A vast collection of security tools for bug bounty, pentest and red teaming

#burpsuite

82 results
nuclei-burp-plugin on offsec.tools
Sponsor
nuclei-burp-plugin

A Burp Suite plugin intended to help with Nuclei template generation.

#burpsuite   #scanner  

Pentest Mapper on offsec.tools
Pentest Mapper

Burp Suite extension for application pentest to write test cases and map flows and vulnerabilities.

#burpsuite   #mapping   #vulnerabilities  

PyCript on offsec.tools
PyCript

Bypass client-side encryption using custom logic for testing with Python and NodeJS.

#burpsuite   #cryptography   #encryption  

PwnFox on offsec.tools
PwnFox

A Firefox/Burp Suite extension that provide usefull tools for your security audit.

#browser   #burpsuite   #firefox  

Agartha on offsec.tools
Agartha

Burp Suite extension for dynamic payload generation to detect injection flaws.

#burpsuite   #lfi   #payloads   #rce   #sqli   #xss  

Highlighter and Extractor on offsec.tools
Highlighter and Extractor

Collect, categorize and highlight requests and/or responses according to their content.

#burpsuite   #regexp   #requests  

burp-exporter on offsec.tools
burp-exporter

Copy a Burp Suite request to a file or the clipboard as multiple programming languages functions.

#burpsuite   #export   #http   #requests   #utils  

Trishul on offsec.tools
Trishul

Burp Suite Extension to hunt for common vulnerabilities found in websites.

#burpsuite   #scanner   #vulnerabilities  

ATOR on offsec.tools
ATOR

Authentication Token Obtain and Replace Extender.

#auth   #burpsuite   #cookies   #scanner  

safecopy on offsec.tools
safecopy

Burp Extension for copying requests safely.

#burpsuite   #headers   #http   #requests  

malicious-pdf on offsec.tools
malicious-pdf

Generates a bunch of malicious pdf files with phone-home functionality.

#burpsuite   #exploits   #pdf   #phones  

H1 Report Finder on offsec.tools
H1 Report Finder

A burpsuite extension to find security reports published on HackerOne based on the selected host.

#burpsuite   #hackerone   #reports  

cstc on offsec.tools
cstc

Burp Suite extension that allows request/response modification using a GUI.

#burpsuite   #cryptography   #hash   #passwords  

Request Highlighter on offsec.tools
Request Highlighter

Burp Suite extension that automatically highlights different HTTP requests.

#burpsuite   #requests  

BurpSuiteHTTPSmuggler on offsec.tools
BurpSuiteHTTPSmuggler

A Burp Suite extension to bypass WAFs or test their effectiveness using a number of techniques.

#burpsuite   #hrs   #vulnerabilities  

domain_hunter on offsec.tools
domain_hunter

Try to find all subdomains, similar-domains and related-domains of an organization.

#burpsuite   #domains   #subdomains  

Burp NTLM Challenge Decoder on offsec.tools
Burp NTLM Challenge Decoder

Burp extension to decode NTLM SSP headers and extract domain/host information.

#burpsuite   #ntlm   #windows  

Dangerous Methods on offsec.tools
Dangerous Methods

A Burp Suite extension for finding the use of potentially dangerous methods/functions.

#angular   #burpsuite   #javascript   #jquery   #react   #vuejs  

Freddy Deserialization Bug Finder on offsec.tools
Freddy Deserialization Bug Finder

A Burp Suite extension to aid in detecting and exploiting serialisation libraries/APIs.

#burpsuite   #deserialization   #dotnet   #java  

BurpSmartBuster on offsec.tools
BurpSmartBuster

A Burp Suite content discovery plugin that add the smart into the Buster.

#burpsuite   #directories   #endpoints  

AWS security checks on offsec.tools
AWS security checks

This Burp Suite provides additional Scanner checks for AWS security issues.

#aws   #buckets   #burpsuite   #cloud   #scanner  

bypasswaf on offsec.tools
bypasswaf

Add headers to all Burp requests to bypass some WAF products.

#burpsuite   #firewall  

SqlmapDnsCollaborator on offsec.tools
SqlmapDnsCollaborator

Lets you use Burp Collaborator as a DNS server for exfiltrating data via Sqlmap.

#burpsuite   #dns   #sqli   #sqlmap  

burp-vulners-scanner on offsec.tools
burp-vulners-scanner

Vulnerability scanner based on vulners.com search API.

#burpsuite   #cves   #scanner   #vulnerabilities  

Auth Analyzer on offsec.tools
Auth Analyzer

The Burp extension helps you to find authorization bugs.

#auth   #burpsuite   #cookies   #cors   #csrf  

AuthMatrix on offsec.tools
AuthMatrix

Provides a simple way to test authorization in web applications and web services.

#auth   #burpsuite   #webservices  

OpenAPI on offsec.tools
OpenAPI

Parse OpenAPI specifications into the BurpSuite for automating RESTful API testing.

#api   #burpsuite   #swagger  

Burp WP on offsec.tools
Burp WP

Find known vulnerabilities in WordPress plugins and themes, WPScan like plugin for Burp.

#burpsuite   #cms   #scanner   #wordpress  

Burp Extender API on offsec.tools
Burp Extender API

Burp Extender API.

#api   #burpsuite   #resources  

sqlipy on offsec.tools
sqlipy

Python plugin for Burp Suite that integrates SQLMap using the SQLMap API.

#burpsuite   #sqli   #sqlmap  

Distribute Damage on offsec.tools
Distribute Damage

Evenly distributes scanner load across targets.

#burpsuite   #scanner  

Hackvertor on offsec.tools
Hackvertor

Tag based conversion tool written in Java implemented as a Burp Suite extension.

#burpsuite   #payloads  

J2EEScan on offsec.tools
J2EEScan

Improve the test coverage during web application penetration tests on J2EE applications.

#burpsuite   #j2ee   #scanner  

Replicator on offsec.tools
Replicator

Burp Suite extension to help developers replicate findings from pentests.

#burpsuite   #reports  

scan-check-builder on offsec.tools
scan-check-builder

Burp Suite extension which helps to improve the active and passive scanner by yourself.

#burpsuite   #scanner  

Dastardly Scan Action on offsec.tools
Dastardly Scan Action

Runs a scan using Dastardly by Burp Suite against a target site and generates a report.

#burpsuite   #reports   #scanner  

JWT4B on offsec.tools
JWT4B

JWT Support for Burp Suite.

#burpsuite   #jwt   #passwords  

HTTPoxy Scanner on offsec.tools
HTTPoxy Scanner

A Burp Suite extension that checks for the HTTPoxy vulnerability.

#burpsuite   #httpoxy   #scanner   #vulnerabilities  

Stepper on offsec.tools
Stepper

A natural evolution of Burp Suite's Repeater tool.

#burpsuite   #regexp  

authz on offsec.tools
authz

Burp Suite plugin to test for authorization flaws.

#auth   #burpsuite  

Shelling on offsec.tools
Shelling

A comprehensive OS command injection payload generator.

#burpsuite   #fuzzing   #rce   #shell  

JOSEPH on offsec.tools
JOSEPH

JavaScript Object Signing and Encryption Pentesting Helper.

#burpsuite   #jwt   #passwords  

IPRotate on offsec.tools
IPRotate

Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.

#aws   #burpsuite   #firewall   #ips  

OAUTHScan on offsec.tools
OAUTHScan

Burp Suite Extension useful to verify OAUTHv2 and OpenID security.

#auth   #burpsuite   #openid  

Autowasp on offsec.tools
Autowasp

A one-stop pentesting checklist and logger tool.

#burpsuite   #logs   #owasp  

UploadScanner on offsec.tools
UploadScanner

HTTP file upload scanner for Burp Proxy.

#burpsuite   #fileupload   #scanner   #vulnerabilities  

Hackability on offsec.tools
Hackability

Probe a rendering engine for vulnerabilities and other features.

#burpsuite   #fingerprint  

Collaborator Everywhere on offsec.tools
Collaborator Everywhere

Burp Suite extension which injects non-invasive headers to reveal backend systems.

#backend   #burpsuite  

HTTP Request Smuggler on offsec.tools
HTTP Request Smuggler

Extension for Burp Suite designed to help you launch HTTP Request Smuggling attacks.

#burpsuite   #hrs  

BurpBeautifier on offsec.tools
BurpBeautifier

Burpsuite extension for beautifying request/response body.

#burpsuite   #html   #javascript   #json   #xml  

JSONBeautifier on offsec.tools
JSONBeautifier

JSON Beautifier for Burp written in Java.

#burpsuite   #json  

WSDL Wizard on offsec.tools
WSDL Wizard

Burp Suite plugin to detect current and discover new WSDL files.

#burpsuite   #webservices   #wsdl  

Logger++ on offsec.tools
Logger++

Log activities of all the tools in Burp Suite.

#burpsuite   #logs  

Headless Burp on offsec.tools
Headless Burp

Provides a suite of extensions and a maven plugin to automate security tests using Burp Suite.

#burpsuite  

Flow on offsec.tools
Flow

Provides view with filtering capabilities for all requests from all Burp Suite tools.

#burpsuite  

AutoRepeater on offsec.tools
AutoRepeater

Automated HTTP Request Repeating With Burp Suite.

#burpsuite  

BurpSentinel on offsec.tools
BurpSentinel

GUI Burp Plugin to ease discovering of security holes in web applications.

#burpsuite   #payloads   #sqli   #vulnerabilities   #xss  

ActiveScan++ on offsec.tools
ActiveScan++

Extends Burp Suite's active and passive scanning capabilities.

#burpsuite   #scanner  

backslash-powered-scanner on offsec.tools
backslash-powered-scanner

Finds unknown classes of injection vulnerabilities.

#burpsuite   #scanner   #vulnerabilities  

jwt-heartbreaker on offsec.tools
jwt-heartbreaker

Burp Suite extension to check JWT for using keys from known from public sources.

#burpsuite   #jwt   #passwords  

Burp-AnonymousCloud on offsec.tools
Burp-AnonymousCloud

Performs passive scan to identify buckets and test them for publicly accessible vulnerabilities.

#aws   #azure   #buckets   #burpsuite   #cloud   #google   #subdomains   #subto  

Xss-Sql-Fuzz on offsec.tools
Xss-Sql-Fuzz

Burp Suite plugin for XSS and SQLi which add our payload to all parameters with one click.

#burpsuite   #payloads   #sqli   #xss  

rexsser on offsec.tools
rexsser

Burp Suite plugin that extracts keywords from response using and test for reflected XSS.

#burpsuite   #xss  

BitBlinder on offsec.tools
BitBlinder

Injects custom XSS payloads on every form/request submitted to detect blind XSS.

#burpsuite   #payloads   #vulnerabilities   #xss  

Femida on offsec.tools
Femida

Automated blind-xss search for Burp Suite.

#burpsuite   #oob   #vulnerabilities   #xss  

xssValidator on offsec.tools
xssValidator

A Burp Intruder extender designed for automation and validation of XSS vulnerabilities.

#burpsuite   #vulnerabilities   #xss  

SQLTruncSanner on offsec.tools
SQLTruncSanner

Messy BurpSuite plugin for SQL Truncation vulnerabilities.

#burpsuite   #scanner   #sqli   #vulnerabilities  

MSSQLi-DUET on offsec.tools
MSSQLi-DUET

SQL injection script for Microsoft SQL Server.

#burpsuite   #firewall   #mssql   #sqli   #sqlserver   #vulnerabilities  

SleuthQL on offsec.tools
SleuthQL

Burp History parsing tool to discover potential SQL injection points.

#burpsuite   #sqli  

Turbo Intruder on offsec.tools
Turbo Intruder

Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.

#burpsuite   #http  

Autorize on offsec.tools
Autorize

Automatic authorization enforcement detection extension for Burp Suite.

#authorization   #burpsuite   #permissions  

GadgetProbe on offsec.tools
GadgetProbe

Probe endpoints consuming Java serialized objects for fingerprinting.

#burpsuite   #deserialization   #endpoints   #fingerprint   #java  

GraphQL Beautifier on offsec.tools
GraphQL Beautifier

Burp Suite extension to help make Graphql request more readable.

#burpsuite   #graphql  

InQL on offsec.tools
InQL

Burp Extension for GraphQL Security Testing.

#burpsuite   #graphql   #scanner  

BurpBounty on offsec.tools
BurpBounty

Improve the active and passive Burp Suite scanner by means of custom rules through GUI.

#burpsuite   #scanner  

off-by-slash on offsec.tools
off-by-slash

Burp extension to detect alias traversal via NGINX misconfiguration at scale.

#burpsuite   #scanner   #vulnerabilities  

IntruderPayloads on offsec.tools
IntruderPayloads

Payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.

#burpsuite   #fuzzing   #owasp   #resources   #wordlists  

param-miner on offsec.tools
param-miner

Identifies hidden, unlinked parameters, useful for finding web cache poisoning vulnerabilities.

#burpsuite   #parameters  

BurpJSLinkFinder on offsec.tools
BurpJSLinkFinder

Burp Extension for a passive scanning JS files for endpoint links.

#burpsuite   #endpoints   #javascript  

GAP on offsec.tools
GAP

A Burp Suite extension to find potential endpoints and parameters.

#burpsuite   #endpoints   #parameters  

DataExtractor on offsec.tools
DataExtractor

A Burp Suite extension to extract data from source code while browsing.

#burpsuite   #endpoints   #regexp   #secrets   #subdomains  

Burp Suite on offsec.tools
Burp Suite

The class-leading vulnerability scanning, penetration testing, and web app security platform.

#allinone   #burpsuite   #cves   #fuzzing   #proxy   #scanner