BurpSuite资源收集:400+Burp插件 500+Burp文章视频

BurpSuite资源收集:400+Burp插件,500+Burp文章视频
项目地址: github.com/alphaSeclab/awesome-burp-suite

目录

工具


收集


新添加


插件&&扩展

BurpSuite资源收集:400+Burp插件 500+Burp文章视频

漏洞&&扫描


代理

  • [912星][3y] [Java] summitt/burp-non-http-extension Non-HTTP Protocol Extension (NoPE) Proxy and DNS for Burp Suite.
  • [303星][15d] [Java] ilmila/j2eescan a plugin for Burp Suite Proxy. The goal of this plugin is to improve the test coverage during web application penetration tests on J2EE applications.
  • [250星][2y] [Java] portswigger/collaborator-everywhere Burp Suite 扩展,通过注入非侵入性 headers 来增强代理流量,通过引起 Pingback 到 Burp Collaborator 来揭露后端系统
  • [150星][5m] [Py] kacperszurek/burp_wp Find known vulnerabilities in WordPress plugins and themes using Burp Suite proxy. WPScan like plugin for Burp.
  • [88星][6m] [Java] rub-nds/burpssoextension An extension for BurpSuite that highlights SSO messages in Burp’s proxy window..
  • [73星][8m] [Py] jiangsir404/pbscan 基于burpsuite headless 的代理式被动扫描系统
  • [66星][2m] [Java] static-flow/burpsuite-team-extension This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes through your Burpsuite instance will be replicated in the history of the other testers and vice-versa!
  • [49星][2y] [Py] mrschyte/socksmon 使用 BURP 或 ZAP 的 TCP 拦截代理
  • [33星][4y] [Py] peacand/burp-pytemplate Burp extension to quickly and easily develop Python complex exploits based on Burp proxy requests.
  • [30星][2y] [Py] aurainfosec/burp-multi-browser-highlighting Highlight Burp proxy requests made by different browsers
  • [29星][2y] [Java] ibey0nd/nstproxy 一款存储HTTP请求入库的burpsuite插件
  • [27星][2y] [Py] mrts/burp-suite-http-proxy-history-converter Python script that converts Burp Suite HTTP proxy history files to CSV or HTML
  • [26星][7m] [Java] static-flow/directoryimporter a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an alternative to proxying bruteforcing tools through burp to catch the results.
  • [22星][3y] [Swift] melvinsh/burptoggle Status bar application for OS X to toggle the state of the system HTTP/HTTPS proxy.
  • [17星][2y] [Java] portswigger/j2ee-scan J2EEScan is a plugin for Burp Suite Proxy. The goal of this plugin is to improve the test coverage during web application penetration tests on J2EE applications.
  • [13星][4y] [Java] retanoj/burpmultiproxy Burpsuite 切换代理插件
  • [11星][8y] [Java] gdssecurity/deflate-burp-plugin The Deflate Burp Plugin is a plug-in for Burp Proxy (it implements the IBurpExtender interface) that decompresses HTTP response content in the ZLIB (RFC1950) and DEFLATE (RFC1951) compression formats.
  • [11星][4y] [Py] vincd/burpproxypacextension Exemple d’extension Burp permettant d’utiliser les fichiers de configuration de proxy PAC
  • [8星][2y] [Py] andresriancho/burp-proxy-search Burp suite HTTP history advanced search
  • [6星][2y] [Java] secureskytechnology/burpextender-proxyhistory-webui Burp Extender . Proxy History viewer in Web UI
  • [5星][3y] [Java] mrts/burp-suite-http-proxy-history-viewer Burp Suite HTTP proxy history viewer
  • [5星][3y] [Java] netspi/jsws JavaScript Web Service Proxy Burp Plugin
  • [3星][2y] [Kotlin] pajswigger/filter-options Burp extension to filter OPTIONS requests from proxy history
  • [2星][1y] [Java] coastalhacking/burp-pac Burp Proxy Auto-config Extension

日志


XSS


Collaborator


Fuzz


Payload


SQL


Android

  • [274星][2y] [Java] mateuszk87/badintent Intercept, modify, repeat and attack Android’s Binder transactions using Burp Suite
  • [9星][4m] [JS] shahidcodes/android-nougat-ssl-intercept It decompiles target apk and adds security exception to accept all certificates thus making able to work with Burp/Charles and Other Tools

其他

  • [584星][1y] [Java] federicodotta/brida The new bridge between Burp Suite and Frida!
  • [354星][2y] [Shell] koenbuyens/kalirouter 将 KaliLinux 主机转变为路由器,使用 Wireshark 记录所有的网络流量,同时将 HTTP/HTTPS 流量发送到其他主机的拦截代理(例如 BurpSuite)
  • [298星][1y] [Shell] yw9381/burp_suite_doc_zh_cn 这是基于Burp Suite官方文档翻译而来的中文版文档
  • [230星][1y] [Py] audibleblink/doxycannon 为一堆OpenVPN文件分别创建Docker容器, 每个容器开启SOCKS5代理服务器并绑定至Docker主机端口, 再结合使用Burp或ProxyChains, 构建私有的Botnet
  • [219星][10m] [Py] teag1e/burpcollector 通过BurpSuite来构建自己的爆破字典,可以通过字典爆破来发现隐藏资产。
  • [141星][6m] [Py] integrity-sa/burpcollaborator-docker a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate
  • [130星][7m] [Go] empijei/wapty Go语言编写的Burp的替代品。(已不再维护)
  • [121星][2m] cujanovic/content-bruteforcing-wordlist Wordlist for content(directory) bruteforce discovering with Burp or dirsearch
  • [77星][1m] [Go] root4loot/rescope defining scopes for Burp Suite and OWASP ZAP.
  • [64星][3m] [Java] aress31/swurg Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments
  • [12星][30d] boreas514/burp-suite-2.0-chinese-document 中文版burp2.0官方文档
  • [0星][3y] fbogner/burp.app A small AppleScript wrapper application around Burp.jar to make it more OS X like

文章


新添加

项目地址: github.com/alphaSeclab/awesome-burp-suite