This tool was created during our research at Checkpoint Software Technologies on Whatsapp Protocol (This repository will be updated after BlackHat 2019)

A Burp Suite Extension for pentester and bug bounty hunters an to maintain checklist, map flows, write test cases and track vulnerabilities

Burp Suite extension for bypassing client-side encryption for pentesting and bug bounty

BurpSuite extension to inject custom cross-site scripting payloads on every form/request submitted to detect blind XSS vulnerabilities

Messy BurpSuite plugin for SQL Truncation vulnerabilities.

Blinks is a powerful Burp Suite extension that automates active scanning with Burp Suite Pro and enhances its functionality. With the integration of webhooks, this tool sends real-time updates whenever a new issue is identified, directly to your preferred endpoint. No more waiting for final reports – you get instant, actionable insights! 🛠️

A Burp Suite plugin/extension that offers a shell in Burp. Both useful for OS Command injection and LFI exploration

The objective of this Burp Suite extension is the flexible and dynamic extraction, correlation, and structured presentation of information from the Burp Suite project as well as the flexible and dynamic on-the-fly modification of outgoing or incoming HTTP requests using Python scripts. Thus, Turbo Data Miner shall aid in gaining a better and fas…

A simple plugin to export JS files from one or multiple targets

Burp Suite JSON/JS-Beautifier

ChatGPT with BurpSuite

Handy Python Network Tools to use during penetration test engagements.

API-Authentication-Checker is a Burp Suite extension that helps to identify API endpoints accessible without proper authentication.

The "Redacted Request Extension" is a powerful tool designed to enhance the security and confidentiality of HTTP request handling within the Burp Suite.

Burp Suite Custom Repeater Action Script For Quick Fuzzing

My own extensions for BurpSuite

Burp Suite extension designed to help security professionals search for custom sensitive information in HTTP responses

This script is used to delete the cookie matched with cookie_name_list from Burp Cookie Jar.

This extension allows you to detect implementations of postMessage function, addEventListener("message",function) event handler and onMessage function.