cyal1/PyBurp

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/cyal1/PyBurp)

cyal1 / PyBurp

PyBurp is a Burp Suite extension that provides predefined Python functions for HTTP/WebSocket traffic modification, context menu registration, Intruder payload processing, passive/active scanning, and Collaborator interaction. You can also directly access Montoya API in your Python scripts.

☆38

Alternatives and similar repositories for PyBurp

Users that are interested in PyBurp are comparing it to the libraries listed below

Sorting:

PortSwigger / pyburp
View on GitHub
BcryptMontoya is a powerful plugin for Burp Suite that allows you to effortlessly modify HTTP requests and responses passing through the …
☆15Jan 12, 2026Updated 2 months ago
PortSwigger / nosqli-scanner
View on GitHub
This extension provides a way to discover NoSQL injection vulnerabilities.
☆10Feb 1, 2021Updated 5 years ago
cyal1 / SendToXray
View on GitHub
SendToXray - Burp Suite Extender, Send HTTP request to XRAY proxy.
☆11May 22, 2021Updated 4 years ago
phith0n / projector-runner
View on GitHub
Run Swing based GUI application within the Docker container through the Jetbrains Projector, and access it from browsers.
☆18Apr 10, 2021Updated 4 years ago
cyal1 / bypass-40x
View on GitHub
bypass 401/403
☆13Sep 13, 2022Updated 3 years ago
realgam3 / requests-raw
View on GitHub
Use requests to send HTTP raw sockets (To Test RFC Compliance)
☆24Jun 22, 2024Updated last year
Veraxy00 / SecVulList-Veraxy00
View on GitHub
发布一些我发现的漏洞以及利用脚本。
☆15Jun 29, 2023Updated 2 years ago
burp-ext-CryptoTools / CryptoTools
View on GitHub
☆11Jul 27, 2023Updated 2 years ago
Z0fSec / Z0fAPICollect
View on GitHub
一款可以高度自定义的 API 信息收集与记录 Burp扩展套件
☆11Dec 1, 2024Updated last year
SaneBow / redirect-fuzzer
View on GitHub
Fuzzing script for redirect URL validator
☆53Feb 4, 2020Updated 6 years ago
Ar3h / utf8-overlong-agent
View on GitHub
使用 agent 实现反序列化 utf8 overlong
☆84Apr 24, 2024Updated last year
simioni87 / auth_analyzer
View on GitHub
Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.
☆217Nov 4, 2025Updated 4 months ago
defparam / haptyc
View on GitHub
☆95Sep 18, 2021Updated 4 years ago
hkxueqi / YonyouNc-UNSERIALIZE-scan
View on GitHub
Yonyou-UNSERIALIZE,用友NC 反序列化检查工具,批量检测用友NC 反序列化
☆50Jul 21, 2023Updated 2 years ago
hbdxmz / AutoBypassEncryptAndSign
View on GitHub
auto decrypt the request ciphertext and auto bypass the signature of the API. 针对数据包加密、签名保护的安全测试场景，借助burp插件自动解密数据包密文，自动绕过接口的签名保护，最后借助密文数据…
☆53Mar 27, 2024Updated last year
zelat / BurpCopilot
View on GitHub
基于AI的BurpSuite漏洞分析插件
☆11Sep 21, 2023Updated 2 years ago
BlackHat-Ashura / Reflective_DLL_Injection
View on GitHub
Program to Inject a DLL into a process from memory.
☆13Mar 16, 2024Updated 2 years ago
0xceba / burp_variables
View on GitHub
Burp Suite extension that extends Burp to support storing and reusing variables in requests
☆27Feb 10, 2026Updated last month
mbadanoiu / CVE-2024-37081
View on GitHub
CVE-2024-37081: Multiple Local Privilege Escalation in VMware vCenter Server
☆10Jul 6, 2024Updated last year
7estUser / PenetrateNotes
View on GitHub
渗透测试、攻防姿势笔记
☆20Jun 13, 2025Updated 9 months ago
Loneyers / ThinkPHP6_Anyfile_operation_write
View on GitHub
ThinkPHP6任意文件操作漏洞,影响版本ThinkPHP6.0.0-6.0.1
☆22Jan 15, 2020Updated 6 years ago
cyal1 / host_scan
View on GitHub
这是一个用于IP和域名碰撞匹配访问的小工具，旨意用来匹配出渗透过程中需要绑定hosts才能访问的弱主机或内部系统。https://github.com/fofapro/Hosts_scan implement in Go
☆116Aug 30, 2022Updated 3 years ago
qi4L / WeblogicScan-go
View on GitHub
WeblogicScan一键检测
☆127May 6, 2024Updated last year
adeljck / YongYou-Exploit
View on GitHub
YongYou U8C deserialization file upload exploit tool targeting IPFxxFileService and IFileTrans services
☆28Sep 28, 2025Updated 5 months ago
d0ge / sign-saboteur
View on GitHub
SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokens
☆164Nov 29, 2024Updated last year
minamo7sen / burp-JS-Miner
View on GitHub
This tool tries to find interesting stuff inside static files; mainly JavaScript and JSON files.
☆57May 30, 2023Updated 2 years ago
254Labs / awesome-bambdas
View on GitHub
A collection of Burp Suite Lambda Filters ~ Bambdas
☆30Oct 1, 2024Updated last year
unam4 / c3p0explore
View on GitHub
c3p0 new gadget
☆28Apr 1, 2025Updated 11 months ago
Maskhe / webshell_bypass_research
View on GitHub
自己零零散散研究以及收集的一些免杀技巧，以便为后续查阅，拓宽思路
☆15Dec 11, 2019Updated 6 years ago
PortSwigger / sensitive-discoverer
View on GitHub
Introduction to CYS4-SensitiveDiscoverer, a Burp extension that discovers sensitive information inside HTTP messages.
☆23Nov 26, 2024Updated last year
weujieytt / HostHeaderAttack
View on GitHub
检测host头攻击的Burpsuite被动扫描插件，Burpsuite passive scanning plugin responsible for detecting host header attack
☆11Apr 28, 2023Updated 2 years ago
1oid / remotejs
View on GitHub
remote execute js when debugger.paused
☆47Sep 6, 2023Updated 2 years ago
Jlan45 / ysoserialSecond
View on GitHub
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
☆14Jul 28, 2023Updated 2 years ago
depycode / burpsuite_hack
View on GitHub
一款代理扫描器
☆565May 5, 2023Updated 2 years ago
Qi4l-Labs / RLscan
View on GitHub
强化学习 + 端口扫描
☆128Feb 23, 2025Updated last year
PortSwigger / burp-extensions-montoya-api-examples
View on GitHub
Examples for using the Montoya API with Burp Suite
☆182Mar 4, 2026Updated 2 weeks ago
ibrahimhaxor / Tsangaya
View on GitHub
☆14Jun 26, 2025Updated 8 months ago
Lya0 / Fofa_view_fingerprint
View on GitHub
魔改的fofa浏览器插件，能够进行自动调用指纹接口进行指纹识别。
☆15Apr 15, 2024Updated last year
doomerhunter / tampermonkey-useful-scripts
View on GitHub
Useful scripts for tampermonkey that I used during bug hunting. Will be updated "au fil de l'eau"
☆17Jun 2, 2025Updated 9 months ago