A Burp Suite Extension for Application Penetration Testing to map flows and vulnerabilities
☆119Nov 23, 2023Updated 2 years ago
Alternatives and similar repositories for pentest-mapper
Users that are interested in pentest-mapper are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.☆31Jun 22, 2023Updated 2 years ago
- ☆21Oct 9, 2017Updated 8 years ago
- Automatic Bug finder with buprsuite☆166Mar 6, 2023Updated 3 years ago
- A burpsuite extension that helps security researchers find public security reports published on h1 based on the selected host☆42May 9, 2020Updated 5 years ago
- This extension provides a way to discover NoSQL injection vulnerabilities.☆10Feb 1, 2021Updated 5 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- BurpSiute - BurpBounty Profiles☆20Feb 10, 2023Updated 3 years ago
- ☆19Jan 24, 2023Updated 3 years ago
- Burp extension to check and exploit the IIS Tilde Enumeration/IIS 8.3 Short Filename Disclosure vulnerability☆62Jun 12, 2023Updated 2 years ago
- ☆113May 8, 2024Updated last year
- A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.☆183Nov 22, 2021Updated 4 years ago
- Find known vulnerabilities in WordPress plugins and themes using Burp Suite proxy. WPScan like plugin for Burp.☆75Feb 25, 2022Updated 4 years ago
- BurpSuite Extension: A one-stop pen testing checklist and logger tool☆269Mar 4, 2023Updated 3 years ago
- This Burp Suite extension allows for the automatic creation and deletion of an upstream SOCKS5 proxy on popular cloud services.☆246Mar 17, 2025Updated last year
- Apache HTTP-Server 2.4.49-2.4.50 Path Traversal & Remote Code Execution PoC (CVE-2021-41773 & CVE-2021-42013)☆13Aug 22, 2025Updated 7 months ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist☆1,503Jan 8, 2026Updated 2 months ago
- A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues☆374Jul 25, 2023Updated 2 years ago
- ☆15Nov 15, 2023Updated 2 years ago
- Nuclei plugin for BurpSuite☆1,324Oct 22, 2025Updated 5 months ago
- Active Directory share enumeration tool☆12Apr 28, 2025Updated 10 months ago
- A tech enumeration toolkit focused on 404 Not found pages.☆27Oct 6, 2024Updated last year
- vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.☆328Mar 27, 2024Updated last year
- Python resource library for creating security related tooling☆79Jul 11, 2024Updated last year
- It becomes the extension of Burp suite. The cookie set by the BipIP server may include a private IP, which is an extension to detect tha…☆16Mar 10, 2026Updated 2 weeks ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- ☆56Jan 16, 2025Updated last year
- Obtain GraphQL API schema despite disabled introspection!☆69Mar 11, 2026Updated 2 weeks ago
- Attack Active Directory Trusts with a single tool☆14Jan 15, 2025Updated last year
- Zed Attack Proxy Scripts for finding CVEs and Secrets.☆128Jun 2, 2022Updated 3 years ago
- A Burp Suite Extension for pentester and bug bounty hunters an to maintain checklist, map flows, write test cases and track vulnerabiliti…☆120Aug 2, 2023Updated 2 years ago
- Tool for testing reflections in the HTTP responses☆60Jun 10, 2023Updated 2 years ago
- A rapid HTTP downgrade smuggling scanner written in Go.☆313May 16, 2024Updated last year
- 1500+ Template Machine/Challenges for Hack The Box (HTB) and TryHackMe (THM) for Obsidian☆28Mar 8, 2025Updated last year
- API Penetration Testing Notes☆16Sep 25, 2025Updated 6 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …☆755Dec 19, 2023Updated 2 years ago
- Burp Suite Extension useful to verify OAUTHv2 and OpenID security☆191Dec 3, 2024Updated last year
- APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is int…☆959Jan 17, 2025Updated last year
- SSRF plugin for burp Automates SSRF Detection in all of the Request☆616Jan 20, 2021Updated 5 years ago
- Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned ent…☆2,140Feb 23, 2026Updated last month
- A Burp Suite extension to add OpenAI (GPT) on Burp and help you with your Bug Bounty recon to discover endpoints, params, URLs, subdomain…☆888May 3, 2023Updated 2 years ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…☆1,787Apr 26, 2024Updated last year