Bambdas collection for Burp Suite Professional and Community.
☆497Feb 25, 2026Updated last week
Alternatives and similar repositories for bambdas
Users that are interested in bambdas are comparing it to the libraries listed below
Sorting:
- BChecks collection for Burp Suite Professional and Burp Suite DAST☆770Jan 26, 2026Updated last month
- Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist☆1,497Jan 8, 2026Updated last month
- ☆139Nov 9, 2024Updated last year
- Extract URLs, paths, secrets, and other interesting bits from JavaScript☆1,773May 22, 2024Updated last year
- A python tool used to discover endpoints, potential parameters, a target specific wordlist for a given target and secrets☆1,529Jan 15, 2026Updated last month
- AI-powered ffuf wrapper☆646Dec 4, 2025Updated 3 months ago
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …☆753Dec 19, 2023Updated 2 years ago
- Burp Plugin to Bypass WAFs through the insertion of Junk Data☆1,426Jul 14, 2025Updated 7 months ago
- A collection of Burp Suite Lambda Filters ~ Bambdas☆30Oct 1, 2024Updated last year
- jsluice++ is a Burp Suite extension designed for passive and active scanning of JavaScript traffic using the CLI tool jsluice☆291Apr 9, 2024Updated last year
- A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.☆723Updated this week
- Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan, VirusTotal, GhostArchive & Intelligence X!☆2,552Updated this week
- CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.☆160Jul 2, 2024Updated last year
- De-clutter a list of URLs☆385Feb 3, 2026Updated last month
- An IIS short filename enumeration tool☆1,126Nov 25, 2024Updated last year
- Archive Alchemist is a tool for creating specially crafted archives to test extraction vulnerabilities.☆227Jul 24, 2025Updated 7 months ago
- Obtain GraphQL API schema even if the introspection is disabled☆1,396Dec 5, 2025Updated 3 months ago
- i will upload more templates here to share with the comunity.☆567Apr 17, 2024Updated last year
- how to look for Leaked Credentials !☆1,034May 6, 2024Updated last year
- A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.☆773Dec 9, 2025Updated 2 months ago
- Differential testing framework for HTTP implementations☆926Jan 21, 2026Updated last month
- A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon☆1,293Jan 26, 2024Updated 2 years ago
- Misconfig Mapper is a fast tool to help you uncover security misconfigurations on popular third-party services used by your company and/o…☆902Feb 23, 2026Updated last week
- declutters url lists for crawling/pentesting☆1,531Feb 23, 2025Updated last year
- The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.☆456Oct 3, 2023Updated 2 years ago
- A rapid HTTP downgrade smuggling scanner written in Go.☆313May 16, 2024Updated last year
- REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications☆1,294Aug 7, 2025Updated 6 months ago
- PwnFox is a Firefox/Burp extension that provide usefull tools for your security audit.☆1,292Aug 7, 2024Updated last year
- Save your dorking results to the terminal. A modified version of TomNomNom's amazing tool!☆98Mar 4, 2025Updated last year
- Nuclei plugin for BurpSuite☆1,322Oct 22, 2025Updated 4 months ago
- This repository stores some of my custom BCheck Scan configurations. Its goal is to identify intriguing elements that warrant further man…☆103Feb 9, 2024Updated 2 years ago
- 🚫 Advanced tool for security researchers to bypass 403/40X restrictions through smart techniques and adaptive request manipulation. Fast…☆1,519Updated this week
- ☆93Dec 4, 2025Updated 3 months ago
- ☆520Apr 29, 2024Updated last year
- ☆212Jul 11, 2024Updated last year
- ☆32Dec 28, 2023Updated 2 years ago
- Go scanner to find web cache poisoning vulnerabilities in a list of URLs☆148Feb 21, 2024Updated 2 years ago
- MapperPlus facilitates the extraction of source code from a collection of targets that have publicly exposed .js.map files.☆286Oct 5, 2024Updated last year
- Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.☆559Mar 8, 2025Updated 11 months ago