• Stars
    star
    31
  • Rank 820,005 (Top 17 %)
  • Language
    Java
  • Created almost 8 years ago
  • Updated over 2 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

More Repositories

1

turbo-intruder

Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
Kotlin
1,112
star
2

param-miner

Java
1,001
star
3

http-request-smuggler

Java
950
star
4

backslash-powered-scanner

Finds unknown classes of injection vulnerabilities
Java
626
star
5

xss-cheatsheet-data

This repository contains all the XSS cheatsheet data to allow contributions from the community.
397
star
6

collaborator-everywhere

A Burp Suite Pro extension which augments your proxy traffic by injecting non-invasive headers designed to reveal backend systems by causing pingbacks to Burp Collaborator
Java
395
star
7

hackability

Probe a rendering engine for vulnerabilities and other features
JavaScript
366
star
8

BChecks

BChecks collection for Burp Suite Professional
320
star
9

bypass-bot-detection

Burp Suite extension that mutates ciphers to bypass TLS-fingerprint based bot detection
Java
186
star
10

dastardly-github-action

Runs a scan using Dastardly by Burp Suite against a target site and creates a JUnit XML report for the scan on completion.
Dockerfile
126
star
11

portable-data-exfiltration

This repo contains all the injections mentioned in my talk and enumerators.
JavaScript
87
star
12

distribute-damage

Evenly distributes scanner load across targets
Java
80
star
13

httpoxy-scanner

A Burp Suite extension that checks for the HTTPoxy vulnerability.
Java
76
star
14

replicator

Burp extension to help developers replicate findings from pen tests
Java
64
star
15

burp-extensions-montoya-api

Burp Extensions Api
Java
64
star
16

burp-extender-api

Burp Wiener API (Legacy)
Java
54
star
17

python-scripter

Sourced from gist: https://gist.github.com/mwielgoszewski/7026954
Python
51
star
18

css-exfiltration

HTML
46
star
19

serialization-examples

Java
33
star
20

aws-security-checks

AWS Security Checks
Python
31
star
21

burp-extensions-montoya-api-examples

Examples for using the Montoya API with Burp Suite
Java
20
star
22

example-intruder-payloads

Java
19
star
23

example-scanner-checks

Java
18
star
24

reflected-parameters

Java
18
star
25

nice-script

A JavaScript sandbox using proxies
JavaScript
17
star
26

custom-logger

Java
16
star
27

example-custom-editor-tab

Java
15
star
28

example-event-listeners

Java
15
star
29

bseept

Burp Suite Enterprise Edition Power Tools
Python
13
star
30

research-labs

This repository contains a number of insecure self-hosted applications that allows interested security engineers to test vulnerabilities found by Portswigger Research team.
TypeScript
13
star
31

3d-css-tutorial

HTML
12
star
32

example-custom-scan-insertion-points

Java
12
star
33

waf-detect

Burp app (BApp) for detecting WAF fingerprints
Java
8
star
34

enterprise-reference-stack-for-aws

Smarty
7
star
35

viewstate-editor

Burp extension to add a view state tab to the message editor
Java
6
star
36

random-ip-address-header

Java
5
star
37

html5-auditor

Java
5
star
38

certsquirt

A golang PKI in less than 1000 lines of code.
Go
3
star
39

example-custom-session-tokens

Java
2
star
40

example-custom-logger

Java
2
star
41

manual-scan-issues

Java
2
star
42

websphere-portlet-state-decoder

Python
1
star
43

burp-jenkins-integration

Enterprise integration with Jenkins
Java
1
star
44

open-day

1
star
45

enterprise-helm-charts

Helm charts for BSEE Kubernetes installation.
Smarty
1
star