SpiderLabs / burplay
Burplay is a Burp Extension allowing for replaying any number of requests using same modifications definition. Its main purpose is to aid in searching for Privilege Escalation issues.
☆82Updated 7 years ago
Alternatives and similar repositories for burplay:
Users that are interested in burplay are comparing it to the libraries listed below
- Burp Suite plugin created for using Collaborator tool during manual testing in a comfortable way!☆103Updated 6 years ago
- WhiteBox CMS analysis☆69Updated last year
- Pillage a git repo found in an accessible web root☆61Updated 13 years ago
- Materials related to the 2017 BSides Las Vegas presentation☆52Updated 4 years ago
- Tool for checking Whether a domain or its multiple sub-domains are up and running.☆72Updated 6 years ago
- This is sample code to demonstrate how one can use SQL Injection vulnerability to download local file from server in specific condition. …☆44Updated 8 years ago
- Highlight Burp proxy requests made by different browsers☆30Updated 7 years ago
- BlindRef serves as the basis for an automated Blind-Based XXE Exploitation Framework☆26Updated 8 years ago
- Various tools for managing bug bounty recon and exploration.☆47Updated 2 years ago
- ☆44Updated 8 years ago
- ☆70Updated 7 years ago
- Burp scanner plugin based on Vulners.com vulnerability database☆26Updated 7 years ago
- Disrupt WAF by abusing SSL/TLS Ciphers☆48Updated 6 years ago
- An interactive OOB XXE data exfiltration tool☆91Updated 7 years ago
- Penetration Testing Tools Developed by AppSec Consulting.☆48Updated 6 years ago
- XSS Payloads☆49Updated 9 years ago
- Advanced XPath Injection Tool☆34Updated 9 years ago
- Burp extension to help developers replicate findings from pen tests☆70Updated 8 months ago
- Generate MS Word template-based reports with HP WebInspect / Burp Suite Pro input, own custom data and knowledge base.☆66Updated last year
- Automatically forward HTTP GET & POST requests to SQLMap's API to test for SQLi and XSS☆83Updated 2 years ago
- The Unofficial Burp Extension for DNSDumpster.com☆70Updated 7 years ago
- ActionScript Proof of Concept to perform cross-domain reads☆44Updated 11 years ago
- A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.☆111Updated 6 years ago
- A CRLF ( Carriage Return Line Feed ) Injection attack occurs when a user manages to submit a CRLF into an application. This is most commo…☆46Updated 2 years ago
- Python script to exploit java unserialize on t3 (Weblogic)☆61Updated 7 years ago
- Tools used for Penetration testing / Red Teaming☆64Updated 6 years ago
- Burp Suite Extensions☆127Updated 11 years ago
- Allows you to trace where inputs are reflected back to the user.☆37Updated 7 years ago
- A Burp Extension to test applications for vulnerability to the Web Cache Deception attack☆138Updated 4 years ago
- A collection of scripts used to interact with the Burp Rest API☆51Updated 6 years ago