laconicwolf / Burp-API-Scripts

Related projects: ⓘ

• dreadlocked / SSRFmap
  Simple Server Side Request Forgery services enumeration tool.
  ☆54Updated 6 years ago
• viperbluff / WAF_buster
  Disrupt WAF by abusing SSL/TLS Ciphers
  ☆48Updated 5 years ago
• gwen001 / testxss
  PHP tool to test XSS
  ☆23Updated 4 years ago
• gradiuscypher / bounty_tools
  Various tools for managing bug bounty recon and exploration.
  ☆46Updated last year
• SmeegeSec / Burp-Importer
  Burp Suite Importer - Connect to multiple web servers while populating the sitemap.
  ☆48Updated 4 years ago
• jayeshchauhan / SKANDA
  OWASP Skanda - SSRF Exploitation Framework
  ☆36Updated 11 years ago
• righettod / virtualhost-payload-generator
  BURP extension providing a set of values for the HTTP request "Host" header for the "BURP Intruder" in order to abuse virtual host resolu…
  ☆60Updated 6 years ago
• twelvesec / BearerAuthToken
  This burpsuite extender provides a solution on testing Enterprise applications that involve security Authorization tokens into every HTTP…
  ☆45Updated 5 years ago
• W00t3k / inSp3ctor
  AWS S3 Bucket/Object Finder
  ☆25Updated 6 years ago
• cheetz / generateJenkinsExploit
  ☆29Updated 6 years ago
• Static-Flow / DirectoryImporter
  This is a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an…
  ☆35Updated last year
• PortSwigger / burp-smart-buster
  A Burp Suite content discovery plugin that add the smart into the Buster!
  ☆31Updated 6 years ago
• nccgroup / Extractor
  Extension adds a new tab in Burp Suite called Extractor
  ☆42Updated 5 years ago
• ibr2 / Go-For-OSCP
  ☆18Updated 7 years ago
• ettic-team / EndpointFinder-Burp
  ☆31Updated 5 years ago
• adityaks / sparty
  Sparty - MS Sharepoint and Frontpage Auditing Tool
  ☆31Updated 10 years ago
• BountyMachine / about
  A central place to keep track of relevant BountyMachine talks, blogs, and interesting things!
  ☆33Updated 5 years ago
• zi0Black / POC-CVE-2018-0114
  This repository contains the POC of an exploit for node-jose < 0.11.0
  ☆25Updated last year
• eur0pa / goGetBucket
  A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.
  ☆26Updated 5 years ago
• tsondt / oscp
  My notebook for OSCP Lab
  ☆25Updated 7 years ago
• BishopFox / IDontSpeakSSL-deprecated
  Simple tool based on sslyze to scan large scope and provide SSL/TLS vulnerabilities
  ☆52Updated 4 years ago
• federicodotta / BurpJDSer-ng-edited
  Burp Suite plugin that allow to deserialize Java objects and convert them in an XML format. Unpack also gzip responses. Based on BurpJDSe…
  ☆20Updated 7 months ago
• smiegles / certs
  Parse X509 certificates to get the (sub)domains in it.
  ☆28Updated 6 years ago
• Intrinsec / comission
  WhiteBox CMS analysis
  ☆68Updated last year
• augustd / burp-suite-software-version-checks
  Burp extension to passively scan for applications revealing software version numbers
  ☆30Updated 3 months ago
• yehgdotnet / S3Scanner
  Scan for open S3 buckets and dump
  ☆35Updated 6 years ago
• BBerastegui / bucket-decloaker
  A simple tool to decloak/expose the bucket name behind a domain.
  ☆22Updated 4 years ago
• almroot / dnsresolvers
  A bash script that fetches and maintains thousands of DNS resolvers
  ☆65Updated 4 years ago
• the-bumble / Burp-Scanner-OOB-Checks
  This is a Burp extension for adding additional payloads to active scanner that require out-of-band validation. Works great with XSSHunter
  ☆20Updated 7 years ago
• Leoid / iOS
  ☆22Updated this week