Burp Suite extension for API security testing with 15 attack types, 108+ payloads, intelligent fuzzing, BOLA/IDOR detection, AI integration, and automated reconnaissance. Supports REST/GraphQL/SOAP APIs with Nuclei, Turbo Intruder, and external tool integration. OWASP API Top 10 coverage.
☆55Apr 12, 2026Updated last week
Alternatives and similar repositories for BurpAPISecuritySuite
Users that are interested in BurpAPISecuritySuite are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- The following code when compiled in go takes a domain name as an argument and outputs an HTML file with Google Search links for various d…☆17Sep 11, 2024Updated last year
- Rehashing APIs to prevent hash based detection☆14Jan 7, 2025Updated last year
- Repository for tools used for the OSCP☆24Sep 18, 2025Updated 7 months ago
- BOF to terminate a process via PID as argument☆28Sep 7, 2025Updated 7 months ago
- Interactive results explorer and annotation tool for Nosey Parker☆57Jun 28, 2025Updated 9 months ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Terms of Use Conditional Access M365 Evilginx Phishlet☆45Jun 23, 2025Updated 9 months ago
- Collection of powershell scripts I used to complete my CARTP and CARTE courses.☆49Feb 27, 2026Updated last month
- BOF for C2 framework☆44Nov 9, 2024Updated last year
- Free cybersecurity training resources☆13Feb 5, 2020Updated 6 years ago
- AV/EDR processes termination by exploiting a vulnerable driver (BYOVD)☆269Jan 21, 2026Updated 2 months ago
- Packet Analysis on Steroids☆13Oct 20, 2022Updated 3 years ago
- ☆16Dec 4, 2023Updated 2 years ago
- ReverseJS: A blog focused on reverse engineering Javascript☆11Feb 9, 2024Updated 2 years ago
- ☆26Mar 24, 2026Updated 3 weeks ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Playing with ISO 15693 emulation☆14Dec 25, 2024Updated last year
- A security checking tool☆112Feb 4, 2026Updated 2 months ago
- BadExclusions is a tool to identify folder custom or undocumented exclusions on AV/EDR☆21Feb 8, 2024Updated 2 years ago
- Obsidian Notes used to passed the OSCP exam and most HTB machines / challenges.☆52May 20, 2025Updated 10 months ago
- PowerShell SharePoint extraction + auditing tool for red/blue/purple teams. Enumerates all SharePoint sites/drives a user can access via …☆153Jan 25, 2026Updated 2 months ago
- genAI agent providing security context, tooling for performing security analysis on CVE, components and more☆22Apr 11, 2026Updated last week
- API discovery tool that maps attack surfaces from captured traffic and generates specs for REST, GraphQL, SOAP, and WebSocket APIs☆68Updated this week
- Find S3 AWS/GCP/Azure buckets while surfing. S3DNS acts as DNS server, follows CNAMEs and matches any bucket pattern☆129Apr 6, 2026Updated last week
- A network segmentation and egress control testing tool for PCI DSS v4.0 compliance. Automatically discovers network segments, validates i…☆13Aug 15, 2025Updated 8 months ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Wonka is a sweet Windows tool that extracts Kerberos tickets from the Local Security Authority (LSA) cache. Like finding a ticket, but fo…☆166Oct 21, 2025Updated 5 months ago
- A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.☆87Mar 2, 2025Updated last year
- 🛡️ Free AI that blocks hackers while you sleep. Runs on cheap hardware. When someone in Tokyo gets attacked, you're protected in 30 seco…☆35Updated this week
- Red-Team - AI Agent to Phish Employees based on Social Intelligence.☆25Dec 28, 2025Updated 3 months ago
- Anti-Cheat Artifacts detector for IDA☆96Jan 2, 2026Updated 3 months ago
- Tool that gathers a customizable set of ETW telemetry and generates user-defined detections☆47Jan 28, 2026Updated 2 months ago
- ☆22Jun 17, 2020Updated 5 years ago
- Resolvalid is a fast, concurrent DNS server validator written in Go. Given a list of DNS servers, it tests each one and outputs only the …☆14Feb 26, 2026Updated last month
- llolbas is a repo containing a localized and off-line version of the ever popular Living Off the Land Binaries and Scripts (LOLBAS) proje…☆12May 1, 2023Updated 2 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Chrome Extensions Dataset☆11Updated this week
- Phishing Template Workbench☆35Updated this week
- A brookshear virtual machine written in Go☆10Sep 5, 2019Updated 6 years ago
- Two C# RunPE's capable of x86 and x64 injections☆11Dec 2, 2018Updated 7 years ago
- AntiHunter Perimeter Defense Systems☆112Apr 10, 2026Updated last week
- A library to access RTL-SDR devices and receive and demodulate radio signals from your web application.☆18Mar 19, 2026Updated last month
- A practical client for ADWS in Golang.☆50Mar 3, 2026Updated last month