federicodotta / Burp-Suite-Extender-Montoya-Course

Related projects: ⓘ

• minamo7sen / burp-JS-Miner
  This tool tries to find interesting stuff inside static files; mainly JavaScript and JSON files.
  ☆54Updated last year
• pimps / gopher-tomcat-deployer
  Gopher Tomcat Deployer
  ☆47Updated 5 years ago
• usdAG / slipit
  Utility for creating ZipSlip archives
  ☆66Updated last year
• GoSecure / request-smuggling-workshop
  ☆22Updated last year
• wrvenkat / burp-multistep-csrf-poc
  Burp extension to generate multi-step CSRF POC.
  ☆29Updated 4 years ago
• GovTech-CSG / ProxyAgent
  ☆64Updated 2 years ago
• vrechson / copy-to-bcheck
  BurpSuite extension to convert requests into bcheck scripts
  ☆30Updated last year
• kleiton0x00 / HTTP-Smuggling-Calculator
  Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.
  ☆67Updated 2 years ago
• notnotnotveg / nuclei-custom-templates
  Additional nuclei templates
  ☆31Updated 11 months ago
• Gilzy / 403Bypasser
  ☆54Updated last year
• ariary / DomXssFinder
  Find sources and sinks in js code that could lead to DOM XSS 🔎💧🚰
  ☆21Updated 6 months ago
• Sy3Omda / burp-bounty
  Burp Bounty profiles
  ☆82Updated 2 years ago
• pentagridsec / PentagridScanController
  Improve automated and semi-automated active scanning in Burp Pro
  ☆60Updated 2 years ago
• InitRoot / BurpSQLTruncSanner
  Messy BurpSuite plugin for SQL Truncation vulnerabilities.
  ☆61Updated 4 years ago
• doyensec / confuser
  Dependency Confusion Security Testing Tool
  ☆39Updated 2 years ago
• honoki / burp-copy-regex-matches
  Burp Suite plugin to copy regex matches from selected requests and/or responses to the clipboard.
  ☆33Updated 2 years ago
• synacktiv / burp-jq
  Burp extension to filter JSON on the fly with JQ queries in the HTTP message viewer.
  ☆42Updated 3 years ago
• NotSoSecure / NotSoCereal-Lab
  NotSoCereal: A Deserialization exploit playground
  ☆48Updated 2 years ago
• albinowax / albinowaxUtils
  ☆13Updated 2 weeks ago
• ambionics / scalpel
  Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.
  ☆51Updated 3 months ago
• DeepakPawar95 / cswsh
  A command-line tool for Cross-Site WebSocket Hijacking
  ☆39Updated 11 months ago
• 303sec / log4shell-everywhere
  A Burp Suite extension which augments your proxy traffic by injecting log4shell payloads into headers
  ☆42Updated 2 years ago
• PortSwigger / sqlmap-dns-collaborator
  Burp Extension that lets you use Burp Collaborator as a DNS server for exfiltrating data via Sqlmap
  ☆36Updated 2 years ago
• onurgule / S4S-Scanner
  Spring4Shell Burp Scanner
  ☆65Updated 2 years ago
• RandomRobbieBF / grafana-ssrf
  Authenticated SSRF in Grafana
  ☆76Updated 2 months ago
• pelaohxc / postMessageFinder
  ☆35Updated 4 years ago
• vavkamil / XSSwagger
  A simple Swagger-ui scanner that can detect old versions vulnerable to various XSS attacks
  ☆53Updated 5 years ago
• 0xAwali / Virtual-Host
  Modified Nuclei Templates Version to FUZZ Host Header
  ☆48Updated 2 years ago
• francescolacerenza / TamperThemAll
  A tampered payload generator to Fuzz Web Application Firewalls
  ☆34Updated 4 years ago