HackBar plugin for Burpsuite
-
Updated
Oct 19, 2018 - Java
#
burp-extensions
Here are 115 public repositories matching this topic...
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
-
Updated
Jun 23, 2020 - Java
Awesome Burp Suite Resources. 400+ open source Burp plugins, 400+ posts and videos.
-
Updated
Feb 20, 2020
InQL - A Burp Extension for GraphQL Security Testing
graphql
security-audit
security-scanner
burpsuite
security-tools
burp-extensions
graphql-security
api-documentation-tool
-
Updated
Jun 16, 2020 - Python
reCAPTCHA = REcognize CAPTCHA: A Burp Suite Extender that recognize CAPTCHA and use for intruder payload 自动识别图形验证码并用于burp intruder爆破模块的插件
recaptcha
captcha
recognizes-images
burp-plugin
burpsuite
intruder
burp-extensions
recognize-captcha
-
Updated
Jun 25, 2020 - Java
A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅
cookie
menu
knife
burp
burp-plugin
burpsuite
burp-extensions
hackbar
burpsuite-extender
unicode-to-chinese
update-cookie
u2c
http-edit
header-edit
-
Updated
Jun 21, 2020 - Java
A Burp Suite Extender that try to find sub-domain, similar-domain and related-domain of an organization, not only a domain! 利用burp收集整个企业、组织的域名(不仅仅是单个主域名)的插件
sitemap
spider
certificate
domains
subdomain
certification
burp-plugin
domain-discovery
burp-extensions
subject-alternative-name
subjectaltname
domain-hunter
similar-domain
https-certificate
burpsuite-extender
related-domain
organization-domain
subject-name
-
Updated
Jun 21, 2020 - Java
Burp Suite extension to discover apikeys/accesstokens and sensitive data from HTTP response.
-
Updated
Jun 7, 2020 - Python
Burp plugin to decrypt AES Encrypted traffic of mobile apps on the fly
aes-encryption
burp
burp-plugin
burpsuite
burp-extensions
decryptor
aes-decryption
burpsuite-extender
burp-ui
burpsuite-tools
-
Updated
Nov 12, 2018 - Java
有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file
jar
waf
pentesting
sqlmap
burpsuite
burp-extensions
hacktool
pentest-tool
hackbar
burpsuite-extender
burpsuite-tools
j2eescan
burp-requests
-
Updated
Jun 21, 2020 - Python
Intercept, modify, repeat and attack Android's Binder transactions using Burp Suite
-
Updated
Aug 20, 2017 - Java
Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
-
Updated
Apr 22, 2020 - Java
Burp Extender plugin that generates a sitemap of a website using Wayback Machine
-
Updated
May 8, 2018 - Java
sqlmap4burp++是一款兼容Windows,mac,linux多个系统平台的Burp与sqlmap联动插件
-
Updated
Nov 7, 2019 - Java
A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
security-audit
blacklist
bitcoin
hacking
cryptocurrency
penetration-testing
web-security
bugbounty
hacking-tool
security-scanner
burp-plugin
burpsuite
security-tools
burp-extensions
blacklist-extension
burpsuitepro
coinhive
cryptojacking
coinhive-miners
web-application-hacking
-
Updated
Jul 8, 2019 - Python
Turn your Burp suite into headless active web application vulnerability scanner
-
Updated
Mar 1, 2018 - Java
jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints. This could help reveal cross-site script inclusion vulnerabilities or aid in bypassing content security policies.
-
Updated
Jan 16, 2020 - Python
Security checks pack for Burp Suite
-
Updated
Feb 8, 2018 - Java
BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite).
-
Updated
Jul 2, 2020 - Java
Unicode To Chinese -- U2C : A burpsuite Extender That Convert Unicode To Chinese 【Unicode编码转中文的burp插件】
-
Updated
Nov 9, 2018 - Java
Exporter is a Burp Suite extension to copy a request to the clipboard as multiple programming languages functions.
-
Updated
May 11, 2020 - Python
eoftedal
commented
Dec 12, 2017
Steps to reproduce:
- Download http://petstore.swagger.io/v2/swagger.json
- Open swagger.json in Swagger Parser
- Find the POST /pet endpoint and click "send to repeater"
POST /v2/pet HTTP/1.1
Host: petstore.swagger.io
Accept: application/xml, application/json
Content-Type: application/json, application/xml
id={integer}&id={integer}&name={string}&name={string}&photoUrls={array}
SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing
windows
active-directory
penetration-testing
sql-injection
mssql
application-security
burp-plugin
burp-extensions
user-enumeration
-
Updated
May 10, 2020 - Python
CSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef
-
Updated
Jul 1, 2020 - Java
BURP extension providing a set of values for the HTTP request "Host" header for the "BURP Intruder" in order to abuse virtual host resolution.
-
Updated
Oct 8, 2017 - Java
Burp extension helps in finding blind xss vulnerabilities
-
Updated
Jun 19, 2019 - Python
Piper Burp Suite Extender plugin
-
Updated
Jun 23, 2020 - Kotlin
Improve this page
Add a description, image, and links to the burp-extensions topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the burp-extensions topic, visit your repo's landing page and select "manage topics."
Currently, the headless scanner extension expects an XML based configuration file and this works ok. But, making the XML is cumbersome and also requires that most of the request URLs be wrapped in CDATA blocks.
IMHO, this would be much simpler, cleaner and much more concise in JSON than in XML, Also, the configuration files for Burp itself seem to be JSON based. So, this move will make it sor