This repository contains all the examples related to a series of tutorials that demonstrate how to use the new Montoya API of Burp Suite to create extensions that will greatly simplify our pentester lives.
☆51Dec 10, 2025Updated 4 months ago
Alternatives and similar repositories for Burp-Suite-Extender-Montoya-Course
Users that are interested in Burp-Suite-Extender-Montoya-Course are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A collection of utilities for building extensions using Burp's Montoya API☆51Apr 14, 2026Updated 2 weeks ago
- Terraform provider for command execution☆12Mar 16, 2020Updated 6 years ago
- Examples for using the Montoya API with Burp Suite☆187Apr 8, 2026Updated 3 weeks ago
- 针对IoT固件的openssl加密的暴力破解脚本☆13May 22, 2024Updated last year
- POC for leaking java version through file and ftp protocols☆24Nov 1, 2020Updated 5 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- by Gary O'Leary-Steele | cloned from https://sentinel.appcheck-ng.com/static/pm/logger.html☆12Sep 16, 2019Updated 6 years ago
- World CIDR IP lists☆10Jan 28, 2026Updated 3 months ago
- This Burp extension helps you to find usages of postMessage and recvMessage☆14Feb 20, 2020Updated 6 years ago
- Prototype Pollution Lab☆18Nov 20, 2020Updated 5 years ago
- Automated HTTP Request Repeating With Burp Suite☆39Apr 3, 2023Updated 3 years ago
- Make better use of the embedded browser that comes by default with Burp☆43Jan 1, 2024Updated 2 years ago
- A Firefox Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon☆27Dec 9, 2024Updated last year
- ☆36Jun 21, 2024Updated last year
- ☆28Jan 16, 2026Updated 3 months ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Token Tailor is a Burp Suite Community Edition extension that aims to simplify security testing by automating JWT renewal.☆35Sep 30, 2025Updated 7 months ago
- The Outlook HTML Leak Test Project☆41May 12, 2018Updated 7 years ago
- ATT&CK Models of the Threat Actor "Phineas Fisher"☆18Apr 30, 2020Updated 6 years ago
- A simple compiling of notes and information / teachings on how stegonography works, and how we can use stegonography to execute system co…☆11Feb 27, 2022Updated 4 years ago
- Leverages B64 chunks to split files and save to clipboard☆26Dec 7, 2025Updated 4 months ago
- Dockerfile for AFL++ and helpful other tools☆21May 5, 2020Updated 5 years ago
- Scripts/tools to destroy things☆16Sep 13, 2021Updated 4 years ago
- Creates and sends fake meeting invite☆74Apr 24, 2021Updated 5 years ago
- 用于辅助安全工程师漏洞挖掘、测试、复现,集合了mock、httplog、dns tools、xss,可用于测试各类无回显、无法直观判断或特定场景下的漏洞。☆11Apr 2, 2021Updated 5 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"☆355Oct 14, 2020Updated 5 years ago
- Nuclei templates for drupal vulns... far from perfect☆19Jan 9, 2025Updated last year
- Application Security Mind Maps☆11Apr 10, 2021Updated 5 years ago
- This repository is for the Testing ASP.NET ViewState with YSoNet (YSoSerial.NET) workshop.☆24Dec 17, 2025Updated 4 months ago
- Sample exploits of common vulnerabilities in Java librarires☆27Dec 14, 2023Updated 2 years ago
- ☆65Mar 10, 2026Updated last month
- Let's check if your target is vulnerable for client side prototype pollution.☆65Jan 9, 2024Updated 2 years ago
- Alternative Mimikatz LSASS DUMPER☆14Apr 2, 2020Updated 6 years ago
- ☆37Jan 17, 2024Updated 2 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- WebApp intentionally made vulnerable to Race Condition for practicing Race Condition☆25Feb 23, 2022Updated 4 years ago
- WebSocket REPL for pentesters☆235Jul 24, 2024Updated last year
- Following OWASP TOP 10 (the top ten most critical web application security risk) I decided to build an XSS Scanner.☆12Dec 12, 2022Updated 3 years ago
- An extension to use Semgrep inside Burp Suite.☆88May 23, 2025Updated 11 months ago
- tetctf2020_amf_writeups☆23Jan 3, 2021Updated 5 years ago
- REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications☆1,339Aug 7, 2025Updated 8 months ago
- Burp Extensions Api☆201Apr 15, 2026Updated 2 weeks ago