dreadnode / burpferenceLinks
A research project to add some brrrrrr to Burp
☆181Updated 5 months ago
Alternatives and similar repositories for burpference
Users that are interested in burpference are comparing it to the libraries listed below
Sorting:
- The Arcanum Prompt Injection Taxonomy☆130Updated 2 months ago
- A collection of Turbo Intruder scripts.☆63Updated 6 months ago
- Verizon Burp Extensions: AI Suite☆132Updated 3 months ago
- FrogPost: postMessage Security Testing Tool☆92Updated 2 months ago
- Abuse trust-boundaries to bypass firewalls and network controls☆347Updated last week
- Payloads for AI Red Teaming and beyond☆221Updated last week
- CoWitness is a powerful web application testing tool that enhances the accuracy and efficiency of your testing efforts. It allows you to …☆125Updated last year
- WhereToGo - is a list of popular services that might be used in organizations. By having an account of the user - you can try to find ent…☆128Updated 3 years ago
- Burp Suite extension for testing Passkey systems.☆71Updated 4 months ago
- Certainly is a offensive security toolkit to capture large amounts of traffic in various network protocols in bitflip and typosquat scena…☆189Updated 10 months ago
- CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).☆130Updated 4 months ago
- A modular external attack surface mapping tool integrating tools for automated reconnaissance and bug bounty workflows.☆43Updated 3 months ago
- LLM Testing Findings Templates☆72Updated last year
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…☆162Updated 2 weeks ago
- ☆91Updated 2 months ago
- A smarter web fuzzing tool that combines local LLM models and ffuf to optimize directory and file discovery☆315Updated 8 months ago
- Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @Webbi…☆258Updated 2 months ago
- A tool to scrape the AWS ranges looking for a keyword in SSL certificate data.☆235Updated last year
- A web based checklist driven note taking app following bug bounty and web app pentest methodology.☆40Updated last month
- QRFuzz, a fuzzing toolkit to test malicious QR Codes in mobile applications☆46Updated last year
- Scripts to download every Wordpress plugin (updated in the last 2 years) and run Semgrep over the lot of it while storing output in a dat…☆77Updated 5 months ago
- Prototype of Full Agentic Application Security Testing, FAAST = SAST + DAST + LLM agents☆61Updated 3 months ago
- ai-based domain name generation☆93Updated 6 months ago
- A Go-based utility that processes input through multiple AI models concurrently (OpenAI, Claude, and Gemini) and provides a summarized co…☆74Updated last month
- A Burp extension to help pentesters copy requests / responses for reports.☆49Updated 3 weeks ago
- Sasori is a dynamic web crawler powered by Puppeteer, designed for lightning-fast endpoint discovery.☆145Updated last year
- AIGoat: A deliberately Vulnerable AI Infrastructure. Learn AI security through solving our challenges.☆242Updated 3 months ago
- Enumerate AWS permissions and resources.☆69Updated 3 years ago
- ☆187Updated 3 months ago
- ☆76Updated last year