Skip to content
Change the repository type filter

All

    Repositories list

    • Central Repo for Burp extensions
      Java
      542200Updated Nov 29, 2024Nov 29, 2024
    • autorize

      Public
      Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
      Python
      19922300Updated Nov 29, 2024Nov 29, 2024
    • cstc

      Public
      CSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef
      Java
      GNU General Public License v3.0
      26800Updated Nov 29, 2024Nov 29, 2024
    • Java
      Other
      1671.3k195Updated Nov 29, 2024Nov 29, 2024
    • reshaper

      Public
      Burp Suite Extension - Trigger actions and reshape HTTP request and response traffic using configurable rules
      Java
      MIT License
      121500Updated Nov 29, 2024Nov 29, 2024
    • Nuclei plugin for BurpSuite
      Java
      MIT License
      1151300Updated Nov 29, 2024Nov 29, 2024
    • Java
      478800Updated Nov 29, 2024Nov 29, 2024
    • MIT License
      1200Updated Nov 28, 2024Nov 28, 2024
    • Helm charts for BSEE Kubernetes installation.
      Smarty
      Apache License 2.0
      5322Updated Nov 28, 2024Nov 28, 2024
    • Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
      Kotlin
      Apache License 2.0
      2151.5k141Updated Nov 27, 2024Nov 27, 2024
    • burptrast

      Public
      Burp Plugin for Contrast Security
      Java
      Apache License 2.0
      2000Updated Nov 26, 2024Nov 26, 2024
    • BChecks

      Public
      BChecks collection for Burp Suite Professional and Burp Suite Enterprise Edition
      GNU Lesser General Public License v3.0
      114638252Updated Nov 26, 2024Nov 26, 2024
    • A burp extention to find host header injection vulnerabilities
      Java
      4400Updated Nov 26, 2024Nov 26, 2024
    • A Burp Suite extension for converting Base64 data to an image.
      Java
      1000Updated Nov 26, 2024Nov 26, 2024
    • This java project was created with Portswigger's Montoya API to be a Burp Extension. It's well known that WAFs only scan up to a certain amount of data per request. This extension allows a tester to manually insert junk data and adds junk data to Active Scans by duplicating each scan check.
      Java
      1001Updated Nov 26, 2024Nov 26, 2024
    • Introduction to CYS4-SensitiveDiscoverer, a Burp extension that discovers sensitive information inside HTTP messages.
      Java
      Apache License 2.0
      71800Updated Nov 26, 2024Nov 26, 2024
    • Burp Suite Extension useful to verify OAUTHv2 and OpenID security
      Java
      GNU General Public License v3.0
      2618400Updated Nov 26, 2024Nov 26, 2024
    • Small Burp Suite Extension to generate multiple scan reports by host with just a few clicks. Works with Burp Suite Professional only.
      Java
      MIT License
      2400Updated Nov 26, 2024Nov 26, 2024
    • A golang PKI in less than 1000 lines of code.
      Go
      BSD 3-Clause "New" or "Revised" License
      2600Updated Nov 25, 2024Nov 25, 2024
    • Burp Extensions Api
      Java
      Other
      5140120Updated Nov 21, 2024Nov 21, 2024
    • This repository contains all the XSS cheatsheet data to allow contributions from the community.
      Other
      8240802Updated Nov 15, 2024Nov 15, 2024
    • pycript

      Public
      Burp Suite extension for bypassing client-side encryption using custom logic for manual and automation testing.
      Python
      MIT License
      25800Updated Oct 30, 2024Oct 30, 2024
    • CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.
      Java
      Apache License 2.0
      6000Updated Oct 30, 2024Oct 30, 2024
    • Fuzz WebSockets with custom Python code
      Java
      MIT License
      2400Updated Oct 30, 2024Oct 30, 2024
    • Header Guardian is a Burp Suite extension that identifies missing, misconfigured, and unnecessary HTTP security headers in web application responses. It helps improve security by ensuring headers follow best practices, like those recommended by OWASP, for protecting against XSS, clickjacking, and information leakage.
      Python
      GNU Affero General Public License v3.0
      1000Updated Oct 30, 2024Oct 30, 2024
    • The Nmap Scanner Burp Suite Extension integrates Nmap's powerful network scanning capabilities directly into the Burp Suite interface. This extension provides an easy-to-use graphical interface for initiating and viewing the results of Nmap scans within Burp Suite, making it an essential tool for security professionals and penetration testers.
      Python
      MIT License
      1300Updated Oct 30, 2024Oct 30, 2024
    • bambdas

      Public
      Bambdas collection for Burp Suite Professional and Community.
      Java
      GNU Lesser General Public License v3.0
      3020710Updated Oct 28, 2024Oct 28, 2024
    • pyburp

      Public
      BcryptMontoya is a powerful plugin for Burp Suite that allows you to effortlessly modify HTTP requests and responses passing through the Burp Suite proxy using Jython code or gRPC, especially when dealing with encrypted requests.
      Java
      7700Updated Oct 24, 2024Oct 24, 2024
    • This is the data that powers the PortSwigger URL validation bypass cheat sheet.
      JavaScript
      43010Updated Oct 23, 2024Oct 23, 2024
    • SAML2 Burp Extension
      Java
      MIT License
      742800Updated Oct 22, 2024Oct 22, 2024