snoopysecurity / awesome-burp-extensionsLinks
A curated list of amazingly awesome Burp Extensions
☆3,354Updated 11 months ago
Alternatives and similar repositories for awesome-burp-extensions
Users that are interested in awesome-burp-extensions are comparing it to the libraries listed below
Sorting:
- A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…☆3,892Updated 4 years ago
- A python script that finds endpoints in JavaScript files☆4,254Updated last year
- Automatic SSRF fuzzer and exploitation tool☆3,473Updated 4 months ago
- ☆2,312Updated 2 years ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…☆1,768Updated last year
- HTTP parameter discovery suite.☆6,069Updated 11 months ago
- File upload vulnerability scanner and exploitation tool.☆3,299Updated 8 months ago
- "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.☆5,530Updated 11 months ago
- A Tool for Domain Flyovers☆5,891Updated 3 years ago
- Notes about attacking Jenkins servers☆2,093Updated last year
- SSRF (Server Side Request Forgery) testing resources☆2,481Updated last year
- ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.☆2,235Updated 3 weeks ago
- Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.☆4,805Updated last year
- Server-Side Template Injection and Code Injection Detection and Exploitation Tool☆4,111Updated last year
- Fetch all the URLs that the Wayback Machine knows about for a domain☆4,290Updated last year
- Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.☆6,023Updated last year
- Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing☆2,968Updated last year
- The Swiss Army knife for automated Web Application Testing☆2,318Updated last year
- Generates permutations, alterations and mutations of subdomains and then resolves them☆2,462Updated last year
- EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.☆5,623Updated 3 weeks ago
- This script is intended to automate your reconnaissance process in an organized fashion☆2,006Updated 4 years ago
- 🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.☆4,806Updated last week
- Potentially dangerous files☆3,266Updated 5 months ago
- The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, f…☆4,344Updated last year
- Rockyou for web fuzzing☆2,998Updated 5 months ago
- Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature☆4,056Updated last year
- This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for …☆3,620Updated this week
- Automated & Manual Wordlists provided by Assetnote☆1,593Updated last month
- Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3☆2,058Updated 2 years ago
- Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner☆1,903Updated 3 years ago