Penetration Test Vulnerabilities Manager is an extension for Burp Suite, written in Jython. It was developed by Barak Tawily in order to help application security professionals manage vulnerabilities

Burp Extension to identify PII data

XSSor is a semi-automatic reflected and persistent XSS detector extension for Burp Suite. The tool was written in Python by Barak Tawily, an application security expert. XSSor was designed to help …

A Burp Suite extension for scraping JavaScript source maps.

Burp extension to check dynamically generated links for vulnerabilities

Burp extension that finds parameter reflections in all responses

Burp extension which notifies when a private node module is found.

Cheburek is Burp extension that allows to detect if an email address has been compromised in a data breach

Burp Suite extension to help bug hunters find more inputs

list burp extension

Burp Extension that implements upload file content feature

Burp Extension for a passive scanning JS files for endpoint links.

Burp extension to detect URL reflection

plugs extension of burp for ip changes

Python burp extension to find hidden subdomains

Burp extension to scan HTTP Methods

Burp Extension to downgrade HTTP/2 responses to HTTP/1.1

Proof of concept for CVE-2017-6640 as burp extension

Burp Extension to help find reflected parameter vulnerabilities

Burp Extension for finding/parsing .DS_Store files

A burp extension, check Sturts2 RCE through passive scan.一款检测Struts2 RCE漏洞的burp被动扫描插件~

A burpsuite extension to deal with weird applications that require a token and another request to get the response to a command.

KARMA is a simple bash script automation that can hit Shodan Premium API and find active IPs, ASN, Common Vulnerabilities, CVEs & Open Ports.

Burp extension to discover robots.txt when it has interesting content

War Story is a Burp extension that parses war files and finds paths and parameters for Burp's Target List

Unexpected information 是用于标记请求包中的一些敏感信息、JS接口和一些特殊字段的BurpSuite 插件。

burpsuite extension for check unauthorized vulnerability

burpsuite extension for check and extract sensitive request parameter

Burp extension to calculate the byte size of selections made in text windows

An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.