This repository contains all the examples related to a series of tutorials that demonstrate how to use the new Montoya API of Burp Suite to create extensions that will greatly simplify our pentester lives.
☆50Dec 10, 2025Updated 4 months ago
Alternatives and similar repositories for Burp-Suite-Extender-Montoya-Course
Users that are interested in Burp-Suite-Extender-Montoya-Course are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Encode and Fuzz Custom Protobuf Messages in Burp Suite☆37Mar 4, 2025Updated last year
- A collection of utilities for building extensions using Burp's Montoya API☆52Nov 8, 2025Updated 5 months ago
- Terraform provider for command execution☆12Mar 16, 2020Updated 6 years ago
- Examples for using the Montoya API with Burp Suite☆185Apr 1, 2026Updated last week
- POC for leaking java version through file and ftp protocols☆24Nov 1, 2020Updated 5 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- by Gary O'Leary-Steele | cloned from https://sentinel.appcheck-ng.com/static/pm/logger.html☆12Sep 16, 2019Updated 6 years ago
- THC "R U There" network discovery tool☆30May 1, 2020Updated 5 years ago
- World CIDR IP lists☆10Jan 28, 2026Updated 2 months ago
- This Burp extension helps you to find usages of postMessage and recvMessage☆14Feb 20, 2020Updated 6 years ago
- Automated HTTP Request Repeating With Burp Suite☆39Apr 3, 2023Updated 3 years ago
- Make better use of the embedded browser that comes by default with Burp☆43Jan 1, 2024Updated 2 years ago
- A Firefox Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon☆27Dec 9, 2024Updated last year
- ☆36Jun 21, 2024Updated last year
- FETCH THE PASSWORD STRETCHER☆38Dec 8, 2022Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- ☆27Jan 16, 2026Updated 2 months ago
- Token Tailor is a Burp Suite Community Edition extension that aims to simplify security testing by automating JWT renewal.☆35Sep 30, 2025Updated 6 months ago
- The Outlook HTML Leak Test Project☆41May 12, 2018Updated 7 years ago
- ATT&CK Models of the Threat Actor "Phineas Fisher"☆18Apr 30, 2020Updated 5 years ago
- Dockerfile for AFL++ and helpful other tools☆21May 5, 2020Updated 5 years ago
- Scripts/tools to destroy things☆17Sep 13, 2021Updated 4 years ago
- Creates and sends fake meeting invite☆74Apr 24, 2021Updated 4 years ago
- Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"☆355Oct 14, 2020Updated 5 years ago
- 用于辅助安全工程师漏洞挖掘、测试、复现,集合了mock、httplog、dns tools、xss,可用于测试各类无回显、无法直观判断或特定场景下的漏洞。☆11Apr 2, 2021Updated 5 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Nuclei templates for drupal vulns... far from perfect☆19Jan 9, 2025Updated last year
- Application Security Mind Maps☆11Apr 10, 2021Updated 5 years ago
- ExtendedMacro - BurpSuite plugin providing extended macro functionality☆15Jan 13, 2021Updated 5 years ago
- This repository is for the Testing ASP.NET ViewState with YSoNet (YSoSerial.NET) workshop.☆23Dec 17, 2025Updated 3 months ago
- Sample exploits of common vulnerabilities in Java librarires☆27Dec 14, 2023Updated 2 years ago
- ☆65Mar 10, 2026Updated last month
- Let's check if your target is vulnerable for client side prototype pollution.☆65Jan 9, 2024Updated 2 years ago
- Alternative Mimikatz LSASS DUMPER☆14Apr 2, 2020Updated 6 years ago
- WebApp intentionally made vulnerable to Race Condition for practicing Race Condition☆25Feb 23, 2022Updated 4 years ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- libssh CVE-2018-10933☆22Oct 20, 2018Updated 7 years ago
- WebSocket REPL for pentesters☆234Jul 24, 2024Updated last year
- Following OWASP TOP 10 (the top ten most critical web application security risk) I decided to build an XSS Scanner.☆12Dec 12, 2022Updated 3 years ago
- RDP EXPLOİT☆13Oct 28, 2019Updated 6 years ago
- An extension to use Semgrep inside Burp Suite.☆88May 23, 2025Updated 10 months ago
- tetctf2020_amf_writeups☆23Jan 3, 2021Updated 5 years ago
- REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications☆1,336Aug 7, 2025Updated 8 months ago