aress31 / openapi-parserLinks
Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in their official BApp Store).
☆200Updated last year
Alternatives and similar repositories for openapi-parser
Users that are interested in openapi-parser are comparing it to the libraries listed below
Sorting:
- Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.☆157Updated 3 months ago
- ☆129Updated 7 years ago
- Burp Suite Extension to monitor new scope☆198Updated 4 years ago
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆103Updated last year
- A tool geared towards pentesting APIs using OpenAPI definitions.☆177Updated 2 years ago
- This repository includes a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard cer…☆287Updated 5 months ago
- This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …☆259Updated 2 years ago
- Various Payload wordlists☆236Updated last month
- ☆148Updated 3 years ago
- A collection of scripts to extend Burp Suite☆142Updated 6 years ago
- Everything you need about Burp Extension Generation☆154Updated 2 years ago
- Exfiltrate blind Remote Code Execution and SQL injection output over DNS via Burp Collaborator.☆267Updated 4 months ago
- A tool used to check if a CNAME resolves to the scope address. If the CNAME resolves to a non-scope address it might be worth checking ou…☆134Updated last year
- A quick methodology on testing / hacking SAP Applications for n00bz and bug bounty hunters☆252Updated 2 years ago
- XSS Hunter Burp Plugin☆149Updated 6 years ago
- jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints.☆152Updated 4 years ago
- Burp Bounty is a extension of Burp Suite that improve an active and passive scanner by yourself. This extension requires Burp Suite Pro.☆71Updated 3 years ago
- Push notifications for passive DNS data☆109Updated 9 years ago
- Payloads for CRLF Injection☆225Updated 8 months ago
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆260Updated 3 years ago
- List HackerOne private program assets☆152Updated 3 years ago
- SSRF testing tool☆244Updated 2 years ago
- ☆121Updated 8 years ago
- Turbo Intruder Scripts☆221Updated 5 years ago
- Weaponizing Live CT logs for automated monitoring of assets☆134Updated 3 years ago
- subdomain bruteforce list☆101Updated 8 months ago
- Clientside vulnerability / reflected xss fuzzer☆150Updated last year
- CollabOzark is a simple tool which helps the researchers track SSRF, RCE, Blind XSS, XXE, External Resource Access payloads triggers.☆137Updated 5 years ago
- Bass grabs you those "extra resolvers" you are missing out on when performing Active DNS enumeration. Add anywhere from 100-6k resolvers …☆147Updated last year
- Piper Burp Suite Extender plugin☆122Updated last year