PortSwigger

All

429 repositories

content-type-converter
Public
Central Repo for Burp extensions
Java
•54•22•0•0•Updated Nov 29, 2024Nov 29, 2024
autorize
Public
Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
Python
•199•223•0•0•Updated Nov 29, 2024Nov 29, 2024
cstc
Public
CSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef
Java
•
GNU General Public License v3.0
•26•8•0•0•Updated Nov 29, 2024Nov 29, 2024
param-miner
Public
Java
•
Other
•167•1.3k•19•5•Updated Nov 29, 2024Nov 29, 2024
reshaper
Public
Burp Suite Extension - Trigger actions and reshape HTTP request and response traffic using configurable rules
Java
•
MIT License
•12•15•0•0•Updated Nov 29, 2024Nov 29, 2024
nuclei-template-generator
Public
Nuclei plugin for BurpSuite
Java
•
MIT License
•115•13•0•0•Updated Nov 29, 2024Nov 29, 2024
hackvertor
Public
Java
•47•88•0•0•Updated Nov 29, 2024Nov 29, 2024
burp-suite-enterprise-edition-ami
Public
MIT License
•1•2•0•0•Updated Nov 28, 2024Nov 28, 2024
enterprise-helm-charts
Public
Helm charts for BSEE Kubernetes installation.
kubernetes enterprise burp helm-chart
Smarty
•
Apache License 2.0
•5•3•2•2•Updated Nov 28, 2024Nov 28, 2024
turbo-intruder
Public
Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
Kotlin
•
Apache License 2.0
•215•1.5k•14•1•Updated Nov 27, 2024Nov 27, 2024
burptrast
Public
Burp Plugin for Contrast Security
Java
•
Apache License 2.0
•2•0•0•0•Updated Nov 26, 2024Nov 26, 2024
BChecks
Public
BChecks collection for Burp Suite Professional and Burp Suite Enterprise Edition
GNU Lesser General Public License v3.0
•114•638•25•2•Updated Nov 26, 2024Nov 26, 2024
host-header-inchecktion
Public
A burp extention to find host header injection vulnerabilities
Java
•4•4•0•0•Updated Nov 26, 2024Nov 26, 2024
captcha-converter
Public
A Burp Suite extension for converting Base64 data to an image.
Java
•1•0•0•0•Updated Nov 26, 2024Nov 26, 2024
firewall-ferret
Public
This java project was created with Portswigger's Montoya API to be a Burp Extension. It's well known that WAFs only scan up to a certain amount of data per request. This extension allows a tester to manually insert junk data and adds junk data to Active Scans by duplicating each scan check.
Java
•1•0•0•1•Updated Nov 26, 2024Nov 26, 2024
sensitive-discoverer
Public
Introduction to CYS4-SensitiveDiscoverer, a Burp extension that discovers sensitive information inside HTTP messages.
Java
•
Apache License 2.0
•7•18•0•0•Updated Nov 26, 2024Nov 26, 2024
oauth-scan
Public
Burp Suite Extension useful to verify OAUTHv2 and OpenID security
Java
•
GNU General Public License v3.0
•26•184•0•0•Updated Nov 26, 2024Nov 26, 2024
batch-scan-report-generator
Public
Small Burp Suite Extension to generate multiple scan reports by host with just a few clicks. Works with Burp Suite Professional only.
Java
•
MIT License
•2•4•0•0•Updated Nov 26, 2024Nov 26, 2024
certsquirt
Public
A golang PKI in less than 1000 lines of code.
Go
•
BSD 3-Clause "New" or "Revised" License
•2•6•0•0•Updated Nov 25, 2024Nov 25, 2024
burp-extensions-montoya-api
Public
Burp Extensions Api
Java
•
Other
•5•140•12•0•Updated Nov 21, 2024Nov 21, 2024
xss-cheatsheet-data
Public
This repository contains all the XSS cheatsheet data to allow contributions from the community.
Other
•82•408•0•2•Updated Nov 15, 2024Nov 15, 2024
pycript
Public
Burp Suite extension for bypassing client-side encryption using custom logic for manual and automation testing.
Python
•
MIT License
•25•8•0•0•Updated Oct 30, 2024Oct 30, 2024
client-side-path-traversal-exploitation
Public
CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.
Java
•
Apache License 2.0
•6•0•0•0•Updated Oct 30, 2024Oct 30, 2024
websocket-turbo-intruder
Public
Fuzz WebSockets with custom Python code
Java
•
MIT License
•2•4•0•0•Updated Oct 30, 2024Oct 30, 2024
header-guardian
Public
Header Guardian is a Burp Suite extension that identifies missing, misconfigured, and unnecessary HTTP security headers in web application responses. It helps improve security by ensuring headers follow best practices, like those recommended by OWASP, for protecting against XSS, clickjacking, and information leakage.
Python
•
GNU Affero General Public License v3.0
•1•0•0•0•Updated Oct 30, 2024Oct 30, 2024
nmap-scanner
Public
The Nmap Scanner Burp Suite Extension integrates Nmap's powerful network scanning capabilities directly into the Burp Suite interface. This extension provides an easy-to-use graphical interface for initiating and viewing the results of Nmap scans within Burp Suite, making it an essential tool for security professionals and penetration testers.
Python
•
MIT License
•1•3•0•0•Updated Oct 30, 2024Oct 30, 2024
bambdas
Public
Bambdas collection for Burp Suite Professional and Community.
Java
•
GNU Lesser General Public License v3.0
•30•207•1•0•Updated Oct 28, 2024Oct 28, 2024
pyburp
Public
BcryptMontoya is a powerful plugin for Burp Suite that allows you to effortlessly modify HTTP requests and responses passing through the Burp Suite proxy using Jython code or gRPC, especially when dealing with encrypted requests.
Java
•7•7•0•0•Updated Oct 24, 2024Oct 24, 2024
url-cheatsheet-data
Public
This is the data that powers the PortSwigger URL validation bypass cheat sheet.
JavaScript
•4•30•1•0•Updated Oct 23, 2024Oct 23, 2024
saml-raider
Public
SAML2 Burp Extension
Java
•
MIT License
•74•28•0•0•Updated Oct 22, 2024Oct 22, 2024