federicodotta / Burp-Suite-Extender-Montoya-Course

Related projects ⓘ

Alternatives and complementary repositories for Burp-Suite-Extender-Montoya-Course

• pimps / gopher-tomcat-deployer
  Gopher Tomcat Deployer
  ☆47Updated 6 years ago
• minamo7sen / burp-JS-Miner
  This tool tries to find interesting stuff inside static files; mainly JavaScript and JSON files.
  ☆54Updated last year
• GovTech-CSG / ProxyAgent
  ☆64Updated 2 years ago
• synacktiv / burp-jq
  Burp extension to filter JSON on the fly with JQ queries in the HTTP message viewer.
  ☆45Updated 3 years ago
• usdAG / slipit
  Utility for creating ZipSlip archives
  ☆67Updated last year
• PortSwigger / ator
  ☆29Updated 7 months ago
• wfinn / redirex
  tool that generates bypasses for open redirects
  ☆49Updated 2 years ago
• kleiton0x00 / HTTP-Smuggling-Calculator
  Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.
  ☆67Updated 2 years ago
• GoSecure / request-smuggling-workshop
  ☆23Updated last year
• pentagridsec / PentagridScanController
  Improve automated and semi-automated active scanning in Burp Pro
  ☆60Updated 2 years ago
• 254Labs / awesome-bambdas
  A collection of Burp Suite Lambda Filters ~ Bambdas
  ☆22Updated last month
• vrechson / copy-to-bcheck
  BurpSuite extension to convert requests into bcheck scripts
  ☆30Updated last year
• PortSwigger / sqlmap-dns-collaborator
  Burp Extension that lets you use Burp Collaborator as a DNS server for exfiltrating data via Sqlmap
  ☆36Updated 3 years ago
• ariary / DomXssFinder
  Find sources and sinks in js code that could lead to DOM XSS 🔎💧🚰
  ☆22Updated 8 months ago
• jzheaux / spel-injection
  An intentionally-vulnerable application for demonstrating the hazards of SpEL expression composition
  ☆26Updated 6 years ago
• omespino / gcs_instace_takeover
  ☆21Updated 3 months ago
• wrvenkat / burp-multistep-csrf-poc
  Burp extension to generate multi-step CSRF POC.
  ☆29Updated 5 years ago
• Co0nan / ParamsExtractor
  A burp-suite plugin that extract all parameter names from in-scope requests
  ☆29Updated 3 years ago
• NotSoSecure / NotSoCereal-Lab
  NotSoCereal: A Deserialization exploit playground
  ☆50Updated 2 years ago
• defparam / haptyc
  ☆92Updated 3 years ago
• honoki / burp-copy-regex-matches
  Burp Suite plugin to copy regex matches from selected requests and/or responses to the clipboard.
  ☆33Updated 2 years ago
• InitRoot / BurpSQLTruncSanner
  Messy BurpSuite plugin for SQL Truncation vulnerabilities.
  ☆61Updated 4 years ago
• FSecureLABS / N1QLMap
  The tool exfiltrates data from Couchbase database by exploiting N1QL injection vulnerabilities.
  ☆73Updated 4 years ago
• pelaohxc / postMessageFinder
  ☆36Updated 4 years ago
• PortSwigger / sensitive-discoverer
  Introduction to CYS4-SensitiveDiscoverer, a Burp extension that discovers sensitive information inside HTTP messages.
  ☆17Updated 3 weeks ago
• Gilzy / 403Bypasser
  ☆54Updated 2 years ago
• iustin24 / chameleon-wordlists
  Chameleon Wordlists
  ☆14Updated 2 years ago
• 303sec / log4shell-everywhere
  A Burp Suite extension which augments your proxy traffic by injecting log4shell payloads into headers
  ☆42Updated 2 years ago
• samwcyo / CVE-2021-27651-PoC
  RCE for Pega Infinity >= 8.2.1, Pega Infinity <= 8.5.2
  ☆60Updated 3 years ago
• Sy3Omda / burp-bounty
  Burp Bounty profiles
  ☆82Updated 2 years ago