Skip to content
Change the repository type filter

All

    Repositories list

    • A golang PKI in less than 1000 lines of code.
      Go
      BSD 3-Clause "New" or "Revised" License
      2600Updated Nov 25, 2024Nov 25, 2024
    • Burp Extensions Api
      Java
      Other
      5139120Updated Nov 21, 2024Nov 21, 2024
    • Helm charts for BSEE Kubernetes installation.
      Smarty
      Apache License 2.0
      5322Updated Nov 18, 2024Nov 18, 2024
    • This repository contains all the XSS cheatsheet data to allow contributions from the community.
      Other
      8240702Updated Nov 15, 2024Nov 15, 2024
    • MIT License
      1200Updated Nov 14, 2024Nov 14, 2024
    • Java
      Other
      1671.3k195Updated Nov 13, 2024Nov 13, 2024
    • Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
      Kotlin
      Apache License 2.0
      2141.5k141Updated Nov 4, 2024Nov 4, 2024
    • BChecks

      Public
      BChecks collection for Burp Suite Professional and Burp Suite Enterprise Edition
      GNU Lesser General Public License v3.0
      112636251Updated Nov 4, 2024Nov 4, 2024
    • pycript

      Public
      Burp Suite extension for bypassing client-side encryption using custom logic for manual and automation testing.
      Python
      MIT License
      24800Updated Oct 30, 2024Oct 30, 2024
    • CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.
      Java
      Apache License 2.0
      6000Updated Oct 30, 2024Oct 30, 2024
    • Fuzz WebSockets with custom Python code
      Java
      MIT License
      2400Updated Oct 30, 2024Oct 30, 2024
    • Header Guardian is a Burp Suite extension that identifies missing, misconfigured, and unnecessary HTTP security headers in web application responses. It helps improve security by ensuring headers follow best practices, like those recommended by OWASP, for protecting against XSS, clickjacking, and information leakage.
      Python
      GNU Affero General Public License v3.0
      1000Updated Oct 30, 2024Oct 30, 2024
    • The Nmap Scanner Burp Suite Extension integrates Nmap's powerful network scanning capabilities directly into the Burp Suite interface. This extension provides an easy-to-use graphical interface for initiating and viewing the results of Nmap scans within Burp Suite, making it an essential tool for security professionals and penetration testers.
      Python
      MIT License
      1300Updated Oct 30, 2024Oct 30, 2024
    • Introduction to CYS4-SensitiveDiscoverer, a Burp extension that discovers sensitive information inside HTTP messages.
      Java
      Apache License 2.0
      61800Updated Oct 30, 2024Oct 30, 2024
    • bambdas

      Public
      Bambdas collection for Burp Suite Professional and Community.
      Java
      GNU Lesser General Public License v3.0
      3020610Updated Oct 28, 2024Oct 28, 2024
    • pyburp

      Public
      BcryptMontoya is a powerful plugin for Burp Suite that allows you to effortlessly modify HTTP requests and responses passing through the Burp Suite proxy using Jython code or gRPC, especially when dealing with encrypted requests.
      Java
      7700Updated Oct 24, 2024Oct 24, 2024
    • A Burp Suite extension for converting Base64 data to an image.
      Java
      1000Updated Oct 23, 2024Oct 23, 2024
    • This is the data that powers the PortSwigger URL validation bypass cheat sheet.
      JavaScript
      43010Updated Oct 23, 2024Oct 23, 2024
    • SAML2 Burp Extension
      Java
      MIT License
      742700Updated Oct 22, 2024Oct 22, 2024
    • Qualys' Burp Extension for WAS
      Java
      3400Updated Oct 22, 2024Oct 22, 2024
    • burptrast

      Public
      Burp Plugin for Contrast Security
      Java
      Apache License 2.0
      2000Updated Oct 22, 2024Oct 22, 2024
    • Copy as aiohttp extension for Burp Suite
      Java
      MIT License
      1000Updated Oct 22, 2024Oct 22, 2024
    • Python
      3100Updated Oct 17, 2024Oct 17, 2024
    • Java
      0300Updated Oct 17, 2024Oct 17, 2024
    • A burp extention to find host header injection vulnerabilities
      Java
      4400Updated Oct 15, 2024Oct 15, 2024
    • Central Repo for Burp extensions
      Java
      532200Updated Oct 11, 2024Oct 11, 2024
    • Python
      3200Updated Oct 9, 2024Oct 9, 2024
    • HTML
      56500Updated Oct 4, 2024Oct 4, 2024
    • This java project was created with Portswigger's Montoya API to be a Burp Extension. It's well known that WAFs only scan up to a certain amount of data per request. This extension allows a tester to manually insert junk data and adds junk data to Active Scans by duplicating each scan check.
      Java
      1001Updated Oct 3, 2024Oct 3, 2024
    • Burp extension for quickly copying request/response data.
      Java
      17800Updated Sep 27, 2024Sep 27, 2024