Burplay is a Burp Extension allowing for replaying any number of requests using same modifications definition. Its main purpose is to aid in searching for Privilege Escalation issues.
☆83Sep 19, 2017Updated 8 years ago
Alternatives and similar repositories for burplay
Users that are interested in burplay are comparing it to the libraries listed below
Sorting:
- Burp plugin to do random fuzzing of HTTP requests☆33Jan 31, 2017Updated 9 years ago
- Burp plugin that clusters responses to show an overview of received responses☆15Jun 7, 2019Updated 6 years ago
- Python Implementation of a .NET Padding Oracle Assessment Tool☆31Dec 17, 2015Updated 10 years ago
- Improved decoder for Burp Suite☆138Aug 30, 2021Updated 4 years ago
- Next Generation Firewall Audit and Bypass Tool☆266Apr 24, 2017Updated 8 years ago
- Burp Suite plugin created for using Collaborator tool during manual testing in a comfortable way!☆104Jun 1, 2018Updated 7 years ago
- PoC code for crashing windows active directory☆35Sep 19, 2018Updated 7 years ago
- A Burp Extension to test applications for vulnerability to the Web Cache Deception attack☆140Feb 18, 2021Updated 5 years ago
- Evil snippets of Underhanded Red Team tactics☆11Jul 5, 2017Updated 8 years ago
- Async'ly gather unique usernames thru null SMB sessions and bruteforce them with 2 passwords☆51Oct 24, 2017Updated 8 years ago
- Exploit for Jenkins serialization vulnerability - CVE-2016-0792☆49Aug 2, 2017Updated 8 years ago
- AWS Extender (Cloud Storage Tester) is a Burp plugin to assess permissions of cloud storage containers on AWS, Google Cloud and Azure.☆256Feb 23, 2022Updated 4 years ago
- ☆23Apr 8, 2015Updated 10 years ago
- Distributed password cracker for operating over high latency networks of loosely coupled hosts.☆13Jul 30, 2013Updated 12 years ago
- My solutions in Python for Corelan's Exploit Writing Tutorials☆13Jun 2, 2016Updated 9 years ago
- A tool that can help detect and takeover subdomains with dead DNS records☆12Aug 23, 2018Updated 7 years ago
- Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a Website☆140Apr 29, 2020Updated 5 years ago
- A tiny and cute URL fuzzer☆402Nov 10, 2022Updated 3 years ago
- A Burp Suite content discovery plugin that add the smart into the Buster!☆378Oct 12, 2020Updated 5 years ago
- Allows you to trace where inputs are reflected back to the user.☆37Oct 12, 2017Updated 8 years ago
- Windows Privesc Check☆20May 20, 2014Updated 11 years ago
- Powershell SAP assessment tool☆199Aug 13, 2018Updated 7 years ago
- "Repeater" style XSS post-exploitation tool for mass browser control. Primarily a PoC to show why HttpOnly flag isn't a complete protecti…☆138Dec 22, 2017Updated 8 years ago
- Enumerate subdomains through Virustotal☆32Nov 2, 2019Updated 6 years ago
- A shellcode testing harness.☆70Jul 10, 2024Updated last year
- RedSails is a Python based post-exploitation project aimed at bypassing host based security monitoring and logging. DerbyCon 2017 Talk: h…☆307Oct 18, 2017Updated 8 years ago
- This script generate backdoor code which log username password of an user who have passed HTTP basic auth using LDAP credentials.☆59Apr 3, 2017Updated 8 years ago
- A tool to analyse JMX API security level.☆43Jul 23, 2014Updated 11 years ago
- Transform NMap Scans to an D3.js HTML Table☆59Sep 21, 2017Updated 8 years ago
- Overview about existing tools that can be useful for AWS auditing purposes.☆15Sep 25, 2017Updated 8 years ago
- ☆139Jul 13, 2017Updated 8 years ago
- PoC Code for CVE-2018-16712 (exploit by MmMapIoSpace)☆25Dec 1, 2018Updated 7 years ago
- A reconnaissance tool that can quickly discover hostnames from a list of IP addresses.☆38Dec 6, 2010Updated 15 years ago
- Source Code Intelligence☆30Aug 21, 2017Updated 8 years ago
- ☆46May 15, 2016Updated 9 years ago
- Excalibur is an Eternalblue exploit payload based "Powershell" for the Bashbunny project.☆134May 27, 2019Updated 6 years ago
- Simple website to display the LAN status based on a nmap scan☆58Jan 5, 2023Updated 3 years ago
- Duncan - Blind SQL injector skeleton☆60Jan 11, 2022Updated 4 years ago
- Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account ha…☆501Aug 7, 2020Updated 5 years ago