PortSwigger / burp-extender-api

Related projects: ⓘ

• NickstaDB / SerialBrute
  Java serialization brute force attack tool.
  ☆123Updated 7 years ago
• irsl / jackson-rce-via-spel
  An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions
  ☆121Updated 6 years ago
• augustd / burp-suite-error-message-checks
  Burp Suite extension to passively scan for applications revealing server error messages
  ☆64Updated 9 months ago
• PortSwigger / scan-check-builder
  Burp Bounty is a extension of Burp Suite that improve an active and passive scanner by yourself. This extension requires Burp Suite Pro.
  ☆69Updated 2 years ago
• PortSwigger / freddy-deserialization-bug-finder
  ☆41Updated 4 years ago
• PortSwigger / java-serialized-payloads
  YSOSERIAL Integration with burp suite
  ☆40Updated 2 years ago
• PortSwigger / java-deserialization-scanner
  All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities
  ☆26Updated 2 years ago
• PortSwigger / command-injection-attacker
  SHELLING - a comprehensive OS command injection payload generator
  ☆104Updated 5 years ago
• siberas / sjet
  siberas JMX exploitation toolkit
  ☆127Updated last year
• summitt / burp-ysoserial
  YSOSERIAL Integration with burp suite
  ☆160Updated last year
• NetSPI / Burp-Extensions
  Central Repo for Burp extensions
  ☆146Updated 2 years ago
• 0ang3el / Unsafe-JAX-RS-Burp
  Burp Suite extension for JAX-RS
  ☆65Updated 7 years ago
• PortSwigger / nginx-alias-traversal
  Burp extension to detect alias traversal via NGINX misconfiguration at scale.
  ☆50Updated 2 years ago
• nccgroup / argumentinjectionhammer
  A Burp Extension designed to identify argument injection vulnerabilities.
  ☆115Updated 5 years ago
• PortSwigger / flow
  Extension providing view with filtering capabilities for both complete and incomplete requests from all burp tools.
  ☆24Updated 2 years ago
• Lopseg / Jsdir
  Jsdir is a Burp Suite extension that extracts hidden paths from js files and beautifies it for further reading.
  ☆112Updated 4 years ago
• NetSPI / BurpExtractor
  A Burp extension for generic extraction and reuse of data within HTTP requests and responses.
  ☆90Updated 2 years ago
• andresriancho / websocket-fuzzer
  HTML5 WebSocket message fuzzer
  ☆141Updated 5 years ago
• PortSwigger / json-web-token-attacker
  ☆107Updated 2 years ago
• PortSwigger / auth-matrix
  AuthMatrix is a Burp Suite extension that provides a simple way to test authorization in web applications and web services.
  ☆38Updated last year
• PortSwigger / taborator
  A Burp extension to show the Collaborator client in a tab
  ☆36Updated last year
• wuntee / BurpAuthzPlugin
  ☆75Updated 11 years ago
• lc / 230-OOB
  An Out-of-Band XXE server for retrieving file contents over FTP.
  ☆171Updated 4 years ago
• andresriancho / jwt-fuzzer
  JWT fuzzer
  ☆104Updated 6 years ago
• 5alt / ultrarelay
  poison and relay NTLM credentials
  ☆172Updated 5 years ago
• SaneBow / redirect-fuzzer
  Fuzzing script for redirect URL validator
  ☆48Updated 4 years ago
• righettod / log-requests-to-sqlite
  BURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.
  ☆61Updated last month
• yandex / burp-molly-pack
  Security checks pack for Burp Suite
  ☆137Updated 6 years ago
• bayotop / off-by-slash
  Burp extension to detect alias traversal via NGINX misconfiguration at scale.
  ☆251Updated 2 years ago
• h3xstream / http-script-generator
  ZAP/Burp plugin that generate script to reproduce a specific HTTP request (Intended for fuzzing or scripted attacks)
  ☆287Updated last year