vsec7 / BurpSuite-XkeysView external linksLinks
A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.
☆309Jul 9, 2024Updated last year
Alternatives and similar repositories for BurpSuite-Xkeys
Users that are interested in BurpSuite-Xkeys are comparing it to the libraries listed below
Sorting:
- Messy BurpSuite plugin for SQL Truncation vulnerabilities.☆63Apr 17, 2020Updated 5 years ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…☆1,771Apr 26, 2024Updated last year
- It becomes the extension of Burp suite. The cookie set by the BipIP server may include a private IP, which is an extension to detect tha…☆16Dec 8, 2025Updated 2 months ago
- This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.☆164Mar 5, 2021Updated 4 years ago
- SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibil…☆156Aug 21, 2020Updated 5 years ago
- Tool for checking reflecting Parameters in a URL.☆10Aug 31, 2020Updated 5 years ago
- BBT - Bug Bounty Tools (examples💡)☆1,880Apr 5, 2024Updated last year
- ☆145Jul 25, 2022Updated 3 years ago
- SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files☆2,376May 26, 2024Updated last year
- Secret and/or credential patterns used for gf.☆243Feb 10, 2023Updated 3 years ago
- A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.☆185Nov 22, 2021Updated 4 years ago
- A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques☆735May 4, 2019Updated 6 years ago
- Burpsuite Extension to bypass 403 restricted directory☆1,667Jun 29, 2023Updated 2 years ago
- Burp Extension for easily creating Wordlists☆215Oct 5, 2021Updated 4 years ago
- Burpsuite Plugin to detect Directory Traversal vulnerabilities☆27Jul 22, 2021Updated 4 years ago
- Useful "Match and Replace" burpsuite rules☆362Sep 26, 2023Updated 2 years ago
- QUESTER is a Web Pentesting & Bug Bounty Recon tool which queries URLs / Subdomains from the given list of URLs or subdomains.☆15Aug 2, 2021Updated 4 years ago
- SSRF plugin for burp Automates SSRF Detection in all of the Request☆610Jan 20, 2021Updated 5 years ago
- A Payload Injector for bugbounties written in go☆70Jul 18, 2020Updated 5 years ago
- Command line tool for testing CRLF injection on a list of domains.☆166Apr 14, 2024Updated last year
- Pipe different tools with google dork Scanner☆56Jun 25, 2020Updated 5 years ago
- Fetches javascript file from a list of URLS or subdomains.☆834Jul 22, 2025Updated 6 months ago
- burpsuite extension for check and extract sensitive request parameter☆115Nov 29, 2020Updated 5 years ago
- HTTP file upload scanner for Burp Proxy☆492Dec 25, 2023Updated 2 years ago
- DirDar is a tool that searches for (403-Forbidden) directories to break it and get dir listing on it☆453Jan 9, 2024Updated 2 years ago
- This Repo contains wordlist for subdomain enumeration , php file path, html file path, and js file path☆107Aug 4, 2020Updated 5 years ago
- Burp Extension written in Jython to hunt for common vulnerabilities found in websites. Developed by Gaurav Narwani to help people find vu…☆250Apr 27, 2020Updated 5 years ago
- Adds a customizable "Send to..."-context-menu to your BurpSuite.☆163Nov 27, 2022Updated 3 years ago
- Hidden parameters discovery suite☆225Nov 14, 2022Updated 3 years ago
- Reestructured LemonBooster.☆47Jul 26, 2024Updated last year
- A tool for append URLs, skipping duplicates/paths & combine parameters.☆128Mar 2, 2022Updated 3 years ago
- Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist☆1,496Jan 8, 2026Updated last month
- ☆44Apr 30, 2021Updated 4 years ago
- Burp extension to generate multi-step CSRF POC.☆31Sep 23, 2019Updated 6 years ago
- Tool to automate recon☆42Dec 28, 2021Updated 4 years ago
- An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects☆971Dec 8, 2021Updated 4 years ago
- Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3☆2,059Jan 2, 2024Updated 2 years ago
- Bug Bounty stuffs, payloads, scripts, profiles, tips and tricks, ...☆148Jul 30, 2020Updated 5 years ago
- A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…☆132Feb 19, 2021Updated 4 years ago