BChecks collection for Burp Suite Professional
☆100Jun 6, 2024Updated last year
Alternatives and similar repositories for BChecks-Collection
Users that are interested in BChecks-Collection are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Bcheck scripts for Burp☆28Aug 7, 2024Updated last year
- This repository stores some of my custom BCheck Scan configurations. Its goal is to identify intriguing elements that warrant further man…☆103Feb 9, 2024Updated 2 years ago
- Passively check for XSS character encodings☆18Mar 9, 2026Updated 2 weeks ago
- Encode and Fuzz Custom Protobuf Messages in Burp Suite☆37Mar 4, 2025Updated last year
- ShoLister is a tool that collects all available subdomains for specific hostname or organization from Shodan. The tool is designed to be …☆13May 10, 2022Updated 3 years ago
- All-in Fuzzer. Burp suite extension for auto fuzzing params, headers, body☆36Dec 13, 2025Updated 3 months ago
- ☆38Dec 10, 2023Updated 2 years ago
- BetterBugBounty - Here tools are classic, bugs are hunted, and nostalgia is the ultimate weapon!☆29Feb 10, 2024Updated 2 years ago
- 一个用于修改右键插件菜单层级的Burpsuite插件。A simple BurpSuite extension to change extension context menu level.☆14Jan 15, 2024Updated 2 years ago
- BChecks collection for Burp Suite Professional and Burp Suite DAST☆773Mar 12, 2026Updated last week
- A wrapper around grep, to help you grep for things! - Improved version of gf by @tomnomnom.☆62Nov 17, 2023Updated 2 years ago
- Process URLs and remove duplicate query parameters.☆27Mar 19, 2024Updated 2 years ago
- i will upload more templates here to share with the comunity.☆569Apr 17, 2024Updated last year
- Burp Suite extension that enhances Burp Active Scan by adding template engine specific SSTI payloads.☆24Feb 20, 2024Updated 2 years ago
- Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist☆1,503Jan 8, 2026Updated 2 months ago
- Extract URLs, paths, secrets, and other interesting bits from JavaScript☆1,782May 22, 2024Updated last year
- Enhanced 403 bypass header☆21Sep 12, 2022Updated 3 years ago
- ☆29Dec 13, 2023Updated 2 years ago
- ☆158Mar 23, 2023Updated 3 years ago
- your bestfried for finding LinkedIn Employees on github☆15Mar 28, 2023Updated 2 years ago
- navgix is a multi-threaded golang tool that will check for nginx alias traversal vulnerabilities☆73May 20, 2023Updated 2 years ago
- A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues☆374Jul 25, 2023Updated 2 years ago
- This tool is intended for bounty hunters, the script installs and launches the best set of tools for expanding the attack surface, for W…☆12Apr 22, 2024Updated last year
- Sensitive Discoverer, a Burp extension to discovers sensitive information inside HTTP messages.☆50Jan 26, 2026Updated last month
- Advanced reconnaissance framework for bug bounty hunters - Automate subdomain enumeration, vulnerability scanning, and security reconnais…☆58Updated this week
- ☆42Jul 14, 2021Updated 4 years ago
- A path-normalization pentesting tool.☆153Jan 22, 2026Updated 2 months ago
- Attempt zone transfers on domains☆18Jul 12, 2021Updated 4 years ago
- ☆37Jun 12, 2024Updated last year
- A lightweight tool for orchestrating and organizing your bug hunting recon / pentesting command-line workflows☆300Sep 8, 2023Updated 2 years ago
- Repo for hosting rayder workflows☆63Aug 31, 2023Updated 2 years ago
- Burp extension used to snip any header from all the requests.☆23Nov 12, 2023Updated 2 years ago
- Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.☆562Mar 8, 2025Updated last year
- A modified version of TomNomNom's anew, allowing for multiple files to be defined as parameters.☆13Jun 17, 2023Updated 2 years ago
- jsluice++ is a Burp Suite extension designed for passive and active scanning of JavaScript traffic using the CLI tool jsluice☆293Apr 9, 2024Updated last year
- This script is used to search for cloud certificate entities such as Amazon, Azure, and others that have been extracted by the kaeferjaeg…☆55Nov 21, 2025Updated 4 months ago
- A GO module to get domain name from SSL certificates when an IP address is provided.☆33Apr 14, 2023Updated 2 years ago
- Find subdomains by searching public certificate records☆16Jun 11, 2024Updated last year
- SAPLAR - LFI & Path Traversal Scanner☆15Mar 11, 2025Updated last year