federicodotta/Burp-Suite-Extender-Montoya-Course external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

federicodotta/Burp-Suite-Extender-Montoya-Course

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/federicodotta/Burp-Suite-Extender-Montoya-Course)

Close

federicodotta / Burp-Suite-Extender-Montoya-CourseView on GitHubMore

• External links
• Readme badge

This repository contains all the examples related to a series of tutorials that demonstrate how to use the new Montoya API of Burp Suite to create extensions that will greatly simplify our pentester lives.

☆51May 5, 2026Updated 2 weeks ago

Alternatives and similar repositories for Burp-Suite-Extender-Montoya-Course

Users that are interested in Burp-Suite-Extender-Montoya-Course are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• dillonfranke / protoburp

  View on GitHub
  Encode and Fuzz Custom Protobuf Messages in Burp Suite
  ☆37Mar 4, 2025Updated last year
• C0DEbrained / Burp-Montoya-Utilities

  View on GitHub
  A collection of utilities for building extensions using Burp's Montoya API
  ☆51Apr 14, 2026Updated last month
• rung / terraform-provider-cmdexec

  View on GitHub
  Terraform provider for command execution
  ☆12Mar 16, 2020Updated 6 years ago
• PortSwigger / burp-extensions-montoya-api-examples

  View on GitHub
  Examples for using the Montoya API with Burp Suite
  ☆187May 1, 2026Updated 3 weeks ago
• samsbp / java-file-ftp

  View on GitHub
  POC for leaking java version through file and ftp protocols
  ☆24Nov 1, 2020Updated 5 years ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• yehgdotnet / postmessagehook

  View on GitHub
  by Gary O'Leary-Steele | cloned from https://sentinel.appcheck-ng.com/static/pm/logger.html
  ☆12Sep 16, 2019Updated 6 years ago
• UT-Security / cve-2023-5217-poc

  View on GitHub
  A PoC to trigger CVE-2023-5217 from the Browser WebCodecs or MediaRecorder interface.
  ☆16Oct 11, 2023Updated 2 years ago
• physics-sec / DetectCrossOriginMessaging

  View on GitHub
  This Burp extension helps you to find usages of postMessage and recvMessage
  ☆14Feb 20, 2020Updated 6 years ago
• rafax00 / PrototypePollution-Lab

  View on GitHub
  Prototype Pollution Lab
  ☆18Nov 20, 2020Updated 5 years ago
• xnl-h4ck3r / auto-repeater

  View on GitHub
  Automated HTTP Request Repeating With Burp Suite
  ☆39Apr 3, 2023Updated 3 years ago
• rs-loves-bugs / burp-browser-profiles

  View on GitHub
  Make better use of the embedded browser that comes by default with Burp
  ☆43Jan 1, 2024Updated 2 years ago
• ACK-J / postMessage-tracker-firefox

  View on GitHub
  A Firefox Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon
  ☆28Dec 9, 2024Updated last year
• Ry0taK / first-sequence-sync

  View on GitHub
  ☆36Jun 21, 2024Updated last year
• TheTechromancer / password-stretcher

  View on GitHub
  FETCH THE PASSWORD STRETCHER
  ☆39Dec 8, 2022Updated 3 years ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• justmobilesec / just-mobile-security-mobile-docker

  View on GitHub
  ☆28Jan 16, 2026Updated 4 months ago
• forteBruno / Token-Tailor

  View on GitHub
  Token Tailor is a Burp Suite Community Edition extension that aims to simplify security testing by automating JWT renewal.
  ☆36Sep 30, 2025Updated 7 months ago
• infosecn1nja / atomic-red-team

  View on GitHub
  Small and highly portable detection tests.
  ☆13Apr 13, 2018Updated 8 years ago
• ZephrFish / ChunkyIngress

  View on GitHub
  Leverages B64 chunks to split files and save to clipboard
  ☆26Dec 7, 2025Updated 5 months ago
• pentagridsec / 5-AFL-suite-docker

  View on GitHub
  Dockerfile for AFL++ and helpful other tools
  ☆21May 5, 2020Updated 6 years ago
• ExAndroidDev / fakemeeting

  View on GitHub
  Creates and sends fake meeting invite
  ☆75Apr 24, 2021Updated 5 years ago
• reber0 / vtest

  View on GitHub
  用于辅助安全工程师漏洞挖掘、测试、复现，集合了mock、httplog、dns tools、xss，可用于测试各类无回显、无法直观判断或特定场景下的漏洞。
  ☆11Apr 2, 2021Updated 5 years ago
• doyensec / burpdeveltraining

  View on GitHub
  Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"
  ☆355Oct 14, 2020Updated 5 years ago
• nmmcon / MindMaps

  View on GitHub
  Application Security Mind Maps
  ☆12Apr 10, 2021Updated 5 years ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• RandomRobbieBF / nuclei-drupal-sa

  View on GitHub
  Nuclei templates for drupal vulns... far from perfect
  ☆19Jan 9, 2025Updated last year
• fruh / ExtendedMacro

  View on GitHub
  ExtendedMacro - BurpSuite plugin providing extended macro functionality
  ☆15Jan 13, 2021Updated 5 years ago
• PMaynard / Viva-Phineas-Fisher

  View on GitHub
  ATT&CK Models of the Threat Actor "Phineas Fisher"
  ☆20Apr 30, 2020Updated 6 years ago
• bbossola / vulnerability-java-samples

  View on GitHub
  Sample exploits of common vulnerabilities in Java librarires
  ☆27Dec 14, 2023Updated 2 years ago
• ivision-research / burpscript

  View on GitHub
  ☆64Mar 10, 2026Updated 2 months ago
• kosmosec / proto-find

  View on GitHub
  Let's check if your target is vulnerable for client side prototype pollution.
  ☆65Jan 9, 2024Updated 2 years ago
• 0xC01DF00D / Mimigoatz

  View on GitHub
  Alternative Mimikatz LSASS DUMPER
  ☆14Apr 2, 2020Updated 6 years ago
• Voorivex / livstream-recon

  View on GitHub
  ☆38Jan 17, 2024Updated 2 years ago
• Xib3rR4dAr / WannaRace

  View on GitHub
  WebApp intentionally made vulnerable to Race Condition for practicing Race Condition
  ☆25Feb 23, 2022Updated 4 years ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• jas502n / CVE-2018-10933

  View on GitHub
  libssh CVE-2018-10933
  ☆22Oct 20, 2018Updated 7 years ago
• doyensec / wsrepl

  View on GitHub
  WebSocket REPL for pentesters
  ☆236Jul 24, 2024Updated last year
• EliNaduyev / XSS-Scanner

  View on GitHub
  Following OWASP TOP 10 (the top ten most critical web application security risk) I decided to build an XSS Scanner.
  ☆12Dec 12, 2022Updated 3 years ago
• gand3lf / semgrepper

  View on GitHub
  An extension to use Semgrep inside Burp Suite.
  ☆89May 23, 2025Updated 11 months ago
• peterjson31337 / tetctf2021

  View on GitHub
  tetctf2020_amf_writeups
  ☆23Jan 3, 2021Updated 5 years ago
• 0xacb / recollapse

  View on GitHub
  REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications
  ☆1,341Aug 7, 2025Updated 9 months ago
• doyensec / cloudsec-tidbits

  View on GitHub
  Blogpost series showcasing interesting cloud - web app security bugs
  ☆67May 15, 2026Updated last week