#burpsuite

nuclei-burp-plugin on offsec.tools

Sponsor

nuclei-burp-plugin

A Burp Suite plugin intended to help with Nuclei template generation.

#burpsuite #scanner

AutoRepeater on offsec.tools

Featured

AutoRepeater

Automated HTTP Request Repeating With Burp Suite.

Scavenger on offsec.tools

Scavenger

Burp Suite extension to create target specific and tailored wordlist from burp history.

#burpsuite #wordlists

GatherContacts on offsec.tools

GatherContacts

Burp Suite extension to pull employee names from Google and Bing LinkedIn search results.

#burpsuite #google #linkedin #osint #usernames

BurpGPT on offsec.tools

BurpGPT

A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan.

#burpsuite #gpt #scanner

AndroSet on offsec.tools

AndroSet

Manage Burp Suite certificate in Android to redirect all traffic to Burp Suite.

#android #burpsuite #utils

co2 on offsec.tools

co2

A collection of enhancements for Portswigger's popular Burp Suite web penetration testing tool.

#burpsuite #scanner

json-web-tokens on offsec.tools

json-web-tokens

JSON Web Tokens Support for Burp Suite.

#burpsuite #json

403-bypasser on offsec.tools

403-bypasser

A Burp Suite extension made to automate the process of bypassing 403 pages.

#authorization #burpsuite #bypass

additional-scanner-checks on offsec.tools

additional-scanner-checks

Collection of scanner checks missing in Burp.

#burpsuite #scanner #vulnerabilities

csrf-scanner on offsec.tools

csrf-scanner

CSRF Scanner Extension for Burp Suite Pro.

#burpsuite #csrf

JSpector on offsec.tools

JSpector

Burp Suite extension to crawl JS files in passive mode and display the results on the issues.

#burpsuite #endpoints #javascript #parser #regexp

Pentest Mapper on offsec.tools

Pentest Mapper

Burp Suite extension for application pentest to write test cases and map flows and vulnerabilities.

#burpsuite #mapping #vulnerabilities

PyCript on offsec.tools

PyCript

Bypass client-side encryption using custom logic for testing with Python and NodeJS.

#burpsuite #cryptography #encryption

PwnFox on offsec.tools

PwnFox

A Firefox/Burp Suite extension that provide usefull tools for your security audit.

#browser #burpsuite #firefox

Agartha on offsec.tools

Agartha

Burp Suite extension for dynamic payload generation to detect injection flaws.

#burpsuite #lfi #payloads #rce #sqli #xss

Highlighter and Extractor on offsec.tools

Highlighter and Extractor

Collect, categorize and highlight requests and/or responses according to their content.

#burpsuite #regexp #requests

burp-exporter on offsec.tools

burp-exporter

Copy a Burp Suite request to a file or the clipboard as multiple programming languages functions.

#burpsuite #export #http #requests #utils

Trishul on offsec.tools

Trishul

Burp Suite Extension to hunt for common vulnerabilities found in websites.

#burpsuite #scanner #vulnerabilities

ATOR on offsec.tools

ATOR

Authentication Token Obtain and Replace Extender.

#authentication #burpsuite #cookies #scanner

safecopy on offsec.tools

safecopy

Burp Extension for copying requests safely.

#burpsuite #headers #http #requests

malicious-pdf on offsec.tools

malicious-pdf

Generates a bunch of malicious pdf files with phone-home functionality.

#burpsuite #exploits #pdf #phones

cstc on offsec.tools

cstc

Burp Suite extension that allows request/response modification using a GUI.

#burpsuite #cryptography #hash #passwords

H1 Report Finder on offsec.tools

H1 Report Finder

A burpsuite extension to find security reports published on HackerOne based on the selected host.

#burpsuite #hackerone #reports

Request Highlighter on offsec.tools

Request Highlighter

Burp Suite extension that automatically highlights different HTTP requests.

#burpsuite #requests

BurpSuiteHTTPSmuggler on offsec.tools

BurpSuiteHTTPSmuggler

A Burp Suite extension to bypass WAFs or test their effectiveness using a number of techniques.

#burpsuite #hrs #vulnerabilities

domain_hunter on offsec.tools

domain_hunter

Try to find all subdomains, similar-domains and related-domains of an organization.

#burpsuite #domains #subdomains

Burp NTLM Challenge Decoder on offsec.tools

Burp NTLM Challenge Decoder

Burp extension to decode NTLM SSP headers and extract domain/host information.

#burpsuite #ntlm #windows

Dangerous Methods on offsec.tools

Dangerous Methods

A Burp Suite extension for finding the use of potentially dangerous methods/functions.

#angular #burpsuite #javascript #jquery #react #vuejs

Freddy Deserialization Bug Finder on offsec.tools

Freddy Deserialization Bug Finder

A Burp Suite extension to aid in detecting and exploiting serialisation libraries/APIs.

#burpsuite #deserialization #dotnet #java

SqlmapDnsCollaborator on offsec.tools

SqlmapDnsCollaborator

Lets you use Burp Collaborator as a DNS server for exfiltrating data via Sqlmap.

#burpsuite #dns #sqli #sqlmap

bypasswaf on offsec.tools

bypasswaf

Add headers to all Burp requests to bypass some WAF products.

#burpsuite #firewall

AWS security checks on offsec.tools

AWS security checks

This Burp Suite provides additional Scanner checks for AWS security issues.

#aws #buckets #burpsuite #cloud #scanner

BurpSmartBuster on offsec.tools

BurpSmartBuster

A Burp Suite content discovery plugin that add the smart into the Buster.

#burpsuite #directories #endpoints

burp-vulners-scanner on offsec.tools

burp-vulners-scanner

Vulnerability scanner based on vulners.com search API.

#burpsuite #cves #scanner #vulnerabilities

Auth Analyzer on offsec.tools

Auth Analyzer

The Burp extension helps you to find authorization bugs.

#authorization #burpsuite #cookies #cors #csrf

AuthMatrix on offsec.tools

AuthMatrix

Provides a simple way to test authorization in web applications and web services.

#authorization #burpsuite #webservices

OpenAPI on offsec.tools

OpenAPI

Parse OpenAPI specifications into the BurpSuite for automating RESTful API testing.

#api #burpsuite #swagger

Burp Extender API on offsec.tools

Burp Extender API

Burp Extender API.

#api #burpsuite #resources

Burp WP on offsec.tools

Burp WP

Find known vulnerabilities in WordPress plugins and themes, WPScan like plugin for Burp.

#burpsuite #cms #scanner #wordpress

sqlipy on offsec.tools

sqlipy

Python plugin for Burp Suite that integrates SQLMap using the SQLMap API.

#burpsuite #sqli #sqlmap

HTTPoxy Scanner on offsec.tools

HTTPoxy Scanner

A Burp Suite extension that checks for the HTTPoxy vulnerability.

#burpsuite #scanner #vulnerabilities

Stepper on offsec.tools

Stepper

A natural evolution of Burp Suite's Repeater tool.

#burpsuite #regexp

JWT4B on offsec.tools

JWT4B

JWT Support for Burp Suite.

#burpsuite #jwt #passwords

Dastardly Scan Action on offsec.tools

Dastardly Scan Action

Runs a scan using Dastardly by Burp Suite against a target site and generates a report.

#burpsuite #reports #scanner

Replicator on offsec.tools

Replicator

Burp Suite extension to help developers replicate findings from pentests.

#burpsuite #reports

scan-check-builder on offsec.tools

scan-check-builder

Burp Suite extension which helps to improve the active and passive scanner by yourself.

#burpsuite #scanner

Distribute Damage on offsec.tools

Distribute Damage

Evenly distributes scanner load across targets.

#burpsuite #scanner

J2EEScan on offsec.tools

J2EEScan

Improve the test coverage during web application penetration tests on J2EE applications.

#burpsuite #j2ee #scanner

Hackvertor on offsec.tools

Hackvertor

Tag based conversion tool written in Java implemented as a Burp Suite extension.

#burpsuite #payloads

Collaborator Everywhere on offsec.tools

Collaborator Everywhere

Burp Suite extension which injects non-invasive headers to reveal backend systems.

#backend #burpsuite

HTTP Request Smuggler on offsec.tools

HTTP Request Smuggler

Extension for Burp Suite designed to help you launch HTTP Request Smuggling attacks.

#burpsuite #hrs

Hackability on offsec.tools

Hackability

Probe a rendering engine for vulnerabilities and other features.

#burpsuite #fingerprint

UploadScanner on offsec.tools

UploadScanner

HTTP file upload scanner for Burp Proxy.

#burpsuite #fileupload #scanner #vulnerabilities

Autowasp on offsec.tools

Autowasp

A one-stop pentesting checklist and logger tool.

#burpsuite #logs #owasp

OAUTHScan on offsec.tools

OAUTHScan

Burp Suite Extension useful to verify OAUTHv2 and OpenID security.

#authentication #burpsuite #openid

IPRotate on offsec.tools

IPRotate

Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.

#aws #burpsuite #firewall #ips

JOSEPH on offsec.tools

JOSEPH

JavaScript Object Signing and Encryption Pentesting Helper.

#burpsuite #jwt #passwords

Shelling on offsec.tools

Shelling

A comprehensive OS command injection payload generator.

#burpsuite #fuzzing #rce #shell

authz on offsec.tools

authz

Burp Suite plugin to test for authorization flaws.

#authorization #burpsuite

BurpBeautifier on offsec.tools

BurpBeautifier

Burpsuite extension for beautifying request/response body.

#burpsuite #html #javascript #json #xml

Logger++ on offsec.tools

Logger++

Log activities of all the tools in Burp Suite.

#burpsuite #logs

WSDL Wizard on offsec.tools

WSDL Wizard

Burp Suite plugin to detect current and discover new WSDL files.

#burpsuite #webservices #wsdl

JSONBeautifier on offsec.tools

JSONBeautifier

JSON Beautifier for Burp written in Java.

#burpsuite #json

Headless Burp on offsec.tools

Headless Burp

Provides a suite of extensions and a maven plugin to automate security tests using Burp Suite.

BurpSentinel on offsec.tools

BurpSentinel

GUI Burp Plugin to ease discovering of security holes in web applications.

#burpsuite #payloads #sqli #vulnerabilities #xss

Flow on offsec.tools

Flow

Provides view with filtering capabilities for all requests from all Burp Suite tools.

ActiveScan++ on offsec.tools

ActiveScan++

Extends Burp Suite's active and passive scanning capabilities.

#burpsuite #scanner

backslash-powered-scanner on offsec.tools

backslash-powered-scanner

Finds unknown classes of injection vulnerabilities.

#burpsuite #scanner #vulnerabilities

Burp-AnonymousCloud on offsec.tools

Burp-AnonymousCloud

Performs passive scan to identify buckets and test them for publicly accessible vulnerabilities.

#aws #azure #buckets #burpsuite #cloud #google #subdomains #subto

jwt-heartbreaker on offsec.tools

jwt-heartbreaker

Burp Suite extension to check JWT for using keys from known from public sources.

#burpsuite #jwt #passwords

rexsser on offsec.tools

rexsser

Burp Suite plugin that extracts keywords from response using and test for reflected XSS.

#burpsuite #xss

Xss-Sql-Fuzz on offsec.tools

Xss-Sql-Fuzz

Burp Suite plugin for XSS and SQLi which add our payload to all parameters with one click.

#burpsuite #payloads #sqli #xss

xssValidator on offsec.tools

xssValidator

A Burp Intruder extender designed for automation and validation of XSS vulnerabilities.

#burpsuite #vulnerabilities #xss

Femida on offsec.tools

Femida

Automated blind-xss search for Burp Suite.

#burpsuite #oob #vulnerabilities #xss

BitBlinder on offsec.tools

BitBlinder

Injects custom XSS payloads on every form/request submitted to detect blind XSS.

#burpsuite #payloads #vulnerabilities #xss

SQLTruncSanner on offsec.tools

SQLTruncSanner

Messy BurpSuite plugin for SQL Truncation vulnerabilities.

#burpsuite #scanner #sqli #vulnerabilities

Burp-to-SQLMap on offsec.tools

Burp-to-SQLMap

Performing SQLInjection test on Burp Suite Bulk Requests using SQLMap.

#burpsuite #exploits #sqli #sqlmap #vulnerabilities

MSSQLi-DUET on offsec.tools

MSSQLi-DUET

SQL injection script for Microsoft SQL Server.

#burpsuite #firewall #mssql #sqli #sqlserver #vulnerabilities

SleuthQL on offsec.tools

SleuthQL

Burp History parsing tool to discover potential SQL injection points.

#burpsuite #sqli

Turbo Intruder on offsec.tools

Turbo Intruder

Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.

#burpsuite #http

Autorize on offsec.tools

Autorize

Automatic authorization enforcement detection extension for Burp Suite.

#authorization #burpsuite #permissions

GadgetProbe on offsec.tools

GadgetProbe

Probe endpoints consuming Java serialized objects for fingerprinting.

#burpsuite #deserialization #endpoints #fingerprint #java

GraphQL Beautifier on offsec.tools

GraphQL Beautifier

Burp Suite extension to help make Graphql request more readable.

#burpsuite #graphql

InQL on offsec.tools

InQL

Burp Extension for GraphQL Security Testing.

#burpsuite #graphql #scanner

BurpBounty on offsec.tools

BurpBounty

Improve the active and passive Burp Suite scanner by means of custom rules through GUI.

#burpsuite #scanner

off-by-slash on offsec.tools

off-by-slash

Burp extension to detect alias traversal via NGINX misconfiguration at scale.

#burpsuite #scanner #vulnerabilities

IntruderPayloads on offsec.tools

IntruderPayloads

Payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.

#burpsuite #fuzzing #owasp #resources #wordlists

param-miner on offsec.tools

param-miner

Identifies hidden, unlinked parameters, useful for finding web cache poisoning vulnerabilities.

#burpsuite #parameters

BurpJSLinkFinder on offsec.tools

BurpJSLinkFinder

Burp Extension for a passive scanning JS files for endpoint links.

#burpsuite #endpoints #javascript

Retire.js on offsec.tools

Retire.js

Detects the use of JavaScript libraries with known vulnerabilities.

#burpsuite #cves #fingerprint #javascript #scanner

GAP on offsec.tools

GAP

A Burp Suite extension to find potential endpoints and parameters.

#burpsuite #endpoints #parameters

DataExtractor on offsec.tools

DataExtractor

A Burp Suite extension to extract data from source code while browsing.

#burpsuite #endpoints #regexp #secrets #subdomains

Burp Suite on offsec.tools

Burp Suite

The class-leading vulnerability scanning, penetration testing, and web app security platform.

#allinone #burpsuite #cves #fuzzing #proxy #scanner