ggg4566/BurpBountyPlus

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/ggg4566/BurpBountyPlus)

ggg4566 / BurpBountyPlus

BurpBounty 魔改版本

☆419

Alternatives and similar repositories for BurpBountyPlus

Users that are interested in BurpBountyPlus are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

SummerSec / BurpBountyProfiles
View on GitHub
BurpBounty插件的配置文件收集项目
☆144Feb 8, 2021Updated 5 years ago
zilong3033 / fastjsonScan
View on GitHub
fastjson漏洞burp插件，检测fastjson<1.2.68基于dnslog，fastjson<=1.2.24和1.2.33<=fatjson<=1.2.47的不出网检测和TomcatEcho,SpringEcho回显方案。
☆126May 14, 2021Updated 4 years ago
bit4woo / domain_hunter_pro
View on GitHub
domain_hunter的高级版本，SRC挖洞、HW打点之必备！自动化资产收集；快速Title获取；外部工具联动；等等
☆2,121Apr 10, 2026Updated last week
pmiaowu / BurpFastJsonScan
View on GitHub
一款基于BurpSuite的被动式FastJson检测插件
☆1,242Oct 1, 2022Updated 3 years ago
woodpecker-framework / woodpecker-framework-release
View on GitHub
高危漏洞精准检测与深度利用框架
☆1,461Jan 8, 2023Updated 3 years ago
Simple, predictable pricing with DigitalOcean hosting • Ad
Always know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
f0ng / autoDecoder
View on GitHub
Burp插件，根据自定义来达到对数据包的处理（适用于加解密、爆破等），类似mitmproxy，不同点在于经过了burp中转，在自动加解密的基础上，不影响APP、网站加解密正常逻辑等。
☆1,364Updated this week
pmiaowu / BurpShiroPassiveScan
View on GitHub
一款基于BurpSuite的被动式shiro检测插件
☆1,798Dec 14, 2022Updated 3 years ago
a1phaboy / FastjsonScan
View on GitHub
Fastjson扫描器，可识别版本、依赖库、autoType状态等。A tool to distinguish fastjson ,version and dependency
☆1,053Oct 7, 2022Updated 3 years ago
metaStor / SpringScan
View on GitHub
SpringScan 漏洞检测 Burp插件
☆607Nov 14, 2023Updated 2 years ago
lijiejie / swagger-exp
View on GitHub
A Swagger API Exploit
☆1,373Jun 7, 2024Updated last year
wyzxxz / jndi_tool
View on GitHub
JNDI服务利用工具 RMI/LDAP，支持部分场景回显、内存shell，高版本JDK场景下利用等，fastjson rce命令执行，log4j rce命令执行漏洞检测辅助工具
☆2,017May 21, 2024Updated last year
Daybr4ak / C2ReverseProxy
View on GitHub
一款可以在不出网的环境下进行反向代理及cs上线的工具
☆491Apr 26, 2023Updated 2 years ago
lintstar / LSTAR
View on GitHub
LSTAR - CobaltStrike 综合后渗透插件
☆1,267Jan 30, 2022Updated 4 years ago
bit4woo / burp-api-drops
View on GitHub
burp插件开发指南
☆620Aug 8, 2021Updated 4 years ago
Wordpress hosting with auto-scaling - Free Trial • Ad
Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
UzJu / Cloud-Bucket-Leak-Detection-Tools
View on GitHub
六大云存储，泄露利用检测工具
☆1,252Mar 28, 2025Updated last year
wyzxxz / aksk_tool
View on GitHub
AK资源管理工具，阿里云/腾讯云/华为云/AWS/UCLOUD/京东云/百度云/七牛云存储/火山引擎 AccessKey AccessKeySecret，利用AK获取资源信息和操作资源，ECS/CVM/E2/UHOST/ECI/BCC执行命令，OSS/COS/S3/BOS…
☆780Feb 13, 2025Updated last year
p1g3 / JSINFO-SCAN
View on GitHub
递归式寻找域名和api。
☆724Aug 3, 2023Updated 2 years ago
pmiaowu / log4j2Scan
View on GitHub
用于帮助企业内部快速扫描log4j2的jndi漏洞的burp插件
☆212Apr 18, 2023Updated 3 years ago
z2p / sweetPotato
View on GitHub
基于burpsuite的资产分析工具
☆476Apr 29, 2023Updated 2 years ago
chennqqi / godnslog
View on GitHub
An exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability
☆470Sep 16, 2023Updated 2 years ago
jweny / pocassist
View on GitHub
傻瓜式漏洞PoC测试框架
☆1,442Oct 30, 2023Updated 2 years ago
fofapro / Hosts_scan
View on GitHub
这是一个用于IP和域名碰撞匹配访问的小工具，旨意用来匹配出渗透过程中需要绑定hosts才能访问的弱主机或内部系统。
☆1,194Apr 30, 2019Updated 6 years ago
Acmesec / Sylas
View on GitHub
新一代子域名主/被动收集工具 - Subdomain automatic/passive collection tool
☆501Oct 9, 2022Updated 3 years ago
Simple, predictable pricing with DigitalOcean hosting • Ad
Always know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
winezer0 / whatweb-plus
View on GitHub
whatweb 增强版 8000+插件（提供windows可执行文件）
☆27Jul 10, 2025Updated 9 months ago
c0ny1 / passive-scan-client
View on GitHub
Burp被动扫描流量转发插件
☆1,459Jun 17, 2024Updated last year
yuyan-sec / druid_sessions
View on GitHub
获取 alibaba druid 一些 sessions , sql , urls
☆320Apr 4, 2025Updated last year
LandGrey / spring-boot-upload-file-lead-to-rce-tricks
View on GitHub
spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧
☆754Apr 14, 2021Updated 5 years ago
threedr3am / JSP-WebShells
View on GitHub
Collect JSP webshell of various implementation methods. 梳理和发现的JSP Webshell各种姿势
☆1,405Jan 18, 2022Updated 4 years ago
safe6Sec / PentestDB
View on GitHub
各种数据库的利用姿势
☆1,034Jan 3, 2025Updated last year
feihong-cs / Java-Rce-Echo
View on GitHub
Java RCE 回显测试代码
☆1,017Oct 15, 2020Updated 5 years ago
f0ng / log4j2burpscanner
View on GitHub
CVE-2021-44228 Log4j2 BurpSuite Scanner,Customize ceye.io api or other apis,including internal networks
☆841Jun 13, 2023Updated 2 years ago
exp1orer / JNDI-Inject-Exploit
View on GitHub
解决FastJson、Jackson、Log4j2、原生JNDI注入漏洞的高版本JDKBypass利用，探测本地可用反序列化gadget达到命令执行、回显命令执行、内存马注入
☆775Jan 26, 2022Updated 4 years ago
1-Click AI Models by DigitalOcean Gradient • Ad
Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
AlphabugX / Alphalog
View on GitHub
DNSLOG、httplog、rmilog、ldaplog、jndi 等都支持,完全匿名产品(fuzz.red)，Alphalog与传统DNSLog不同，更快、更安全。
☆457Aug 20, 2025Updated 7 months ago
keven1z / weblogic_memshell
View on GitHub
适用于weblogic和Tomcat的无文件的内存马(memshell)
☆271Mar 4, 2022Updated 4 years ago
wyzxxz / heapdump_tool
View on GitHub
heapdump敏感信息查询工具，例如查找 spring heapdump中的密码明文，AK,SK等
☆1,444May 21, 2024Updated last year
bigsizeme / fastjson-check
View on GitHub
fastjson 被动扫描、不出网payload生成
☆368Nov 19, 2021Updated 4 years ago
czz1233 / GBByPass
View on GitHub
冰蝎哥斯拉 WebShell bypass
☆767Jan 15, 2026Updated 3 months ago
f0ng / poc2jar
View on GitHub
Java编写，Python作为辅助依赖的漏洞验证、利用工具，添加了进程查找模块、编码模块、命令模块、常见漏洞利用GUI模块、shiro rememberMe解密模块，加快测试效率
☆762Feb 25, 2024Updated 2 years ago
xz-zone / Webpackfind
View on GitHub
Webpack自动化信息收集
☆314Feb 20, 2023Updated 3 years ago