burp插件开发指南
☆619Aug 8, 2021Updated 4 years ago
Alternatives and similar repositories for burp-api-drops
Users that are interested in burp-api-drops are comparing it to the libraries listed below
Sorting:
- domain_hunter的高级版本,SRC挖洞、HW打点之必备!自动化资产收集;快速Title获取;外部工具联动;等等☆2,116Jan 23, 2026Updated last month
- Burp被动扫描流量转发插件☆1,460Jun 17, 2024Updated last year
- Java RCE 回显测试代码☆1,016Oct 15, 2020Updated 5 years ago
- Fastjson姿势技巧集合☆1,825Oct 20, 2023Updated 2 years ago
- Collect JSP webshell of various implementation methods. 梳理和发现的JSP Webshell各种姿势☆1,404Jan 18, 2022Updated 4 years ago
- AK资源管理工具,阿里云/腾讯云/华为云/AWS/UCLOUD/京东云/百度云/七牛云存储/火山引擎 AccessKey AccessKeySecret,利用AK获取资源信息和操作资源,ECS/CVM/E2/UHOST/ECI/BCC执行命令,OSS/COS/S3/BOS…☆779Feb 13, 2025Updated last year
- JNDI服务利用工具 RMI/LDAP,支持部分场景回显、内存shell,高版本JDK场景下利用等,fastjson rce命令执行,log4j rce命令执行 漏洞检测辅助工具☆2,012May 21, 2024Updated last year
- WebSocket 内存马/Webshell,一种新型内存马/WebShell技术☆1,488Apr 10, 2023Updated 2 years ago
- fastjson漏洞burp插件,检测fastjson<1.2.68基于dnslog,fastjson<=1.2.24和1.2.33<=fatjson<=1.2.47的不出网检测和TomcatEcho,SpringEcho回显方案。☆124May 14, 2021Updated 4 years ago
- spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧☆754Apr 14, 2021Updated 4 years ago
- Burp suite 分块传输辅助插件☆2,023Feb 23, 2022Updated 4 years ago
- A Swagger API Exploit☆1,370Jun 7, 2024Updated last year
- Unexpected information 是用于标记请求包中的一些敏感信息、JS接口和一些特殊字段的BurpSuite 插件。☆688Jan 4, 2021Updated 5 years ago
- BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). 支持多种加密算…☆1,621Aug 4, 2023Updated 2 years ago
- 一款基于BurpSuite的被动式FastJson检测插件☆1,238Oct 1, 2022Updated 3 years ago
- 分享几个直接可用的内存马,记录一下学习过程中看过的文章☆975Mar 23, 2022Updated 3 years ago
- 这是一个用于IP和域名碰撞匹配访问的小工具,旨意用来匹配出渗透过程中需要绑定hosts才能访问的弱主机或内部系统。☆1,190Apr 30, 2019Updated 6 years ago
- DNSLog-GO 是一款golang编写的监控 DNS 解析记录的工具,自带WEB界面 / DNSLog-GO is a monitoring tool written in Golang that monitors DNS resolution records. It …☆1,275Jan 21, 2026Updated last month
- 对Auth/Waf 自动化bypass的burpsuite插件☆1,089Updated this week
- 一款基于BurpSuite的被动式shiro检测插件☆1,795Dec 14, 2022Updated 3 years ago
- Burp插件,根据自定义来达到对数据包的处理(适用于加解密、爆破等),类似mitmproxy,不同点在于经过了burp中转,在自动加解密的基础上,不影响APP、网站加解密正常逻辑等。☆1,327Dec 14, 2025Updated 2 months ago
- 自动化爬取并自动测试所有swagger接口☆1,164Dec 1, 2025Updated 3 months ago
- Share Things Related to Java - Java安全漫谈笔记相关内容☆1,991Apr 9, 2025Updated 10 months ago
- 自己学习java安全的一些总结,主要是安全审计相关☆1,695Jan 5, 2022Updated 4 years ago
- Java漏洞学习笔记 Deserialization Vulnerability☆945Jun 14, 2023Updated 2 years ago
- Fastjson扫描器,可识别版本、依赖库、autoType状态等。A tool to distinguish fastjson ,version and dependency☆1,050Oct 7, 2022Updated 3 years ago
- Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security…☆2,689Mar 14, 2024Updated last year
- Burpsuite - Route Vulnerable Scanning 递归式被动检测脆弱路径的burp插件☆1,314Jun 29, 2024Updated last year
- Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack…☆3,210May 24, 2024Updated last year
- 各种数据库的利用姿势☆1,034Jan 3, 2025Updated last year
- 一个用于前端加密Fuzz的Burp Suite插件☆1,060Mar 6, 2020Updated 5 years ago
- A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅☆1,896Jan 15, 2026Updated last month
- 利用任意文件下载漏洞循环下载反编译 Class 文件获得网站 Java 源代码☆711May 10, 2021Updated 4 years ago
- 自动化Host碰撞工具,帮助红队快速扩展网络边界,获取更多目标点☆595Oct 7, 2023Updated 2 years ago
- OneScan 是一款用于递归目录扫描的 BurpSuite 插件☆1,230Jun 24, 2025Updated 8 months ago
- java内存对象搜索辅助工具☆823Sep 23, 2022Updated 3 years ago
- 高危漏洞精准检测与深度利用框架☆1,456Jan 8, 2023Updated 3 years ago
- 基于burpsuite的资产分析工具☆474Apr 29, 2023Updated 2 years ago
- HeapDump敏感信息提取工具☆1,632Dec 15, 2025Updated 2 months ago