Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"
☆356Oct 14, 2020Updated 5 years ago
Alternatives and similar repositories for burpdeveltraining
Users that are interested in burpdeveltraining are comparing it to the libraries listed below
Sorting:
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…☆1,774Apr 26, 2024Updated last year
- A natural evolution of Burp Suite's Repeater tool☆201Feb 9, 2024Updated 2 years ago
- InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable…☆1,737Feb 16, 2026Updated 2 weeks ago
- A curated list of amazingly awesome Burp Extensions☆3,372Feb 17, 2026Updated 2 weeks ago
- Terraform configuration to build a Burp Private Collaborator Server☆29Sep 16, 2018Updated 7 years ago
- Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands …☆950Nov 26, 2022Updated 3 years ago
- SSRF (Server Side Request Forgery) testing resources☆2,482Oct 12, 2024Updated last year
- Burp with Friends☆103Jan 21, 2023Updated 3 years ago
- Burp Extension for AWS Signing☆90Jan 10, 2025Updated last year
- Security Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.☆749Apr 12, 2022Updated 3 years ago
- A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.☆557Mar 6, 2023Updated 3 years ago
- Notes about attacking Jenkins servers☆2,091Jul 10, 2024Updated last year
- A collection of scripts to extend Burp Suite☆142Apr 8, 2019Updated 6 years ago
- Piper Burp Suite Extender plugin☆129Jan 14, 2026Updated last month
- A tool for embedding XXE/XML exploits into different filetypes☆1,130Dec 16, 2024Updated last year
- Client Side Prototype Pollution Scanner☆522Sep 17, 2022Updated 3 years ago
- RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities☆447Sep 7, 2022Updated 3 years ago
- Custom scripts for the PIPER Burp extensions.☆97Sep 24, 2023Updated 2 years ago
- A Burp Suite content discovery plugin that add the smart into the Buster!☆378Oct 12, 2020Updated 5 years ago
- Everything you need about Burp Extension Generation☆157Jan 6, 2023Updated 3 years ago
- VyAPI - A cloud based vulnerable hybrid Android App☆86Feb 21, 2020Updated 6 years ago
- ☆523Jun 5, 2023Updated 2 years ago
- Burp Extension for easily creating Wordlists☆215Oct 5, 2021Updated 4 years ago
- This repository will serve as the "master" repo containing all trainings and tutorials done in preperation for OSWE in conjunction with t…☆931Jan 6, 2025Updated last year
- A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…☆3,903Sep 27, 2021Updated 4 years ago
- ☆2,316Dec 8, 2023Updated 2 years ago
- This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single location☆1,361Jan 24, 2021Updated 5 years ago
- Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3☆2,062Jan 2, 2024Updated 2 years ago
- Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki☆211Oct 31, 2024Updated last year
- Search exposed EBS volumes for secrets☆302Apr 24, 2023Updated 2 years ago
- DNS Rebinding Exploitation Framework☆492Apr 27, 2021Updated 4 years ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆612Mar 4, 2021Updated 5 years ago
- ☆695Jul 4, 2022Updated 3 years ago
- A bash script that automates the scanning of a target network for HTTP resources through XXE☆37Dec 2, 2020Updated 5 years ago
- Server-Side Template Injection and Code Injection Detection and Exploitation Tool☆4,123Apr 21, 2024Updated last year
- The cheat sheet about Java Deserialization vulnerabilities☆3,167May 26, 2023Updated 2 years ago
- Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.☆470Nov 14, 2019Updated 6 years ago
- CollabOzark is a simple tool which helps the researchers track SSRF, RCE, Blind XSS, XXE, External Resource Access payloads triggers.☆135Sep 25, 2019Updated 6 years ago
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆953Dec 31, 2021Updated 4 years ago