A Burp Suite Extension for Application Penetration Testing to map flows and vulnerabilities
☆119Nov 23, 2023Updated 2 years ago
Alternatives and similar repositories for pentest-mapper
Users that are interested in pentest-mapper are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.☆31Jun 22, 2023Updated 2 years ago
- ☆21Oct 9, 2017Updated 8 years ago
- Automatic Bug finder with buprsuite☆166Mar 6, 2023Updated 3 years ago
- A burpsuite extension that helps security researchers find public security reports published on h1 based on the selected host☆42May 9, 2020Updated 5 years ago
- This extension provides a way to discover NoSQL injection vulnerabilities.☆10Feb 1, 2021Updated 5 years ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- This repository is for the Testing ASP.NET ViewState with YSoNet (YSoSerial.NET) workshop.☆24Dec 17, 2025Updated 4 months ago
- BurpSiute - BurpBounty Profiles☆20Feb 10, 2023Updated 3 years ago
- ☆19Jan 24, 2023Updated 3 years ago
- Burp extension to check and exploit the IIS Tilde Enumeration/IIS 8.3 Short Filename Disclosure vulnerability☆62Jun 12, 2023Updated 2 years ago
- ☆121May 8, 2024Updated last year
- A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.☆184Nov 22, 2021Updated 4 years ago
- Find known vulnerabilities in WordPress plugins and themes using Burp Suite proxy. WPScan like plugin for Burp.☆75Feb 25, 2022Updated 4 years ago
- BurpSuite Extension: A one-stop pen testing checklist and logger tool☆268Mar 4, 2023Updated 3 years ago
- This Burp Suite extension allows for the automatic creation and deletion of an upstream SOCKS5 proxy on popular cloud services.☆246Mar 17, 2025Updated last year
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Apache HTTP-Server 2.4.49-2.4.50 Path Traversal & Remote Code Execution PoC (CVE-2021-41773 & CVE-2021-42013)☆13Aug 22, 2025Updated 8 months ago
- Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist☆1,511Jan 8, 2026Updated 3 months ago
- ☆15Nov 15, 2023Updated 2 years ago
- A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues☆377Jul 25, 2023Updated 2 years ago
- Nuclei plugin for BurpSuite☆1,329Oct 22, 2025Updated 6 months ago
- Active Directory share enumeration tool☆12Apr 28, 2025Updated last year
- A tech enumeration toolkit focused on 404 Not found pages.☆27Oct 6, 2024Updated last year
- vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.☆330Mar 27, 2024Updated 2 years ago
- Python resource library for creating security related tooling☆78Jul 11, 2024Updated last year
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- It becomes the extension of Burp suite. The cookie set by the BipIP server may include a private IP, which is an extension to detect tha…☆16Mar 10, 2026Updated last month
- Obtain GraphQL API schema despite disabled introspection!☆68Mar 11, 2026Updated last month
- Attack Active Directory Trusts with a single tool☆13Jan 15, 2025Updated last year
- Zed Attack Proxy Scripts for finding CVEs and Secrets.☆127Jun 2, 2022Updated 3 years ago
- ☆59Apr 6, 2026Updated 3 weeks ago
- Tool for testing reflections in the HTTP responses☆60Jun 10, 2023Updated 2 years ago
- A rapid HTTP downgrade smuggling scanner written in Go.☆314May 16, 2024Updated last year
- A Burp Suite Extension for pentester and bug bounty hunters an to maintain checklist, map flows, write test cases and track vulnerabiliti…☆119Aug 2, 2023Updated 2 years ago
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …☆756Dec 19, 2023Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Burp Suite Extension useful to verify OAUTHv2 and OpenID security☆191Dec 3, 2024Updated last year
- APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is int…☆963Jan 17, 2025Updated last year
- SSRF plugin for burp Automates SSRF Detection in all of the Request☆622Jan 20, 2021Updated 5 years ago
- Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned ent…☆2,163Feb 23, 2026Updated 2 months ago
- A Burp Suite extension to add OpenAI (GPT) on Burp and help you with your Bug Bounty recon to discover endpoints, params, URLs, subdomain…☆889May 3, 2023Updated 3 years ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…☆1,799Apr 26, 2024Updated 2 years ago
- A Burp Suite extension for finding DNS vulnerabilities in web applications!☆91Sep 12, 2023Updated 2 years ago