doyensec/CSPTBurpExtension external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

doyensec/CSPTBurpExtension

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/doyensec/CSPTBurpExtension)

Close

doyensec / CSPTBurpExtensionView on GitHubMore

• External links
• Readme badge

CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.

☆160Jul 2, 2024Updated last year

Alternatives and similar repositories for CSPTBurpExtension

Users that are interested in CSPTBurpExtension are comparing it to the libraries listed below

• vitorfhc / gecko

  View on GitHub
  Chrome extension for automating CSPT discovery
  ☆138Dec 23, 2025Updated 2 months ago
• 0x999-x / jsluicepp

  View on GitHub
  jsluice++ is a Burp Suite extension designed for passive and active scanning of JavaScript traffic using the CLI tool jsluice
  ☆291Apr 9, 2024Updated last year
• kevin-mizu / domloggerpp

  View on GitHub
  A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.
  ☆773Dec 9, 2025Updated 2 months ago
• francisconeves97 / jxscout

  View on GitHub
  jxscout superpowers JavaScript analysis for security researchers
  ☆422Feb 15, 2026Updated 2 weeks ago
• doyensec / CSPTPlayground

  View on GitHub
  CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).
  ☆153Mar 31, 2025Updated 11 months ago
• lauritzh / dead-domain-discovery

  View on GitHub
  This Chromium extension scans the page for external iFrames, Scripts, and Styles, logs them to the console, and checks if their domains a…
  ☆68Jan 6, 2026Updated 2 months ago
• assetnote / surf

  View on GitHub
  Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …
  ☆753Dec 19, 2023Updated 2 years ago
• nullenc0de / paramhunter

  View on GitHub
  Looks for parameters in urls
  ☆34Oct 14, 2024Updated last year
• Escape-Technologies / graphql-wordlist

  View on GitHub
  The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.
  ☆456Oct 3, 2023Updated 2 years ago
• synacktiv / DepFuzzer

  View on GitHub
  ☆93Dec 15, 2025Updated 2 months ago
• BishopFox / sj

  View on GitHub
  A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.
  ☆723Feb 28, 2026Updated last week
• intrudir / burpcollaborator-docker

  View on GitHub
  A set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate in as simple a p…
  ☆30Nov 30, 2025Updated 3 months ago
• doyensec / Prototype-Pollution-Gadgets-Finder

  View on GitHub
  ☆93Apr 29, 2024Updated last year
• Sudistark / BB-Writeups

  View on GitHub
  Will share some interesting writeups here :)
  ☆18Oct 18, 2023Updated 2 years ago
• BishopFox / jsluice

  View on GitHub
  Extract URLs, paths, secrets, and other interesting bits from JavaScript
  ☆1,773May 22, 2024Updated last year
• pdstat / graphqlextractor

  View on GitHub
  Extract GraphQL operations from javascript
  ☆23Nov 27, 2025Updated 3 months ago
• francisconeves97 / jxscout-vscode

  View on GitHub
  ☆25May 21, 2025Updated 9 months ago
• matanber / domlogger-configs

  View on GitHub
  Useful configurations for the DomLogger++ extension
  ☆48Sep 7, 2024Updated last year
• xnl-h4ck3r / getSubsidiaries

  View on GitHub
  Get list of subsidiaries for a selected company
  ☆31Dec 21, 2024Updated last year
• bitquark / shortscan

  View on GitHub
  An IIS short filename enumeration tool
  ☆1,126Nov 25, 2024Updated last year
• Static-Flow / RepeaterSearch

  View on GitHub
  This extension adds a search bar to the Repeater tab that can be used to highlight all repeater tabs where the request and/or response ma…
  ☆81Oct 20, 2023Updated 2 years ago
• iambouali / p1radup

  View on GitHub
  Process URLs and remove duplicate query parameters.
  ☆27Mar 19, 2024Updated last year
• KTH-LangSec / server-side-prototype-pollution

  View on GitHub
  A collection of Server-Side Prototype Pollution gadgets and exploits
  ☆225Feb 6, 2025Updated last year
• robre / jsmon

  View on GitHub
  a javascript change monitoring tool for bugbounties
  ☆712Jul 31, 2024Updated last year
• PortSwigger / bambdas

  View on GitHub
  Bambdas collection for Burp Suite Professional and Community.
  ☆497Feb 25, 2026Updated last week
• xnl-h4ck3r / XnlReveal

  View on GitHub
  A Chrome/Firefox browser extension to show alerts for reflected query params, show Wayback archive links for the current path, show hidde…
  ☆434Oct 16, 2025Updated 4 months ago
• midoxnet / mapperplus

  View on GitHub
  MapperPlus facilitates the extraction of source code from a collection of targets that have publicly exposed .js.map files.
  ☆286Oct 5, 2024Updated last year
• laluka / bypass-url-parser

  View on GitHub
  bypass-url-parser
  ☆1,115Updated this week
• PortSwigger / BChecks

  View on GitHub
  BChecks collection for Burp Suite Professional and Burp Suite DAST
  ☆770Jan 26, 2026Updated last month
• JoshMorrison99 / isXSS-Burp

  View on GitHub
  Passively check for XSS character encodings
  ☆18Updated this week
• trufflesecurity / trufflehog-burp-suite-extension

  View on GitHub
  Official TruffleHog Burp Suite Extension. Scan Burp Suite traffic for 800+ different types of secrets (API keys, passwords, SSH keys, etc…
  ☆86Mar 12, 2025Updated 11 months ago
• mrvcoder / cloud_data

  View on GitHub
  Get some useful data from Clouds for your targets
  ☆20Updated this week
• vrechson / copy-to-bcheck

  View on GitHub
  BurpSuite extension to convert requests into bcheck scripts
  ☆33Jul 18, 2023Updated 2 years ago
• ACK-J / postMessage-tracker-firefox

  View on GitHub
  A Firefox Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon
  ☆27Dec 9, 2024Updated last year
• byt3hx / ollama-ai-analyzer

  View on GitHub
  Ollama AI Analyzer runs directly on your local computer, using Ollama's AI models to analyze your HTTP requests and responses. This means…
  ☆32Mar 1, 2025Updated last year
• sw33tLie / uff

  View on GitHub
  unleashed ffuf
  ☆248Oct 29, 2025Updated 4 months ago
• nikitastupin / clairvoyance

  View on GitHub
  Obtain GraphQL API schema even if the introspection is disabled
  ☆1,399Dec 5, 2025Updated 3 months ago
• ngalongc / AuthzAI

  View on GitHub
  ☆181Oct 15, 2024Updated last year
• g0ldencybersec / gungnir

  View on GitHub
  CT Log Scanner
  ☆516Dec 26, 2025Updated 2 months ago