构建优化高效的渗透 fuzz 字典合集
A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅
captcha-killer的修改版,支持关键词识别base64编码的图片,添加免费ocr库,用于验证码爆破,适配新版Burpsuite
HackBar plugin for Burpsuite
翻译 - Burpsuite的HackBar插件
Burp extension to evade TLS fingerprinting. Bypass WAF, spoof any browser.
Burp插件,根据自定义来达到对数据包的处理(适用于加解密、爆破等),类似mitmproxy,不同点在于经过了burp中转,在自动加解密的基础上,不影响APP、网站加解密正常逻辑等。
Awesome Burp Suite Resources. 400+ open source Burp plugins, 400+ posts and videos.
翻译 - 很棒的Burp Suite资源。 400多个开源Burp插件,500多个帖子和视频。
Burp Suite Certified Practitioner Exam Study
OneScan 是一款用于递归目录扫描的 BurpSuite 插件
HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite
翻译 - HopLa Burp Suite Extender插件-在Burp Suite中添加了自动补全支持和有用的有效负载
Burp Plugin to decrypt AES encrypted traffic on the fly
Blackbox Protobuf is a set of tools for working with encoded Protocol Buffers (protobuf) without the matching protobuf definition.
Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).
Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT
翻译 - 商品注入签名,恶意输入,XSS,HTTP标头注入,XXE,RCE,Javascript,XSLT
Bugbounty scope tool
Burp Extender plugin that generates a sitemap of a website using Wayback Machine
Automate security tests using Burp Suite.
Wordlist for content(directory) bruteforce discovering with Burp or dirsearch