#burpsuite




GatherContacts
Burp Suite extension to pull employee names from Google and Bing LinkedIn search results.








JSpector
Burp Suite extension to crawl JS files in passive mode and display the results on the issues.

Pentest Mapper
Burp Suite extension for application pentest to write test cases and map flows and vulnerabilities.




Highlighter and Extractor
Collect, categorize and highlight requests and/or responses according to their content.

burp-exporter
Copy a Burp Suite request to a file or the clipboard as multiple programming languages functions.






H1 Report Finder
A burpsuite extension to find security reports published on HackerOne based on the selected host.


BurpSuiteHTTPSmuggler
A Burp Suite extension to bypass WAFs or test their effectiveness using a number of techniques.


Burp NTLM Challenge Decoder
Burp extension to decode NTLM SSP headers and extract domain/host information.

Dangerous Methods
A Burp Suite extension for finding the use of potentially dangerous methods/functions.

Freddy Deserialization Bug Finder
A Burp Suite extension to aid in detecting and exploiting serialisation libraries/APIs.

SqlmapDnsCollaborator
Lets you use Burp Collaborator as a DNS server for exfiltrating data via Sqlmap.














Dastardly Scan Action
Runs a scan using Dastardly by Burp Suite against a target site and generates a report.


scan-check-builder
Burp Suite extension which helps to improve the active and passive scanner by yourself.




Collaborator Everywhere
Burp Suite extension which injects non-invasive headers to reveal backend systems.

HTTP Request Smuggler
Extension for Burp Suite designed to help you launch HTTP Request Smuggling attacks.













Headless Burp
Provides a suite of extensions and a maven plugin to automate security tests using Burp Suite.





Burp-AnonymousCloud
Performs passive scan to identify buckets and test them for publicly accessible vulnerabilities.



Xss-Sql-Fuzz
Burp Suite plugin for XSS and SQLi which add our payload to all parameters with one click.

xssValidator
A Burp Intruder extender designed for automation and validation of XSS vulnerabilities.







Turbo Intruder
Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.







IntruderPayloads
Payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.

param-miner
Identifies hidden, unlinked parameters, useful for finding web cache poisoning vulnerabilities.





Burp Suite
The class-leading vulnerability scanning, penetration testing, and web app security platform.