A burp-suite plugin that extract all parameters name from in-scope requests.
You can run the plugin while you are working on the target application and it will log all the extracted parameters in the plugin tab. Then you can export the result to a file and use that file with other parameter discovery tools.
log4jscanner log4j burp插件 特点如下: 0x01 基于Cookie字段、XFF头字段、UA头字段发送payload 0x02 基于域名的唯一性,将host带入dnslog中 插件主要识别五种形式: 1.get请求,a=1&b=2&c=3 2.post请求,a=1&b=2&c=
A tool to find good RCE From my series: A powerful Burp extension to make bounties rain
CVE-2021-21389 BuddyPress 7.2.1 - REST API Privilege Escalation to RCE PoC (Full) Affected version: 5.0.0 to 7.2.0 User requirement: Subscriber user
F2Amapper This is python script that will extract the functions call in all used DLL in an executable and then provide a mapping of those functions to
A Python3 and a BASH PoC for CVE-2021-4034 by Kim Schulz
This a simple tool XSS Detection Suite for CTFs games
Description Scout Suite is an open source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments. Using t
A DOM-based G-Suite password sprayer and user enumerator
PyPasser is a Python library for bypassing reCaptchaV3 only by sending 2 requests. In 1st request, gets token of captcha and in 2nd request,
scan4log4shell A Burp Pro extension that adds log4shell checks to Burp Scanner, written by Daniel Crowley of IBM X-Force Red. Installation To install
log4j2_burp_scan 自用脚本log4j2 被动 burp rce扫描工具 get post cookie 全参数识别,在ceye.io api速率限制下,最大线程扫描每一个参数,记录过滤已检测地址,重复地址 token替换为你自己的http://ceye.io/ token 和域名地址
unblocker Burp Suite extension for encoding/decoding EVM calldata 0x00_prerequisites Burp Suite Java 8+ Python 2.7 0x01_installation clone this reposi
TProxer A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF. How • Install • Todo • Join Discord How it works
Hive Burp Suite Extension Description Hive extension for Burp Suite. This extension allows you to send data from Burp to Hive in one click. Create iss
yLog4j This is Y-Sec's @PortSwigger Burp Plugin for the Log4j CVE-2021-44228 vulnerability. The focus of yLog4j is to support mass-scanning of the Log
IPscan This Script is Framework To automate IP process large scope For Bug Hunti
BurpParamFlagger A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF
xp_CAPTCHA(白嫖版) 说明 xp_CAPTCHA (白嫖版) 验证码识别 burp插件 安装 需要python3 小于3.7的版本 安装 muggle_ocr 模块(大概400M左右) python3 -m pip install -i http://mirrors.aliyun.com/
Burp Extensions This is a collection of extensions to Burp Suite that I have written. getAllParams.py - Version 1.2 This is a python extension that ru
1 Jun 30, 2022
52 Dec 16, 2022
17 Nov 9, 2022
3 Sep 3, 2022
16 Sep 6, 2022
2 Nov 24, 2021
5k Jan 5, 2023
1 Apr 7, 2022
253 Jan 5, 2023
26 Mar 15, 2022
5 Dec 10, 2021
16 Aug 30, 2022
162 Nov 25, 2022
7 Dec 7, 2022
1 Jan 31, 2022
8 Mar 12, 2022
118 Nov 7, 2022
588 Jan 9, 2023
364 Dec 30, 2022