆82Aug 10, 2025Updated 6 months ago
- Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.☆33Oct 13, 2022Updated 3 years ago
- Binary Ninja plugin to automate the process of generating pseudo-C code, running Semgrep over the pseudo-C, and presenting the results.☆34Feb 4, 2025Updated last year