Alternatives and similar repositories for burp-multistep-csrf-poc

Users that are interested in burp-multistep-csrf-poc are comparing it to the libraries listed below

• j3ssie / str-replace

  View on GitHub
  Simple tools to handle string and generate subdomain permutations
  ☆15Jun 8, 2022Updated 3 years ago
• thomashartm / burp-aem-scanner

  View on GitHub
  Burp Scanner extension to fingerprint and actively scan instances of the Adobe Experience Manager CMS. It checks the website for common m…
  ☆75Mar 22, 2024Updated last year
• mgeeky / burpContextAwareFuzzer

  View on GitHub
  BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JS…
  ☆40Mar 15, 2021Updated 4 years ago
• minamo7sen / burp-JS-Miner

  View on GitHub
  This tool tries to find interesting stuff inside static files; mainly JavaScript and JSON files.
  ☆57May 30, 2023Updated 2 years ago
• Senanfurkan / Chaos-Recon

  View on GitHub
  This little script for gathering chaos.projectdiscovery.io recon data in an organized way and finding the daily differences on it
  ☆18Aug 9, 2020Updated 5 years ago
• lorenzog / burpAddCustomHeader

  View on GitHub
  A Burp Suite extension to add a custom header (e.g. JWT)
  ☆20Dec 9, 2021Updated 4 years ago
• h1pmnh / bcstats

  View on GitHub
  A tool to download program information from Bugcrowd, for use by researchers to compare programs they are eligible to participate in
  ☆21Dec 22, 2022Updated 3 years ago
• Sjord / messpostage

  View on GitHub
  PostMessage extension
  ☆102Aug 28, 2019Updated 6 years ago
• Static-Flow / ParameterMiner

  View on GitHub
  Built on a lazy Sunday after seeing this tweet (https://twitter.com/intigriti/status/1272145863868104705?s=20) I present to you, Paramete…
  ☆51Jun 14, 2020Updated 5 years ago
• pelaohxc / postMessageFinder

  View on GitHub
  ☆36Jul 15, 2020Updated 5 years ago
• honoki / tools

  View on GitHub
  A collection of simple tools and poc-builders
  ☆39Jul 22, 2025Updated 6 months ago
• ricardojba / poi-slinger

  View on GitHub
  Automatically identify serialization issues in PHP Frameworks by means of an Burp Suite active scan
  ☆42Jul 7, 2025Updated 7 months ago
• tehryanx / sprawl

  View on GitHub
  Expand urls into one url for each path depth
  ☆32Jul 29, 2020Updated 5 years ago
• soufianetahiri / MagentoScanner

  View on GitHub
  Magento Security Scanner
  ☆13Jan 10, 2022Updated 4 years ago
• Roni-Carta / onhandlers

  View on GitHub
  ☆13Feb 18, 2022Updated 3 years ago
• mrnitesh / WSDL

  View on GitHub
  It contain google dork to find the wsdl file.
  ☆13May 27, 2020Updated 5 years ago
• kondukto-io / semgrep-rules

  View on GitHub
  Custom semgrep rules registry
  ☆14Aug 23, 2022Updated 3 years ago
• YashGoti / gal

  View on GitHub
  Get all possible href | src | url from target url or domain
  ☆40Aug 5, 2020Updated 5 years ago
• bp0lr / linkz

  View on GitHub
  ☆11Dec 25, 2020Updated 5 years ago
• zeronine9 / Blind_SPOT

  View on GitHub
  Blind spot is a python tool for blind injection vulnerabilities , SQLi time based , Command injection , code injection , SSTI
  ☆26Jan 6, 2021Updated 5 years ago
• yukselberkay / asnap

  View on GitHub
  asnap aims to render recon phase easier by providing updated data about which companies owns which ipv4 or ipv6 addresses and allows the …
  ☆25Jan 6, 2021Updated 5 years ago
• strozfriedberg / BlazorTrafficProcessor

  View on GitHub
  ☆30Oct 20, 2023Updated 2 years ago
• payloadartist / recon

  View on GitHub
  NodeJS script to extract assets for the Apple bug bounty program from their security acknowledgments page for bug bounty recon.
  ☆78Nov 5, 2022Updated 3 years ago
• dumorewithcode / purl

  View on GitHub
  ☆38Aug 27, 2022Updated 3 years ago
• redcode-labs / UnChain

  View on GitHub
  A tool to find redirection chains in multiple URLs
  ☆78Jan 1, 2025Updated last year
• topavankumarj / Vulnerable-OAuth2.0-Application

  View on GitHub
  ☆10Dec 8, 2022Updated 3 years ago
• pwnpanda / ParamCleaner

  View on GitHub
  Removes duplicate entries from a file, resulting in only unique parameter combinations. Useful for parsing waybackurls and making recon m…
  ☆11May 31, 2020Updated 5 years ago
• ReversecLabs / FixerUpper

  View on GitHub
  A Burp extension to enable modification of FIX messages when relayed from MitM_Relay
  ☆15Feb 10, 2023Updated 3 years ago
• YashGoti / recon-lit

  View on GitHub
  Advanced Sub-domain Enumerator
  ☆10Mar 14, 2020Updated 5 years ago
• sickuritywizard / recon-007

  View on GitHub
  Bug Bounty tool to automate the recon process.
  ☆12Oct 4, 2023Updated 2 years ago
• 0x4rk0 / github-cred-scraper

  View on GitHub
  Scraping creds using Github API and truffleHog
  ☆11Dec 13, 2023Updated 2 years ago
• ameenmaali / qsinject

  View on GitHub
  qsinject (Query String Inject) is a tool that allows you to quickly substitute query string values with regex matches, one-at-a-time.
  ☆30May 6, 2020Updated 5 years ago
• bonino97 / LemonBooster-v2

  View on GitHub
  Reestructured LemonBooster.
  ☆47Jul 26, 2024Updated last year
• xxux11 / http-methods-discloser

  View on GitHub
  ☆44Apr 30, 2021Updated 4 years ago
• righettod / burp-piper-custom-scripts

  View on GitHub
  Custom scripts for the PIPER Burp extensions.
  ☆98Sep 24, 2023Updated 2 years ago
• thehackerish / GWTab

  View on GitHub
  BurpSuite extension that helps find user input in a GWT body.
  ☆12May 29, 2020Updated 5 years ago
• random-robbie / wayback-saver

  View on GitHub
  Saves pages to Wayback machine
  ☆12Dec 2, 2024Updated last year
• Neolex-Security / WaybackRust

  View on GitHub
  WaybackRust is a tool written in Rust to query the WaybackMachine.
  ☆13Jul 18, 2025Updated 6 months ago
• sdcampbell / phpLFI

  View on GitHub
  Tests for LFI in PHP apps and automates the process of leveraging LFI's to recursively download source code and discover new files via in…
  ☆13Sep 29, 2022Updated 3 years ago