Ghidra is a software reverse engineering (SRE) framework

Dex to Java decompiler

The ZAP by Checkmarx Core project

Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.

AIMSICD • Fight IMSI-Catcher, StingRay and silent SMS!

HaE - Highlighter and Extractor, Empower ethical hacker for efficient operations.

A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities and enables running traffic-based analysis of any type.

Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules thro…

HackBar plugin for Burpsuite

latest version of scanners for IIS short filename (8.3) disclosure vulnerability

CLOSE ACCESS DENIAL.

Burp plugin able to find reflected XSS on page in real-time while browsing on site

TLS-Attacker is a Java-based framework for analyzing TLS libraries. It can be used to manually test TLS clients and servers or as as a software library for more advanced tools.

Java RMI enumeration and attack tool.

ffffffff0x team toolset for penetration testing, cryptography research, CTF and daily use. | ffffffff0x 团队工具集，用来进行渗透测试，密码学研究，CTF和日常使用。

A Burp Suite Extension that try to find all sub-domain, similar-domain and related-domain of an organization automatically! 基于流量自动收集整个企业或组织的子域名、相似域名、相关域名的burp插件

Burp Plugin to decrypt AES encrypted traffic on the fly

SSRF plugin for burp Automates SSRF Detection in all of the Request

BDD Automated Security Tests for Web Applications

WS-Attacker is a modular framework for web services penetration testing. It is developed by the Chair of Network and Data Security, Ruhr University Bochum (https://nds.rub.de/ ) and the Hackmanit G…

Log4j jndi injects the Payload generator

Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"

The TLS-Scanner Module from TLS-Attacker

Bluetooth Honeypot

JWT Support for Burp

The purpose of this project is to demonstrate the Log4Shell exploit with Log4J vulnerabilities using PDF as delivery channel

A Burp Suite Extension to pull Employee Names from Google and Bing LinkedIn Search Results

Burp Suite extension that offers a toolkit for testing GraphQL endpoints.