Anof-cyber/PyCript Anof-cyber/PyCript

  • Stars
    star
    169
  • Rank 224,453 (Top 5 %)
  • Language
    Python
  • License
    MIT License
  • Created almost 2 years ago
  • Updated 10 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
Anof-cyber/PyCript
github

Anof-cyber

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Burp Suite extension for bypassing client-side encryption for pentesting and bug bounty

PyCript

Pycript is a Burp Suite extension that enables users to encrypt and decrypt requests and response for manual and automated application penetration testing. It also allows users to create custom encryption and decryption logic using JavaScript, Python and Java, allowing for a tailored encryption/decryption process for specific needs.

Deploy GitHub GitHub closed issues GitHub Release Date GitHub release (latest by date including pre-releases) GitHub last commit

Support

Sponsor Anof-cyber

Documentation

70686099-3855f780-1c79-11ea-8141-899e39459da2

Reference

Requirements

  • Node JS / Python / Java
  • Burp Suite with Jython

Features

  • Encrypt & Decrypt the Selected Strings from Request Response
  • View and Modify the encrypted request in plain text
  • Decrypt Multiple Requests
  • Perform Burp Scanner, Sql Map, Intruder Bruteforce or any Automation in Plain Text
  • Auto Encrpyt the request on the fly
  • Complete freedom for encryption and decryption logic
  • Ability to handle encryption and decryption even with Key and IV in Request Header or Body

Roadmap

  • Response Encryption & Decryption
  • Support for GET Paramters
  • Allowing Edit Headers for Request Type Custom Request
  • Supporting multiple languages for encryption and decryption

Demo Code

Screenshots

PyCript

PyCript

PyCript

PyCript

PyCript

PyCript

More Repositories

1

APTRS

Automated Penetration Testing Reporting System
Python
743
star
2

Application-Security

Resources for Application Security including Web, API, Android, iOS and Thick Client
625
star
3

ParaForge

A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing
Python
134
star
4

Pentest-Mapper

A Burp Suite Extension for pentester and bug bounty hunters an to maintain checklist, map flows, write test cases and track vulnerabilities
Python
108
star
5

Androset

Automated script to convert and push Burp Suite certificate in Android, and modify Android's IP table to redirect all traffic to Burp Suite.
Python
105
star
6

MobSecco

Cloning apk for bypassing code tampering detection, Google Safety Net and scanning vulnerable plugins
Python
59
star
7

AlphaScan

A BurpSuite extension for vulnerability Scanning
Java
23
star
8

pentest-recon

Web application pentesting recon
Shell
23
star
9

web-recon

Web application recon for bug bounty
Shell
21
star
10

apkleaks

An python script that use apkleaks to scan the android application over web
Python
7
star
11

Anof-cyber

CSS
6
star
12

PyCript-Template

Encryption and Decryption code for Pycript Extensions with common JavaScript encryption logic
Java
3
star
13

nmaptomm

Python
2
star
14

Flutter-Windows

Flutter Windows Frida Script for SSL Pinning
C++
1
star
15

CryptoJS

A Crypto JS based JavaScript AES encryption decryption script
HTML
1
star
16

Burp-Crypto

A Burp Suite Extension to encrypt the parameters
Python
1
star
17

Sub-Enum

Sub-Domain Enumeration
Shell
1
star