Type | Name | Description | Star | Tags | Badges |
---|---|---|---|---|---|
Army-Knife | BurpSuite | The BurpSuite Project | mitmproxy live-audit crawl |
||
Army-Knife | ZAP | The ZAP core project | mitmproxy live-audit crawl |
||
Recon | reflected-parameters | param |
|||
Recon | attack-surface-detector-burp | The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters | endpoint url attack-surface |
||
Recon | attack-surface-detector-zap | The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters | endpoint url attack-surface |
||
Fuzzer | param-miner | Param Miner | param cache-vuln |
||
Scanner | DeepViolet | Tool for introspection of SSL\TLS sessions | ssl |
||
Scanner | csp-auditor | csp |
|||
Scanner | http-request-smuggler | smuggle |
|||
Scanner | collaborator-everywhere | oast |
|||
Scanner | BurpSuiteHTTPSmuggler | smuggle |
|||
Exploit | BaRMIe | Java RMI enumeration and attack tool. | RMI |
||
Utils | Map Local | ZAP add-on which allows mapping of responses to content of a chosen local file. | |||
Utils | Web3 Decoder | Burp Extension for Web3 | web3 |
||
Utils | BurpCustomizer | Because just a dark theme wasn't enough! | |||
Utils | AuthMatrix | Automated HTTP Request Repeating With Burp Suite | |||
Utils | burp-send-to | ||||
Utils | HTTPSignatures | A Burp Suite extension implementing the Signing HTTP Messages draft-ietf-httpbis-message-signatures-01 draft. | |||
Utils | taborator | oast |
|||
Utils | Decoder-Improved | Improved decoder for Burp Suite | |||
Utils | pcap-burp | Pcap importer for Burp | |||
Utils | knife | A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅 | |||
Utils | GadgetProbe | Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths. | deserialize |
||
Utils | Stepper | ||||
utils | Neonmarker | ||||
Utils | SerializationDumper | A tool to dump Java serialization streams in a more human readable form. | deserialize |
||
Utils | zap-hud | ||||
Utils | ysoserial | A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization. | deserialize |
||
Utils | BurpSuiteLoggerPlusPlus | ||||
Utils | AWSSigner | Burp Extension for AWS Signing | |||
Utils | safecopy | ||||
Utils | http-script-generator | ||||
utils | owasp-zap-jwt-addon | jwt |
|||
Utils | Berserko | Burp Suite extension to perform Kerberos authentication |