PortSwigger / burp-extensions-montoya-api
Burp Extensions Api
☆136Updated last month
Related projects: ⓘ
- Examples for using the Montoya API with Burp Suite☆101Updated 9 months ago
- Burp Extension for a passive scanning JS files for endpoint links.☆159Updated 5 years ago
- Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.☆182Updated 3 months ago
- jolokia-exploitation-toolkit☆276Updated 5 months ago
- ☆395Updated 2 years ago
- ☆159Updated last month
- Burpsuite plugin for Interact.sh☆197Updated 2 months ago
- JMX enumeration and attacking tool.☆382Updated 5 months ago
- Burp Suite Extension - Trigger actions and reshape HTTP request/response and WebSocket traffic using configurable rules☆91Updated last week
- Subdomains analysis and generation tool. Reveal the hidden!☆229Updated this week
- HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite☆701Updated 3 years ago
- This tool is for letting you know how strong your disable_functions is and how you can bypass that.☆110Updated 4 years ago
- Generates a `php://filter` chain that adds a prefix and a suffix to the contents of a file.☆168Updated 3 months ago
- A collection of Server-Side Prototype Pollution gadgets and exploits☆124Updated 3 weeks ago
- CVE-2022-44268 ImageMagick Arbitrary File Read - Payload Generator☆270Updated last year
- A Burp extension helps identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violations,…☆344Updated 3 weeks ago
- SSRF plugin for burp Automates SSRF Detection in all of the Request☆548Updated 3 years ago
- This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a p…☆96Updated 5 months ago
- ☆72Updated 4 months ago
- ☆277Updated 2 years ago
- This repo contains all the injections mentioned in my talk and enumerators.☆117Updated 9 months ago
- Finding Java gadget chains with CodeQL☆158Updated last month
- Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease appli…☆210Updated this week
- Nuclei Templates to reproduce Cracking the lens's Research☆122Updated 2 years ago
- Burp Suite extension for bypassing client-side encryption for pentesting and bug bounty☆185Updated 2 months ago
- A rapid HTTP downgrade smuggling scanner written in Go.☆242Updated 4 months ago
- CVE-2023-33733 reportlab RCE☆109Updated last year
- CVE-2024-4367 & CVE-2024-34342 Proof of Concept☆112Updated 3 months ago
- Domains belonging to the most reputed public bug bounty programs. [NOT FOR NON-MONETARY OR PRIVATE PROGRAMS]☆212Updated 3 weeks ago
- SSRFuzz is a tool to find Server Side Request Forgery vulnerabilities, with CRLF chaining capabilities☆184Updated 3 years ago