Grow your team on GitHub
GitHub is home to over 28 million developers working together. Join them to grow your own development teams, manage permissions, and collaborate on projects.Sign up
Burp Suite extension that automatically highlights different HTTP requests
BurpSuite extension to assist with Automated Forced Browsing/Endpoint Enumeration
Burp Suite plugin for scanning SSL vulnerabilities.
Generates comments for selected request(s) based on regular expressions
Parse OpenAPI specifications, previously known as Swagger specifications, into the BurpSuite for automating RESTful API testing – approved by Burp for inclusion in their official BApp Store.
HTTP file upload scanner for Burp Proxy
Provides a suite of Burp extensions and a maven plugin to automate security tests using BurpSuite.
Improved decoder for Burp Suite
Finds unknown classes of injection vulnerabilities
Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
Jython Burp Plugin for PS_TOKEN
Burp extension to decode NTLM SSP headers and extract domain/host information
psychoPATH - hunting file uploads & LFI in the dark. This tool is a customisable payload generator designed for blindly detecting LFI & web file upload implementations allowing to write files into the webroot (aka document root). The "blind" aspect is the key here and is inherent to dynamic testing usually conducted with no access to the source …
SHELLING - a comprehensive OS command injection payload generator
SQLiPy is a Python plugin for Burp Suite that integrates SQLMap using the SQLMap API.
A Burp Suite extension that detects similar CFG-paths from HTTP responses in a black box manner.
Burp Suite extension. Useful for managing tokens like anti-CSRF, CSurf, Session values. Can be used to set params that require random numbers or params that are computed based on application response.
An extension for BurpSuite used to access and modify compressed HTTP payloads without changing the content-encoding.
Burp Extender plugin that generates a sitemap of a website using Wayback Machine
A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 5700+ malicious cryptocurrency mining domains (cryptojacking).
The new bridge between Burp Suite and Frida!
Burp Bounty is a extension of Burp Suite that improve an active and passive scanner by yourself. This extension requires Burp Suite Pro.
An extension for BurpSuite that highlights SSO messages in Burp's proxy window..
Burp Suite plugin to send data to Code Dx software vulnerability management system
Burp Suite plugin created for using Collaborator tool during manual testing