所有收集类项目:

收集的所有开源工具: sec-tool-list: 超过18K, 包括Markdown和Json两种格式
全平台逆向资源: awesome-reverse-engineering:
- Windows平台安全: PE/DLL/DLL-Injection/Dll-Hijack/Dll-Load/UAC-Bypass/Sysmon/AppLocker/ETW/WSL/.NET/Process-Injection/Code-Injection/DEP/Kernel/...
- Linux安全: ELF/...
- macOS/iXxx安全: Mach-O/越狱/LLDB/XCode/...
- Android安全: HotFix/XPosed/Pack/Unpack/Emulator/Obfuscate
- 知名工具: IDA/Ghidra/x64dbg/OllDbg/WinDBG/CuckooSandbox/Radare2/BinaryNinja/DynamoRIO/IntelPin/Frida/QEMU/...
攻击性网络安全资源: awesome-cyber-security: 漏洞/渗透/物联网安全/数据渗透/Metasploit/BurpSuite/KaliLinux/C&C/OWASP/免杀/CobaltStrike/侦查/OSINT/社工/密码/凭证/威胁狩猎/Payload/WifiHacking/无线攻击/后渗透/提权/UAC绕过/...
网络相关的安全资源: awesome-network-stuff:
- 网络通信: 代理/SS/V2ray/GFW/反向代理/隧道/VPN/Tor/I2P/...
- 网络攻击: 中间人/PortKnocking/...
- 网络分析: 嗅探/协议分析/网络可视化/网络分析/网络诊断等
开源远控和恶意远控分析报告: awesome-rat: 开源远控工具: Windows/Linux/macOS/Android; 远控类恶意恶意代码的分析报告等
Webshell工具和分析/使用文章: awesome-webshell: Webshell资源收集, 包括150个Github项目, 200个左右文章
取证相关工具和文章: awesome-forensics: 近300个取开源取证工具，近600与取证相关文章
蜜罐资源: awesome-honeypot: 250+个开源蜜罐工具，350+与蜜罐相关文章
Burp Suite资源: awesome-burp-suite: 400+个开源Burp插件，500+与Burp相关文章

BurpSuite

400+ 开源Burp插件，500+文章和视频。
English Version

工具

收集

[1982星][1y] [BitBake] 1n3/intruderpayloads BurpSuite Intruder Payload收集
[1112星][1y] [Py] bugcrowd/hunt Burp和ZAP的扩展收集
[1108星][2m] snoopysecurity/awesome-burp-extensions Burp扩展收集
[917星][15d] [Batchfile] mr-xn/burpsuite-collections BurpSuite收集：包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程
[96星][2y] [Java] jgillam/burp-co2 A collection of enhancements for Portswigger's popular Burp Suite web penetration testing tool.
[87星][9m] [Py] laconicwolf/burp-extensions A collection of scripts to extend Burp Suite
[58星][22d] [Py] lich4/personal_script 010Editor/BurpSuite/Frida/IDA等多个工具的多个脚本
- 010Editor 010Editor的多个脚本
- ParamChecker Burp插件
- Frida Frida多个脚本
- IDA IDA Scripts
- IDA-read_unicode.py IDA插件，识别程序中的中文字符
- IDA-add_xref_for_macho 辅助识别Objective-C成员函数的caller和callee
- IDA-add_info_for_androidgdb 使用gdbserver和IDA调试Android时，读取module列表和segment
- IDA-trace_instruction 追踪指令流
- IDA-detect_ollvm 检测OLLVM，在某些情况下修复（Android/iOS）
- IDA-add_block_for_macho 分析macho文件中的block结构
[22星][4y] [Java] ernw/burpsuite-extensions A collection of Burp Suite extensions

新添加

[378星][3m] [Java] nccgroup/autorepeater Automated HTTP Request Repeating With Burp Suite
[376星][2y] [Py] 0x4d31/burpa A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).
[371星][4y] [JS] allfro/burpkit Next-gen BurpSuite penetration testing tool
[299星][1y] [Java] vmware/burp-rest-api REST/JSON API to the Burp Suite security tool.
[265星][3y] [Java] codewatchorg/bypasswaf Add headers to all Burp requests to bypass some WAF products
[147星][4m] [Java] netsoss/headless-burp Automate security tests using Burp Suite.
[141星][1y] [Java] tomsteele/burpbuddy burpbuddy exposes Burp Suites's extender API over the network through various mediums, with the goal of enabling development in any language without the restrictions of the JVM
[118星][1m] [Java] nccgroup/decoder-improved Improved decoder for Burp Suite
[111星][22d] [Java] ozzi-/jwt4b JWT Support for Burp
[110星][2y] [Java] x-ai/burpunlimitedre This project !replace! BurpUnlimited of depend (BurpSutie version 1.7.27). It is NOT intended to replace them!
[103星][7m] [Py] kibodwapon/noeye A blind mode exploit framework (a dns server and a web app) that like wvs's AcuMonitor Service or burpsuite's collabrator or cloudeye
[99星][4y] [Java] summitt/burp-ysoserial YSOSERIAL Integration with burp suite
[84星][2y] [Java] yandex/burp-molly-pack Security checks pack for Burp Suite
[82星][6y] [Py] mwielgoszewski/burp-protobuf-decoder A simple Google Protobuf Decoder for Burp
[81星][8m] [Py] leoid/matchandreplace Match and Replace script used to automatically generate JSON option file to BurpSuite
[70星][6y] [Java] irsdl/burpsuitejsbeautifier Burp Suite JS Beautifier
[70星][2m] [Py] ziirish/burp-ui a web-ui for burp backup written in python with Flask and jQuery/Bootstrap
[68星][3y] [Py] stayliv3/burpsuite-changeu burpsuite 插件。将返回值中的unicode明文
[59星][5y] [Ruby] tduehr/buby A JRuby implementation of the BurpExtender interface for PortSwigger Burp Suite.
[53星][2m] [Java] coreyd97/stepper A natural evolution of Burp Suite's Repeater tool
[52星][5y] [Py] jfoote/burp-git-bridge Store Burp data and collaborate via git
[50星][2m] [Java] portswigger/stepper A natural evolution of Burp Suite's Repeater tool
[48星][1y] [java] anbai-inc/burpstart Burp 启动加载器
[46星][2m] [Py] hvqzao/report-ng Generate MS Word template-based reports with HP WebInspect / Burp Suite Pro input, own custom data and knowledge base.
[45星][1y] [Ruby] pentestgeek/burpcommander Ruby command-line interface to Burp Suite's REST API
[42星][11m] [Java] secdec/attack-surface-detector-burp The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
[41星][12m] [Py] zynga/hiccup [DEPRECATED] Hiccup is a framework that allows the Burp Suite (a web application security testing tool,
[41星][6y] [PHP] spiderlabs/upnp-request-generator A tool to parse UPnP descriptor XML files and generate SOAP control requests for use with Burp Suite or netcat
[40星][11m] [Go] joanbono/gurp Burp Commander written in Go
[39星][8m] [Dockerfile] marco-lancini/docker_burp Burp Pro as a Docker Container
[38星][2m] [Py] zephrfish/burpfeed Hacked together script for feeding urls into Burp's Sitemap
[36星][8y] [Py] gdssecurity/burpee Python object interface to requests/responses recorded by Burp Suite
[36星][8y] [C#] gdssecurity/wcf-binary-soap-plug-in a Burp Suite plug-in designed to encode and decode WCF Binary Soap request and response data ("Content-Type: application/soap+msbin1)
[35星][7y] [Java] continuumsecurity/resty-burp REST/JSON interface to Burp Suite
[35星][1y] [Java] bit4woo/resign A burp extender that recalculate signature value automatically after you modified request parameter value.
[33星][3y] [Go] tomsteele/burpstaticscan Use burp's JS static code analysis on code from your local system.
[32星][10m] twelvesec/bearerauthtoken This burpsuite extender provides a solution on testing Enterprise applications that involve security Authorization tokens into every HTTP requests.Furthermore, this solution provides a better approach to solve the problem of Burp suite automated scanning failures when Authorization tokens exist.
[28星][2y] [Java] bit4woo/gui_burp_extender_para_encrypter Burp_Extender_para_encrypter
[28星][4y] [Java] burp-hash/burp-hash a Burp Suite plugin.
[28星][4y] [Py] smeegesec/burp-importer Burp Suite Importer - Connect to multiple web servers while populating the sitemap.
[28星][6m] [Java] bit4woo/burp-api-drops burp suite API 处理http请求和响应的基本流程
[25星][3y] [Java] pokeolaf/pokemongodecoderforburp A simpe decoder to decode requests/responses made by PokemonGo in burp
[22星][7m] [Java] ettic-team/endpointfinder-burp burp plugin to find endpoint
[22星][2y] [Java] silentsignal/burp-uuid UUID issues for Burp Suite
[21星][5y] [Java] khai-tran/burpjdser a Burp plugin that will deserialze/serialize Java request and response to and from XML with the use of Xtream library
[21星][2m] [Java] portswigger/json-web-tokens JWT Support for Burp
[18星][7y] [Java] omercnet/burpjdser-ng BurpJDSer-ng
[18星][2m] [Java] silentsignal/burp-json-jtree JSON JTree viewer for Burp Suite
[18星][2m] [Py] xscorp/burpee A python module that accepts an HTTP request file and returns a dictionary of headers and post data
[17星][3m] [BitBake] sy3omda/burp-bounty is extension of Burp Suite that improve Burp scanner.
[16星][2y] [Visual Basic .NET] xcanwin/xburpcrack This is a tool to bypass the cracked version of the burpsuite_pro(Larry_Lau) certification deadline through time reversal.
[15星][11m] [Java] portswigger/auto-repeater Automated HTTP Request Repeating With Burp Suite
[14星][7m] [Java] portswigger/openapi-parser Parse OpenAPI specifications, previously known as Swagger specifications, into the BurpSuite for automating RESTful API testing – approved by Burp for inclusion in their official BApp Store.
[13星][14d] [Java] ankokuty/belle Belle (Burp Suite 非公式日本語化ツール)
[13星][6y] [Java] ioactive/burpjdser-ng Allows you to deserialize java objects to XML and lets you dynamically load classes/jars as needed
[13星][2y] [Java] netspi/jsonbeautifier JSON Beautifier for Burp written in Java
[12星][2y] [Java] portswigger/json-beautifier JSON Beautifier for Burp written in Java
[11星][9m] [Py] anandtiwarics/python-burp-rest-api Python Package for burprestapi
[11星][2y] [Java] gozo-mt/burplist A jython wordlist creator in-line with Burp-suite
[10星][3y] [Java] portswigger/bypass-waf Add headers to all Burp requests to bypass some WAF products
[10星][2y] [Py] sahildhar/burpextenderpractise burp extender practise
[8星][3y] [Java] silentsignal/burp-cfurl-cache CFURL Cache inspector for Burp Suite
[7星][2y] [Java] jgillam/serphper Serialized PHP toolkit for Burp Suite
[6星][10m] raspberrypilearning/burping-jelly-baby Make a Jelly Baby burp by pressing it!
[6星][11m] chef-koch/windows-redstone-4-1803-data-analysis Explains the telemetry, opt-out methods and provides some Whireshark/Burp dumps in order to see what MS really transmit
[5星][4y] [Py] cyberdefenseinstitute/burp-msgpack MessagePack converter
[5星][2y] [Java] silentsignal/burp-commentator Generates comments for selected request(s) based on regular expressions
[4星][7y] [Py] dnet/burp-gwt-wrapper Burp Suite GWT wrapper
[4星][2y] [Ruby] geoffwalton/burp-command
[4星][2y] [Java] silentsignal/burp-git-version
[4星][6m] [Java] virusdefender/burptime Burp Show Response Time
[4星][12d] [Java] gdgd009xcd/automacrobuilder multi step request sequencer AutoMacroBuilder for burpsuite
[3星][6y] [Java] directdefense/noncetracker A Burp extender module that tracks and updates nonce values per a specific application action.
[3星][3y] [Batchfile] jas502n/burpsuite_pro_v1.7.11-crack BurpSuite_pro_v1.7.11-Crack 破解版抓包神器
[3星][2y] [Py] niemand-sec/burp-scan-them-all Small script for automatizing Burp with Carbonator and slack
[2星][1y] [Py] bao7uo/burpelfish BurpelFish - Adds Google Translate to Burp's Context Menu. "Babel Fish" language translation for app-sec testing in other languages.
[2星][2y] [Java] cornerpirate/demoextender Code used for a tutorial to get Netbeans GUI editor to work with a Burp Suite Extender
[2星][2y] [Py] dnet/burp-scripts Scripts I wrote to extend Burp Suite functionality
[2星][5y] [Shell] evilpacket/bower-burp-static-analysis Nov 2014 scan of bower using burp suite static analysis engine
[2星][6y] [Py] meatballs1/burp_wicket_handler
[2星][4y] [Py] mwielgoszewski/burp-jython-tab
[2星][1y] [Java] peachtech/peachapisec-burp Peach API Security Burp Integration
[1星][2y] [Java] sampsonc/perfmon Performance metrics for Burp Suite
[1星][30d] [Java] bytebutcher/burp-send-to Adds a customizable "Send to..."-context-menu to your BurpSuite.
[0星][2y] [Java] adityachaudhary/phantom-cryptor Burp Suite extender to encrypt requests and decrypt response.
[0星][1y] jgamblin/burptest
[0星][2y] kkirsche/burp_suite_lists Lists to use with Burp Suite
[0星][3y] [Java] luj1985/albatross XML Fast Infoset decoder for Burp Suite
[0星][2y] [Java] silentsignal/burp-asn1 ASN.1 toolbox for Burp Suite

插件&&扩展

[730星][2y] [JS] xl7dev/burpsuite BurpSuite using the document and some extensions
[715星][1y] [Java] d3vilbug/hackbar HackBar plugin for Burpsuite
[605星][10m] [Java] c0ny1/chunked-coding-converter Burp suite 分块传输辅助插件
[445星][7m] [Py] albinowax/activescanplusplus ActiveScan++ Burp Suite Plugin
[410星][8m] [Java] nccgroup/burpsuitehttpsmuggler A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques
[366星][23d] [Java] portswigger/http-request-smuggler an extension for Burp Suite designed to help you launch HTTP Request Smuggling attack
[364星][14d] [Kotlin] portswigger/turbo-intruder a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
[359星][5m] [Java] bit4woo/domain_hunter 利用burp收集整个企业、组织的域名（不仅仅是单个主域名）的插件
[341星][2y] [Py] securityinnovation/authmatrix AuthMatrix is a Burp Suite extension that provides a simple way to test authorization in web applications and web services.
[340星][2y] [Py] pathetiq/burpsmartbuster A Burp Suite content discovery plugin that add the smart into the Buster!
[336星][23d] [Java] bit4woo/knife A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅
[310星][1y] [Java] ebryx/aes-killer Burp plugin to decrypt AES Encrypted traffic of mobile apps on the fly
[273星][2m] [Py] quitten/autorize Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
[257星][3m] [Py] rhinosecuritylabs/iprotate_burp_extension Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.
[250星][1m] [Java] c0ny1/jsencrypter 一个用于加密传输爆破的Burp Suite插件
[246星][5m] [Py] initroot/burpjslinkfinder Burp Extension for a passive scanning JS files for endpoint links.
[244星][3m] [Java] c0ny1/passive-scan-client Burp被动扫描流量转发插件
[238星][3m] [Java] samlraider/samlraider SAML2 Burp Extension
[191星][2y] [Java] p3gleg/pwnback Burp Extender plugin that generates a sitemap of a website using Wayback Machine
[175星][2y] [Py] virtuesecurity/aws-extender a Burp plugin to assess permissions of cloud storage containers on AWS, Google Cloud and Azure.
[174星][3m] [Java] lilifengcode/burpsuite-plugins-usage Burpsuite-Plugins-Usage
[160星][1m] [Py] regala/burp-scope-monitor Burp Suite Extension to monitor new scope
[159星][5m] [Java] netspi/javaserialkiller Burp extension to perform Java Deserialization Attacks
[158星][1y] [Py] bayotop/off-by-slash Bupr扩展, 检测利用Nginx错误配置导致的重名遍历(alias traversal)
[157星][7m] [Py] thekingofduck/burpfakeip 一个用于伪造ip地址进行爆破的Burp Suite插件
[149星][3y] [Java] mwielgoszewski/jython-burp-api Develop Burp extensions in Jython
[143星][6m] [Py] codingo/minesweeper A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
[137星][2y] [Java] netspi/wsdler WSDL Parser extension for Burp
[123星][4y] [Py] moloch--/csp-bypass A Burp Plugin for Detecting Weaknesses in Content Security Policies
[121星][1m] [Py] redhuntlabs/burpsuite-asset_discover Burp Suite extension to discover assets from HTTP response.
[119星][6y] [Py] meatballs1/burp-extensions Burp Suite Extensions
[118星][2m] [Py] prodigysml/dr.-watson a simple Burp Suite extension that helps find assets, keys, subdomains, IP addresses, and other useful information!
[103星][2y] [Java] clr2of8/gathercontacts A Burp Suite Extension to pull Employee Names from Google and Bing LinkedIn Search Results
[103星][2y] [Java] gosecure/csp-auditor Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a Website
[102星][3m] [Java] netspi/burp-extensions Central Repo for Burp extensions
[95星][19d] [Py] m4ll0k/burpsuite-secret_finder Burp Suite extension to discover apikeys/accesstokens and sensitive data from HTTP response.
[89星][3y] [Java] dobin/burpsentinel GUI Burp Plugin to ease discovering of security holes in web applications
[89星][8m] [Py] lopseg/jsdir a Burp Suite extension that extracts hidden paths from js files and beautifies it for further reading.
[88星][2y] [Java] silentsignal/burp-image-size Image size issues plugin for Burp Suite
[87星][10m] [Java] doyensec/burpdeveltraining Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"
[83星][1m] [Java] jgillam/burp-paramalyzer Burp extension for parameter analysis of large-scale web application penetration tests.
[83星][1y] [Py] nccgroup/blackboxprotobuf Blackbox protobuf is a Burp Suite extension for decoding and modifying arbitrary protobuf messages without the protobuf type definition.
[75星][1y] [Java] bit4woo/u2c Unicode To Chinese -- U2C : A burpsuite Extender That Convert Unicode To Chinese 【Unicode编码转中文的burp插件】
[73星][2y] [Java] spiderlabs/burplay Burplay is a Burp Extension allowing for replaying any number of requests using same modifications definition. Its main purpose is to aid in searching for Privilege Escalation issues.
[69星][12d] [Java] c0ny1/captcha-killer burp验证码识别接口调用插件
[65星][2y] [Py] markclayton/bumpster The Unofficial Burp Extension for DNSDumpster.com
[64星][1y] [Java] c0ny1/httpheadmodifer 一款快速修改HTTP数据包头的Burp Suite插件
[63星][5m] [Java] nccgroup/berserko Burp Suite extension to perform Kerberos authentication
[58星][11m] [Java] portswigger/replicator Burp extension to help developers replicate findings from pen tests
[57星][6y] [Java] spiderlabs/burpnotesextension a plugin for Burp Suite that adds a Notes tab. The tool aims to better organize external files that are created during penetration testing.
[51星][1y] [Java] netspi/burpextractor A Burp extension for generic extraction and reuse of data within HTTP requests and responses.
[48星][2y] [Java] inode-/attackselector Burp Suite Attack Selector Plugin
[46星][28d] [Java] netspi/awssigner Burp Extension for AWS Signing
[43星][1y] [Py] br3akp0int/gqlparser A repository for GraphQL Extension for Burp Suite
[42星][5m] [Py] gh0stkey/jsonandhttpp Burp Suite Plugin to convert the json text that returns the body into HTTP request parameters.
[40星][6y] [Java] wuntee/burpauthzplugin Burp plugin to test for authorization flaws
[39星][11m] [Java] tijme/similar-request-excluder A Burp Suite extension that automatically marks similar requests as 'out-of-scope'.
[37星][1y] [Java] augustd/burp-suite-error-message-checks Burp Suite extension to passively scan for applications revealing server error messages
[36星][3y] [Py] 0ang3el/unsafe-jax-rs-burp Burp Suite extension for JAX-RS
[35星][1y] [Java] ikkisoft/blazer Burp Suite AMF Extension
[35星][11d] [Kotlin] typeerror/bookmarks A Burp Suite Extension to take back your repeater tabs
[34星][5y] [Py] dionach/headersanalyzer Burp extension that checks for interesting and security headers
[34星][2y] [Py] penafieljlm/burp-tracer BurpSuite 扩展。获取当前的站点地图，提取每个请求参数，并搜索存在请求参数值的回复
[33星][2y] [Java] dnet/burp-oauth OAuth plugin for Burp Suite Extender
[33星][2m] [Java] rub-nds/tls-attacker-burpextension assist in the evaluation of TLS Server configurations with Burp Suite.
[32星][5y] [Java] malerisch/burp-csj BurpCSJ extension for Burp Pro - Crawljax Selenium JUnit integration
[32星][7m] [Py] portswigger/active-scan-plus-plus ActiveScan++ Burp Suite Plugin
[30星][4y] [Py] carstein/burp-extensions Automatically exported from code.google.com/p/burp-extensions
[30星][7y] [Py] meatballs1/burp_jsbeautifier js-beautifier extension for Burp Suite
[30星][4m] [Py] portswigger/js-link-finder Burp Extension for a passive scanning JS files for endpoint links.
[29星][8m] [Java] hvqzao/burp-flow Extension providing view with filtering capabilities for both complete and incomplete requests from all burp tools.
[26星][10m] [Kotlin] gosecure/burp-ntlm-challenge-decoder Burp extension to decode NTLM SSP headers and extract domain/host information
[24星][2y] [Py] portswigger/burp-smart-buster A Burp Suite content discovery plugin that add the smart into the Buster!
[24星][3y] [Py] silentsignal/activescan3plus Modified version of ActiveScan++ Burp Suite extension
[23星][2y] [Py] aur3lius-dev/spydir BurpSuite extension to assist with Automated Forced Browsing/Endpoint Enumeration
[23星][5m] [Py] elespike/burp-cph Custom Parameter Handler extension for Burp Suite.
[23星][2y] [Ruby] zidekmat/graphql_beautifier Burp Suite extension to help make Graphql request more readable
[22星][8m] [Java] silentsignal/burp-requests Copy as requests plugin for Burp Suite
[21星][2y] [Py] unamer/ctfhelper A simple Burp extension for scanning stuffs in CTF
[20星][3y] [Ruby] kingsabri/burp_suite_extension_ruby BurpSuite Extension Ruby Template to speed up building a Burp Extension using Ruby
[20星][3y] [Py] securitymb/burp-exceptions Simple trick to increase readability of exceptions raised by Burp extensions written in Python
[19星][8m] [Java] hvqzao/burp-wildcard Burp extension intended to compact Burp extension tabs by hijacking them to own tab.
[19星][5y] [Java] nccgroup/wcfdser-ngng A Burp Extender plugin, that will make binary soap objects readable and modifiable.
[18星][4m] [Java] augustd/burp-suite-software-version-checks Burp extension to passively scan for applications revealing software version numbers
[17星][2m] [Java] phefley/burp-javascript-security-extension A Burp Suite extension which performs checks for cross-domain scripting against the DOM, subresource integrity checks, and evaluates JavaScript resources against threat intelligence data.
[17星][7m] [Py] yeswehack/yesweburp YesWeHack Api Extension for Burp
[15星][4y] [Java] shengqi158/rsa-crypto-burp-extention burp 插件用于RSA 数据包加解密
[15星][10m] [Java] twelvesec/jdser-dcomp A Burp Extender plugin that will allow you to tamper with requests containing compressed, serialized java objects.
[15星][1y] [Py] portswigger/nginx-alias-traversal Burp extension to detect alias traversal via NGINX misconfiguration at scale.
[14星][3y] [JS] rinetd/burpsuite-1 BurpSuite using the document and some extensions
[13星][5y] [Py] enablesecurity/identity-crisis A Burp Suite extension that checks if a particular URL responds differently to various User-Agent headers
[13星][7m] [Py] modzero/burp-responseclusterer Burp plugin that clusters responses to show an overview of received responses
[13星][1y] [Java] moeinfatehi/admin-panel_finder A burp suite extension that enumerates infrastructure and application admin interfaces (OTG-CONFIG-005)
[13星][7m] [Py] solomonsklash/sri-check A Burp Suite extension for identifying missing Subresource Integrity attributes.
[12星][3m] [Java] augustd/burp-suite-utils Utilities for creating Burp Suite Extensions.
[12星][5y] [Java] federicodotta/burpjdser-ng-edited Burp Suite plugin that allow to deserialize Java objects and convert them in an XML format. Unpack also gzip responses. Based on BurpJDSer-ng of omercnet.
[12星][7y] [Py] infodel/burp.extension-googlehack Burp Suite Extension providing Google Hacking Interface
[11星][2y] [Ruby] crashgrindrips/burp-dump A Burp plugin to dump HTTP(S) requests/responses to a file system
[11星][6y] [Py] faffi/curlit Burp plugin to turn requests into curl commands
[11星][3y] [Java] h3xstream/burp-image-metadata Burp and ZAP plugin that display image metadata (JPEG Exif or PNG text chunk).
[11星][2y] [Java] hvqzao/burp-token-rewrite Burp extension for automated handling of CSRF tokens
[11星][2y] [Java] portswigger/attack-selector Burp Suite Attack Selector Plugin
[11星][7m] [Java] portswigger/copy-as-python-requests Copy as requests plugin for Burp Suite
[11星][6y] [Py] smeegesec/wsdlwizard WSDL Wizard is a Burp Suite plugin written in Python to detect current and discover new WSDL (Web Service Definition Language) files.
[11星][4y] [Java] monikamorrow/burp-suite-extension-examples Burp Suite starter example projects.
[10星][2y] [HTML] adriancitu/burp-tabnabbing-extension Burp Suite Professional extension in Java for Tabnabbing attack
[10星][6y] [Java] xxux11/burpheartbleedextension Burp Heartbleed Extension
[10星][2y] [Java] c0ny1/burp-cookie-porter 一个可快速“搬运”cookie的Burp Suite插件
[10星][2y] [Java] portswigger/kerberos-authentication Burp Suite extension to perform Kerberos authentication
[9星][5y] [Java] allfro/dotnetbeautifier A BurpSuite extension for beautifying .NET message parameters and hiding some of the extra clutter that comes with .NET web apps (i.e. __VIEWSTATE).
[9星][4y] [Java] augustd/burp-suite-gwt-scan Burp Suite plugin identifies insertion points for GWT (Google Web Toolkit) requests
[9星][7m] [Py] defectdojo/burp-plugin A Burp plugin to export findings to DefectDojo
[9星][1y] [Java] sampsonc/authheaderupdater Burp extension to specify the token value for the Authenication header while scanning.
[9星][2y] [Java] aoncyberlabs/fastinfoset-burp-plugin Burp plugin to convert fast infoset (FI) to/from the text-based XML document format allowing easy editing
[8星][2y] [Py] bao7uo/waf-cookie-fetcher WAF Cookie Fetcher is a Burp Suite extension written in Python, which uses a headless browser to obtain the values of WAF-injected cookies which are calculated in the browser by client-side JavaScript code and adds them to Burp's cookie jar. Requires PhantomJS.
[8星][6y] [Java] cyberisltd/post2json Burp Suite Extension to convert a POST request to JSON message, moving any .NET request verification token to HTTP headers if present
[8星][3y] [Java] eonlight/burpextenderheaderchecks A Burp Suite Extension that adds Header Checks and other helper functionalities
[8星][2y] [Java] rammarj/csrf-poc-creator A Burp Suite extension for CSRF proof of concepts.
[8星][5m] [Py] fsecurelabs/timeinator Timeinator is an extension for Burp Suite that can be used to perform timing attacks over an unreliable network such as the internet.
[7星][3y] [Java] dibsy/staticanalyzer StaticAnalyzer is a burp plugin that can be used to perform static analysis of the response information from server during run time. It will search for specific words in the response that is mentioned in the vectors.txt
[7星][3y] [Ruby] dradis/burp-dradis Dradis Framework extension for Burp Suite
[7星][3y] [Java] fruh/extendedmacro ExtendedMacro - BurpSuite plugin providing extended macro functionality
[7星][1y] [Java] pajswigger/add-request-to-macro Burp extension to add a request to a macro
[7星][2y] [Java] yehgdotnet/burp-extention-bing-translator Burp Plugin - Bing Translator
[6星][3m] [Java] aress31/copy-as-powershell-requests Copy as PowerShell request(s) plugin for Burp Suite (approved by PortSwigger for inclusion in their official BApp Store).
[6星][1m] [Java] aress31/googleauthenticator Burp Suite plugin that dynamically generates Google 2FA codes for use in session handling rules (approved by PortSwigger for inclusion in their official BApp Store).
[6星][3m] [Java] lorenzog/burpaddcustomheader A Burp Suite extension to add a custom header (e.g. JWT)
[6星][2y] [Py] maxence-schmitt/officeopenxmleditor Burp extension that add a tab to edit Office Open XML document (xlsx,docx,pptx)
[6星][2y] [Java] silentsignal/burp-uniqueness Uniqueness plugin for Burp Suite
[6星][2y] [Java] stackcrash/burpheaders Burp extension for checking optional headers
[6星][5m] [Java] augustd/burp-suite-jsonpath JSONPath extension for BurpSuite
[6星][7m] [Java] denniskniep/gqlraider GQL Burp Extension
[6星][2m] [Java] neal1991/r-forwarder-burp The burp extension to forward the request
[5星][6y] [Java] eganist/burp-issue-poster This Burp Extension is intended to post to a service the details of an issue found either by active or passive scanning
[5星][3y] [Py] floyd-fuh/burp-collect500 Burp plugin that collects all HTTP 500 messages
[5星][7y] [Py] mwielgoszewski/jython-burp-extensions Jython burp extensioins
[5星][2m] [Java] iamaldi/rapid Rapid is a Burp extension that enables you to save HTTP Request / Response to file in a user friendly text format a lot faster.
[5星][22d] [Ruby] dradis/dradis-burp Burp Suite plugin for the Dradis Framework
[5星][27d] [Java] parsiya/bug-diaries A extension for Burp's free edition that mimics the pro edition's custom scan issues.
[4星][6y] [Perl] allfro/browserrepeater BurpSuite extension for Repeater tool that renders responses in a real browser.
[4星][2y] [Java] dannegrea/tokenjar Burp Suite extension. Useful for managing tokens like anti-CSRF, CSurf, Session values. Can be used to set params that require random numbers or params that are computed based on application response.
[4星][2y] [Java] pentestpartners/fista A Burp Extender plugin allowing decoding of fastinfoset encoded communications.
[4星][3y] [Java] jksecurity/burp_savetofile BurpSuite plugin to save just the body of a request or response to a file
[3星][2y] [Py] externalist/aes-encrypt-decrypt-burp-extender-plugin-example A POC burp extender plugin to seamlessly decrypt/encrypt encrypted HTTP network traffic.
[3星][9m] [Java] raise-isayan/bigipdiscover It becomes the extension of Burp suite. The cookie set by the BipIP server may include a private IP, which is an extension to detect that IP
[3星][2y] [Py] snoopysecurity/noopener-burp-extension Find Target="_blank" values within web pages that are set without 'noopener' and 'noreferrer' attributes
[3星][3y] [Py] vergl4s/signatures Length extension attacks in Burp Suite
[3星][3y] [Java] cnotin/burp-scan-manual-insertion-point Burp Suite Pro extension
[3星][3m] [Java] wrvenkat/burp-multistep-csrf-poc Burp extension to generate multi-step CSRF POC.
[3星][3m] [Java] augustd/burp-suite-swaggy Burp Suite extension for parsing Swagger web service definition files
[3星][7m] [Py] solomonsklash/cookie-decrypter A Burp Suite Professional extension for decrypting/decoding various types of cookies.
[2星][2y] [Java] alexlauerman/incrementmeplease Burp extension to increment a parameter in each active scan request
[2星][4y] [Py] d453d2/burp-jython-console Burp Suite extension to enable a Jython console - origin (
[2星][1y] [Java] matanatr96/decoderproburpsuite Burp Suite Plugin to decode and clean up garbage response text
[2星][3y] [Java] silentsignal/burp-json-array JSON Array issues plugin for Burp Suite
[2星][2y] stayliv3/burpsuite-magic 收集burpsuite插件，并对每个插件编写使用说明手册。
[2星][2y] [Ruby] thec00n/uploader Burp extension to test for directory traversal attacks in insecure file uploads
[2星][8y] [Java] thecao365/burp-suite-beautifier-extension burp-suite-beautifier-extension
[2星][28d] [Java] parsiya/burp-sample-extension-java Sample Burp Extension in Java
[1星][7m] [Java] bort-millipede/burp-batch-report-generator Small Burp Suite Extension to generate multiple scan reports by host with just a few clicks. Works with Burp Suite Professional only.
[1星][28d] [Java] infobyte/faraday_burp Faraday Burp Extension
[1星][9m] [Java] jonluca/burp-copy-as-node Burp extension to copy a request as a node.js requests function
[1星][2y] [Java] moradotai/cms-scan An active scan extension for Burp that provides supplemental coverage when testing popular content management systems.
[1星][3y] [Java] tagomaru/burp-extension-sync-parameter an extension to Burp Suite that provides a sync function for CSRF token parameter.
[1星][3m] [Py] bomsi/blockerlite Simple Burp extension to drop blacklisted hosts
[1星][4y] [Py] hvqzao/burp-csrf-handling CSRF tokens handling Burp extension
[1星][1m] [Java] sunny0day/burp-auto-drop Burp extension to automatically drop requests that match a certain regex.
[0星][3y] [Java] chris-atredis/burpchat burpChat is a BurpSuite plugin that enables collaborative BurpSuite usage using XMPP/Jabber.
[0星][2y] [Java] insighti/burpamx AMX Authorization Burp Suite Extension
[0星][9m] [Java] xorrbit/burp-nessusloader Burp Suite extension to import detected web servers from a Nessus scan xml file (.nessus)

漏洞&&扫描

[663星][10m] [Java] vulnerscom/burp-vulners-scanner Burp扫描插件，基于vulners.com搜索API
[510星][2m] [Java] wagiro/burpbounty is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
[395星][2y] [Java] federicodotta/java-deserialization-scanner All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities
[225星][6m] [Perl] modzero/mod0burpuploadscanner HTTP file upload scanner for Burp Proxy
[186星][1y] [Perl] portswigger/upload-scanner HTTP file upload scanner for Burp Proxy
[136星][22d] [JS] h3xstream/burp-retire-js Burp/ZAP/Maven extension that integrate Retire.js repository to find vulnerable Javascript libraries.
[128星][2y] [Java] yandex/burp-molly-scanner Turn your Burp suite into headless active web application vulnerability scanner
[101星][2y] [Java] spiderlabs/airachnid-burp-extension A Burp Extension to test applications for vulnerability to the Web Cache Deception attack
[85星][4m] [Py] kapytein/jsonp a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints. This could help reveal cross-site script inclusion vulnerabilities or aid in bypassing content security policies.
[81星][9m] [Py] nccgroup/argumentinjectionhammer A Burp Extension designed to identify argument injection vulnerabilities.
[75星][4y] [Java] directdefense/superserial SuperSerial - Burp Java Deserialization Vulnerability Identification
[74星][4y] [Py] integrissecurity/carbonator The Burp Suite Pro extension that automates scope, spider & scan from the command line.
[59星][1y] [Py] capt-meelo/telewreck A Burp extension to detect and exploit versions of Telerik Web UI vulnerable to CVE-2017-9248.
[58星][3y] [Java] vulnerscom/burp-dirbuster Dirbuster plugin for Burp Suite
[57星][3y] [Java] linkedin/sometime A BurpSuite plugin to detect Same Origin Method Execution vulnerabilities
[56星][2y] [Java] bigsizeme/burplugin-java-rce Burp plugin, Java RCE
[46星][2y] [Java] portswigger/httpoxy-scanner A Burp Suite extension that checks for the HTTPoxy vulnerability.
[42星][2y] [Py] modzero/interestingfilescanner Burp extension
[39星][3y] [Java] directdefense/superserial-active SuperSerial-Active - Java Deserialization Vulnerability Active Identification Burp Extender
[38星][1y] [Py] luh2/detectdynamicjs The DetectDynamicJS Burp Extension provides an additional passive scanner that tries to find differing content in JavaScript files and aid in finding user/session data.
[35星][4m] [Py] arbazkiraak/burpblh 使用IScannerCheck发现被劫持的损坏链接. Burp插件
[34星][4y] [Py] politoinc/yara-scanner Yara intergrated into BurpSuite
[34星][3y] [Py] thomaspatzke/burp-sessionauthtool Burp plugin which supports in finding privilege escalation vulnerabilities
[29星][2y] [Py] portswigger/wordpress-scanner Find known vulnerabilities in WordPress plugins and themes using Burp Suite proxy. WPScan like plugin for Burp.
[29星][7m] [Java] portswigger/scan-check-builder Burp Bounty is a extension of Burp Suite that improve an active and passive scanner by yourself. This extension requires Burp Suite Pro.
[25星][2y] [Java] vankyver/burp-vulners-scanner Burp scanner plugin based on Vulners.com vulnerability database
[25星][6y] [Py] opensecurityresearch/custompassivescanner A Custom Scanner for Burp
[23星][3y] [Java] vah13/burpcrlfplugin Another plugin for CRLF vulnerability detection
[22星][9m] [BitBake] ghsec/bbprofiles Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that improve an active and passive scanner by yourself. This extension requires Burp Suite Pro.
[21星][3y] [Py] f-secure/headless-scanner-driver A Burp Suite extension that starts scanning on requests it sees, and dumps results on standard output
[20星][3m] [Java] aress31/flarequench Burp Suite plugin that adds additional checks to the passive scanner to reveal the origin IP(s) of Cloudflare-protected web applications.
[19星][2m] [Java] mirfansulaiman/customheader This Burp Suite extension allows you to customize header with put a new header into HTTP REQUEST BurpSuite (Scanner, Intruder, Repeater, Proxy History)
[18星][4y] codewatchorg/burp-yara-rules Yara rules to be used with the Burp Yara-Scanner extension
[18星][6m] [Java] thomashartm/burp-aem-scanner Burp Scanner extension to fingerprint and actively scan instances of the Adobe Experience Manager CMS. It checks the website for common misconfigurations and security holes.
[16星][1y] [Py] portswigger/additional-scanner-checks Collection of scanner checks missing in Burp
[14星][3y] [Java] portswigger/same-origin-method-execution A BurpSuite plugin to detect Same Origin Method Execution vulnerabilities
[13星][1y] [Py] thomaspatzke/burp-missingscannerchecks Collection of scanner checks missing in Burp
[12星][2y] [Java] ah8r/csrf CSRF Scanner Extension for Burp Suite Pro
[10星][4y] [Java] augustd/burp-suite-token-fetcher Burp Extender to add unique form tokens to scanner requests.
[10星][1y] [Py] portswigger/detect-dynamic-js The DetectDynamicJS Burp Extension provides an additional passive scanner that tries to find differing content in JavaScript files and aid in finding user/session data.
[10星][3y] [Java] ring04h/java-deserialization-scanner All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities
[10星][2y] [Java] securifybv/phpunserializecheck PHP Unserialize Check - Burp Scanner Extension
[10星][23d] [Java] veggiespam/imagelocationscanner Scan for GPS location exposure in images with this Burp & ZAP plugin.
[7星][3y] [Py] luh2/pdfmetadata The PDF Metadata Burp Extension provides an additional passive Scanner check for metadata in PDF files.
[4星][4y] [Ruby] blazeinfosec/activeevent ActiveEvent is a Burp plugin that integrates Burp Scanner and Splunk events
[4星][2y] [Java] codedx/burp-extension Burp Suite plugin to send data to Code Dx software vulnerability management system
[2星][3y] [Java] moeinfatehi/cvss_calculator CVSS Calculator - a burp suite extension for calculating CVSS v2 and v3 scores of vulnerabilities.
[2星][6y] [Java] thec00n/dradis-vuln-table Dradis Vuln Table extension for Burp suite
[1星][1y] [Java] logicaltrust/burpexiftoolscanner Burp extension, reads metadata using ExifTool
[1星][2y] [Java] rammarj/burp-header-injector Burp Free plugin to test for host header injection vulnerabilities. (Development)
[1星][9m] [Py] jamesm0rr1s/burpsuite-add-and-track-custom-issues Add & Track Custom Issues is a Burp Suite extension that allows users to add and track manual findings that the automated scanner was unable to identify.

代理

[912星][3y] [Java] summitt/burp-non-http-extension Non-HTTP Protocol Extension (NoPE) Proxy and DNS for Burp Suite.
[303星][15d] [Java] ilmila/j2eescan a plugin for Burp Suite Proxy. The goal of this plugin is to improve the test coverage during web application penetration tests on J2EE applications.
[250星][2y] [Java] portswigger/collaborator-everywhere Burp Suite 扩展，通过注入非侵入性 headers 来增强代理流量，通过引起 Pingback 到 Burp Collaborator 来揭露后端系统
[150星][5m] [Py] kacperszurek/burp_wp Find known vulnerabilities in WordPress plugins and themes using Burp Suite proxy. WPScan like plugin for Burp.
[88星][6m] [Java] rub-nds/burpssoextension An extension for BurpSuite that highlights SSO messages in Burp's proxy window..
[73星][8m] [Py] jiangsir404/pbscan 基于burpsuite headless 的代理式被动扫描系统
[66星][2m] [Java] static-flow/burpsuite-team-extension This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes through your Burpsuite instance will be replicated in the history of the other testers and vice-versa!
[49星][2y] [Py] mrschyte/socksmon 使用 BURP 或 ZAP 的 TCP 拦截代理
[33星][4y] [Py] peacand/burp-pytemplate Burp extension to quickly and easily develop Python complex exploits based on Burp proxy requests.
[30星][2y] [Py] aurainfosec/burp-multi-browser-highlighting Highlight Burp proxy requests made by different browsers
[29星][2y] [Java] ibey0nd/nstproxy 一款存储HTTP请求入库的burpsuite插件
[27星][2y] [Py] mrts/burp-suite-http-proxy-history-converter Python script that converts Burp Suite HTTP proxy history files to CSV or HTML
[26星][7m] [Java] static-flow/directoryimporter a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an alternative to proxying bruteforcing tools through burp to catch the results.
[22星][3y] [Swift] melvinsh/burptoggle Status bar application for OS X to toggle the state of the system HTTP/HTTPS proxy.
[17星][2y] [Java] portswigger/j2ee-scan J2EEScan is a plugin for Burp Suite Proxy. The goal of this plugin is to improve the test coverage during web application penetration tests on J2EE applications.
[13星][4y] [Java] retanoj/burpmultiproxy Burpsuite 切换代理插件
[11星][8y] [Java] gdssecurity/deflate-burp-plugin The Deflate Burp Plugin is a plug-in for Burp Proxy (it implements the IBurpExtender interface) that decompresses HTTP response content in the ZLIB (RFC1950) and DEFLATE (RFC1951) compression formats.
[11星][4y] [Py] vincd/burpproxypacextension Exemple d'extension Burp permettant d'utiliser les fichiers de configuration de proxy PAC
[8星][2y] [Py] andresriancho/burp-proxy-search Burp suite HTTP history advanced search
[6星][2y] [Java] secureskytechnology/burpextender-proxyhistory-webui Burp Extender . Proxy History viewer in Web UI
[5星][3y] [Java] mrts/burp-suite-http-proxy-history-viewer Burp Suite HTTP proxy history viewer
[5星][3y] [Java] netspi/jsws JavaScript Web Service Proxy Burp Plugin
[3星][2y] [Kotlin] pajswigger/filter-options Burp extension to filter OPTIONS requests from proxy history
[2星][1y] [Java] coastalhacking/burp-pac Burp Proxy Auto-config Extension

日志

[496星][2m] [Py] romanzaikin/burpextension-whatsapp-decryption-checkpoint Burp extension to decrypt WhatsApp Protocol
[239星][1y] [Java] nccgroup/burpsuiteloggerplusplus Burp Suite Logger++: Log activities of all the tools in Burp Suite
[93星][2y] [Py] debasishm89/burpy parses Burp Suite log and performs various tests depending on the module provided and finally generate a HTML report.
[63星][4y] [Py] tony1016/burplogfilter A python3 program to filter Burp Suite log file.
[43星][1y] [Py] bayotop/sink-logger Burp扩展,无缝记录所有传递到已知JavaScript sinks的数据
[32星][3m] [Java] righettod/log-requests-to-sqlite BURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.
[5星][8m] [Java] logicaltrust/burphttpmock This Burp extension provides mock responses based on the real ones.
[3星][1y] [Java] ax/burp-logs Logs is a Burp Suite extension to work with log files.
[0星][3y] [Java] silentsignal/burp-sqlite-logger SQLite logger for Burp Suite
- 重复区段: 工具->SQL |

XSS

[301星][1y] [Java] elkokc/reflector Burp 插件，浏览网页时实时查找反射 XSS
[301星][3y] [Java] nvisium/xssvalidator This is a burp intruder extender that is designed for automation and validation of XSS vulnerabilities.
[163星][3m] [Py] wish-i-was/femida Automated blind-xss search for Burp Suite
[101星][1y] [Java] mystech7/burp-hunter XSS Hunter Burp Plugin
[44星][7m] [Py] bitthebyte/bitblinder Burp extension helps in finding blind xss vulnerabilities
[34星][3y] [Py] attackercan/burp-xss-sql-plugin Burp plugin which I used for years which helped me to find several bugbounty-worthy XSSes, OpenRedirects and SQLi.
[30星][14d] [JS] psych0tr1a/elscripto XSS explot kit/Blind XSS framework/BurpSuite extension
[27星][3y] [Java] portswigger/xss-validator This is a burp intruder extender that is designed for automation and validation of XSS vulnerabilities.
[23星][9m] [Py] hpd0ger/supertags 一个Burpsuite插件，用于检测隐藏的XSS
[22星][1y] [Py] jiangsir404/xss-sql-fuzz burpsuite 插件对GP所有参数(过滤特殊参数)一键自动添加xss sql payload 进行fuzz
- 重复区段: 工具->Fuzz |工具->SQL |
[2星][1y] [Java] conanjun/xssblindinjector burp插件，实现自动化xss盲打以及xss log

Collaborator

[88星][2y] [Java] federicodotta/handycollaborator Burp Suite plugin created for using Collaborator tool during manual testing in a comfortable way!
[68星][3m] [Java] netspi/burpcollaboratordnstunnel A DNS tunnel utilizing the Burp Collaborator
[39星][2y] [Java] bit4woo/burp_collaborator_http_api 基于Burp Collaborator的HTTP API
[31星][3y] [Java] silentsignal/burp-collab-gw Simple socket-based gateway to the Burp Collaborator
[30星][2m] [Shell] putsi/privatecollaborator A script for installing private Burp Collaborator with free Let's Encrypt SSL-certificate
[25星][27d] [Java] portswigger/taborator A Burp extension to show the Collaborator client in a tab
[17星][2y] [HCL] 4armed/terraform-burp-collaborator Terraform configuration to build a Burp Private Collaborator Server
[8星][27d] [Java] hackvertor/taborator A Burp extension to show the Collaborator client in a tab

Fuzz

[209星][3m] [Java] h3xstream/http-script-generator ZAP/Burp plugin that generate script to reproduce a specific HTTP request (Intended for fuzzing or scripted attacks)
[62星][5m] [Py] pinnace/burp-jwt-fuzzhelper-extension Burp扩展, 用于Fuzzing JWT
[54星][3y] [Py] mseclab/burp-pyjfuzz Burp Suite plugin which implement PyJFuzz for fuzzing web application.
[38星][3y] team-firebugs/burp-lfi-tests Fuzzing for LFI using Burpsuite
[28星][3y] [Py] floyd-fuh/burp-httpfuzzer Burp plugin to do random fuzzing of HTTP requests
[22星][1y] [Py] jiangsir404/xss-sql-fuzz burpsuite 插件对GP所有参数(过滤特殊参数)一键自动添加xss sql payload 进行fuzz
- 重复区段: 工具->XSS |工具->SQL |
[18星][1y] [Py] mgeeky/burpcontextawarefuzzer BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JSON; XML; GWT; binary) and following encoding-scheme applied originally.
[18星][7y] raz0r/burp-radamsa Radamsa fuzzer extension for Burp Suite
[11星][3y] [Java] portswigger/reissue-request-scripter ZAP/Burp plugin that generate script to reproduce a specific HTTP request (Intended for fuzzing or scripted attacks)
[4星][2y] [Java] huvuqu/fuzz18plus Advance of fuzzing for Web pentest. Based on Burp extension, send HTTP request template out to Python fuzzer.
[1星][5m] [Kotlin] gosecure/burp-fuzzy-encoding-generator Quickly test various encoding for a given value in Burp Intruder

Payload

[423星][6m] [Java] bit4woo/recaptcha 自动识别图形验证码并用于burp intruder爆破模块的插件
[152星][4y] trietptm/sql-injection-payloads SQL Injection Payloads for Burp Suite, OWASP Zed Attack Proxy,...
- 重复区段: 工具->SQL |
[70星][2y] [Java] ikkisoft/bradamsa Burp Suite extension to generate Intruder payloads using Radamsa
[56星][1y] [Py] destine21/zipfileraider ZIP File Raider - Burp Extension for ZIP File Payload Testing
[55星][2y] [Java] righettod/virtualhost-payload-generator BURP extension providing a set of values for the HTTP request "Host" header for the "BURP Intruder" in order to abuse virtual host resolution.
[32星][3y] tdifg/payloads for burp
[19星][4y] [Java] lgrangeia/aesburp Burp Extension to manipulate AES encrypted payloads
[17星][3m] thehackingsage/burpsuite BurpSuite Pro, Plugins and Payloads
[16星][3y] [Java] portswigger/java-serialized-payloads YSOSERIAL Integration with burp suite
[12星][2m] [Java] tmendo/burpintruderfilepayloadgenerator Burp Intruder File Payload Generator
[10星][2y] antichown/burp-payloads Burp Payloads
[5星][4y] [Java] antoinet/burp-decompressor An extension for BurpSuite used to access and modify compressed HTTP payloads without changing the content-encoding.
[5星][5y] [Py] enablesecurity/burp-luhn-payload-processor A plugin for Burp Suite Pro to work with attacker payloads and automatically generate check digits for credit card numbers and similar numbers that end with a check digit generated using the Luhn algorithm or formula (also known as the "modulus 10" or "mod 10" algorithm).
[3星][7y] [Py] infodel/burp.extension-payloadparser Burp Extension for parsing payloads containing/excluding characters you provide.
[3星][2y] [Java] pan-lu/recaptcha A Burp Extender that auto recognize CAPTCHA and use for Intruder payload

SQL

[381星][1y] [Py] rhinosecuritylabs/sleuthql Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.
[235星][1y] [Java] difcareer/sqlmap4burp sqlmap embed in burpsuite
[174星][2m] [Py] codewatchorg/sqlipy Burp Suite 插件, 使用 SQLMap API 集成SQLMap
[152星][4y] trietptm/sql-injection-payloads SQL Injection Payloads for Burp Suite, OWASP Zed Attack Proxy,...
- 重复区段: 工具->Payload |
[109星][2m] [Java] c0ny1/sqlmap4burp-plus-plus 一款兼容Windows，mac，linux多个系统平台的Burp与sqlmap联动插件
[24星][2m] [Py] portswigger/sqli-py a Python plugin for Burp Suite that integrates SQLMap using the SQLMap API.
[22星][1y] [Py] jiangsir404/xss-sql-fuzz burpsuite 插件对GP所有参数(过滤特殊参数)一键自动添加xss sql payload 进行fuzz
- 重复区段: 工具->XSS |工具->Fuzz |
[22星][7y] [Py] milo2012/burpsql Automating SQL injection using Burp Proxy Logs and SQLMap
[8星][8m] [Py] orleven/burpcollect 基于BurpCollector的二次开发，记录Burpsuite Site Map记录的里的数据包中的目录路径参数名信息，并存入Sqlite，并可导出txt文件。
[0星][3y] [Java] silentsignal/burp-sqlite-logger SQLite logger for Burp Suite
- 重复区段: 工具->日志 |

Android

[274星][2y] [Java] mateuszk87/badintent Intercept, modify, repeat and attack Android's Binder transactions using Burp Suite
[9星][4m] [JS] shahidcodes/android-nougat-ssl-intercept It decompiles target apk and adds security exception to accept all certificates thus making able to work with Burp/Charles and Other Tools

其他

[584星][1y] [Java] federicodotta/brida The new bridge between Burp Suite and Frida!
[354星][2y] [Shell] koenbuyens/kalirouter 将 KaliLinux 主机转变为路由器，使用 Wireshark 记录所有的网络流量，同时将 HTTP/HTTPS 流量发送到其他主机的拦截代理（例如 BurpSuite）
[298星][1y] [Shell] yw9381/burp_suite_doc_zh_cn 这是基于Burp Suite官方文档翻译而来的中文版文档
[230星][1y] [Py] audibleblink/doxycannon 为一堆OpenVPN文件分别创建Docker容器, 每个容器开启SOCKS5代理服务器并绑定至Docker主机端口, 再结合使用Burp或ProxyChains, 构建私有的Botnet
[219星][10m] [Py] teag1e/burpcollector 通过BurpSuite来构建自己的爆破字典，可以通过字典爆破来发现隐藏资产。
[141星][6m] [Py] integrity-sa/burpcollaborator-docker a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate
[130星][7m] [Go] empijei/wapty Go语言编写的Burp的替代品。（已不再维护）
[121星][2m] cujanovic/content-bruteforcing-wordlist Wordlist for content(directory) bruteforce discovering with Burp or dirsearch
[77星][1m] [Go] root4loot/rescope defining scopes for Burp Suite and OWASP ZAP.
[64星][3m] [Java] aress31/swurg Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments
[12星][30d] boreas514/burp-suite-2.0-chinese-document 中文版burp2.0官方文档
[0星][3y] fbogner/burp.app A small AppleScript wrapper application around Burp.jar to make it more OS X like

文章

新添加

2019.12 [aliyun] 如何利用xray、burp、lsc构成自动化挖src平台
2019.12 [parsiya] Developing and Debugging Java Burp Extensions with Visual Studio Code
2019.11 [parsiya] Swing in Python Burp Extensions - Part 3 - Tips and Tricks
2019.11 [parsiya] Swing in Python Burp Extensions - Part 2 - NetBeans and TableModels
2019.11 [parsiya] Swing in Python Burp Extensions - Part 1
2019.10 [KacperSzurek] [BURP] Intruder: Jak sprawdzić typ konta?
2019.10 [KacperSzurek] [BURP] 12 trików do Burp Repeater
2019.10 [parsiya] Quality of Life Tips and Tricks - Burp Suite
2019.10 [freebuf] 使用Burp拦截Flutter App与其后端的通信
2019.10 [KacperSzurek] [BURP] Jak stworzyć makro do odświeżania sesji?
2019.09 [BrokenSecurity] 036 part of Ethical Hacking - Burpsuite login bruteforce
2019.09 [BrokenSecurity] 033 part of Ethical Hacking - Editing packets in Burpsuite
2019.09 [BrokenSecurity] 032 part of Ethical Hacking - Burpsuite configuration
2019.09 [aliyun] BurpSuite插件 - AutoRepeater说明
2019.09 [radekk] Firefox and Burp Suite — the most secure configuration
2019.08 [nviso] Using Burp’s session Handling Rules to insert authorization cookies into Intruder, Repeater and even sqlmap
2019.08 [arbazhussain] LinkDumper Burp Plugin
2019.08 [chawdamrunal] How i exploit out-of-band resource load (HTTP) using burp suite extension plugin (taborator)
2019.07 [0x00sec] Doubt with header. Burp & Tamper
2019.06 [appsecconsulting] Ten Useful Burp Suite Pro Extensions for Web Application Testing
2019.06 [bugbountywriteup] Deploy a private Burp Collaborator Server in Azure
2019.06 [infosecinstitute] Intercepting HTTPS traffic with Burp Suite
2019.06 [0x00sec] Achieving Persistent Access to Burp Collaborator Sessions
2019.06 [bugbountywriteup] Digging Android Applications — Part 1 — Drozer + Burp
2019.06 [NetworkHeros] Bug Bounty : BurpSuite Professional v2.0.11 Free and Set up for Proxy Intercept
2019.05 [web] Scanning TLS Server Configurations with Burp Suite
2019.05 [infosecaddicts] Burp Suite
2019.04 [parsiya] Disabling Burp's Update Screen - Part 1 - Analysis and Failures
2019.04 [parsiya] Disabling Burp's Update Screen - Part 1 - Analysis and Failures
2019.04 [parsiya] Hiding OPTIONS - An Adventure in Dealing with Burp Proxy in an Extension
2019.04 [parsiya] Hiding OPTIONS - An Adventure in Dealing with Burp Proxy in an Extension
2019.02 [infosecinstitute] Quick and Dirty BurpSuite Tutorial (2019 Update)
2019.02 [pentestpartners] Burp HMAC header extensions, a how-to
2019.01 [freebuf] 详细讲解 | 利用python开发Burp Suite插件（二）
2019.01 [nxadmin] Android 7.0+手机burpsuite抓包https
2019.01 [freebuf] 详细讲解 | 利用python开发Burp Suite插件（一）
2019.01 [freebuf] Burpsuite Collaborato模块详解
2019.01 [4hou] 利用Python编写具有加密和解密功能的Burp插件（下）
2019.01 [4hou] 利用Python编写具有加密和解密功能的Burp插件（上）
2019.01 [aliyun] 使用Burp Suite 宏自动化处理 Session 会话
2019.01 [sans] Extending Burp to Find Struts and XXE Vulnerabilities
2018.12 [parsiya] Cryptography in Python Burp Extensions
2018.12 [parsiya] Python Utility Modules for Burp Extensions
2018.12 [ecforce] 创建Burp扩展, 使用HMAC签名替换HTTP Header
2018.12 [parsiya] 使用Burp的网站地图比较功能, 检测强制浏览/访问控制/直接对象引用等问题
2018.12 [parsiya] Tiredful API - Part 2 - Comparing Site Maps with Burp
2018.12 [parsiya] Tiredful API - Part 1 - Burp Session Validation with Macros
2018.12 [4hou] 通过Burp Macros自动化平台对Web应用的模糊输入进行处理
2018.12 [parsiya] Tiredful API. Part1: 使用宏验证Burp会话
2018.12 [doyler] Proxy Android Apps through Burp for Mobile Assessments
2018.12 [mindpointgroup] REST Assured: Penetration Testing REST APIs Using Burp Suite: Part 3 – Reporting
2018.11 [wallarm] FAST or Burp or both?
2018.11 [arbazhussain] Broken Link Hijacking Burp Plugin
2018.11 [4hou] 利用burp插件Hackvertor绕过waf并破解XOR加密
2018.11 [mindpointgroup] 使用Burp对REST API进行渗透测试. Part2
2018.11 [pediy] [原创]利用BurpSuite到SQLMap批量测试SQL注入
2018.11 [vanimpe] Hunt for devices with default passwords (with Burp)
2018.11 [d0znpp] Extending fuzzing with Burp by FAST
2018.11 [jerrygamblin] Automatically Create Github Issues From Burp 2.0
2018.11 [mindpointgroup] 使用Burp Suite对REST API进行渗透测试. Part1:介绍与配置
2018.11 [doyensec] Introducing burp-rest-api v2
2018.10 [valerio] MITM using arpspoof + Burp or mitmproxy on Kali Linux
2018.10 [portswigger] Burp 2.0: How do I throttle requests? | Blog
2018.10 [portswigger] Burp 2.0: Where is live scanning? | Blog
2018.10 [portswigger] Burp 2.0: How do I scan individual items? | Blog
2018.10 [portswigger] Burp 2.0: Where is the scan queue? | Blog
2018.10 [MastersInEthicalHacking] An Introduction To Burp Suite Tool In Hindi
2018.10 [portswigger] Burp 2.0: Where are the Spider and Scanner? | Blog
2018.09 [4hou] 使用Burp和Ysoserial实现Java反序列化漏洞的盲利用
2018.08 [portswigger] Burp Suite Enterprise Edition beta now available | Blog
2018.08 [jerrygamblin] Bulk Bug Bounty Scanning With The Burp 2.0 API
2018.08 [4hou] Burp Extractor扩展工具介绍
2018.08 [aliyun] BurpSuite Extender之巧用Marco和Extractor绕过Token限制
2018.08 [netspi] Introducing Burp Extractor
2018.08 [portswigger] Burp's new crawler | Blog
2018.07 [cqureacademy] How To Burp With Confidence – Our 5 Favorite Features
2018.07 [freebuf] 使用VirtualBox，INetSim和Burp建立自己的恶意软件分析实验环境
2018.07 [web] Support for XXE attacks in SAML in our Burp Suite extension
2018.06 [bugbountywriteup] How to brute force efficiently without Burp Pro
2018.06 [finnwea] An efficiency improvement for Burp Suite
2018.06 [finnwea] An efficiency improvement for Burp Suite
2018.06 [hackers] Online Password Cracking with THC-Hydra and BurpSuite
2018.06 [integrity] CVE-2018-10377 - Insufficient Validation of Burp Collaborator Server Certificate
2018.06 [NetworkHeros] Ethical Hacking (CEHv10) :Intercept HTTPS (SSL) traffic with Burpsuite
2018.06 [NetworkHeros] Ethical Hacking (CEHv10): BurpSuite install and configure proxy
2018.05 [hackerone] New Hacker101 Content: Threat modeling, Burp basics, and more
2018.05 [aliyun] 基于Burp Collaborator的HTTP API
2018.05 [freebuf] Burpsuit结合SQLMapAPI产生的批量注入插件（X10）
2018.05 [tevora] Blind Command Injection Testing with Burp Collaborator
2018.05 [pentestingexperts] Minesweeper – A Burpsuite plugin (BApp) to aid in the detection of cryptocurrency mining domains (cryptojacking)
2018.05 [freebuf] Burp Xss Scanner插件开发思路分享（附下载）
2018.05 [thief] burpsuite插件开发之检测越权访问漏洞
2018.05 [freebuf] Burpsuit结合SQLMapAPI产生的批量注入插件
2018.04 [PNPtutorials] Burpsuite Tutorial for Beginners: Learn Burpsuite from Scratch
2018.04 [freebuf] 实现一个简单的Burp验证码本地识别插件
2018.04 [dustri] Confusing Burp's display with fake encoding
2018.04 [aliyun] 如何搭建自己的 Burp Collaborator 服务器
2018.04 [JosephDelgadillo] Learn Kali Linux Episode #55: Burp Suite Basics
2018.04 [freebuf] 关于Sql注入以及Burpsuite Intruders使用的一些浅浅的见解
2018.03 [secureideas] Burp Suite continuing the Saga
2018.03 [HackerSploit] Web App Penetration Testing - #3 - Brute Force Attacks With Burp Suite
2018.03 [blackhillsinfosec] Gathering Usernames from Google LinkedIn Results Using Burp Suite Pro
2018.03 [nviso] Intercepting Belgian eID (PKCS#11) traffic with Burp Suite on OS X / Kali / Windows
2018.03 [4hou] 使用BurpSuite的Collaborator查找.Onion隐藏服务的真实IP地址
2018.02 [hackingarticles] Advance Web Application Testing using Burpsuite
2018.02 [HackerSploit] Web App Penetration Testing - #1 - Setting Up Burp Suite
2018.02 [hackers] Online Password Cracking with THC-Hydra and Burp Suite
2018.02 [nxadmin] ios 11.2.5 burpsuite抓https
2018.02 [ZeroNights] [Defensive Track]Eldar Zaitov, Andrey Abakumov - Automation of Web Application Scanning With Burp
2018.02 [hackingarticles] Engagement Tools Tutorial in Burp suite
2018.02 [hackingarticles] Payload Processing Rule in Burp suite (Part 2)
2018.02 [dustri] Ghetto recursive payload in the Burp Intruder
2018.02 [hackingarticles] Payload Processing Rule in Burp suite (Part 1)
2018.01 [4hou] 如何绕过csrf保护，并在burp suite中使用intruder？
2018.01 [360] 恶意软件逆向：burpsuite 序列号器后门分析
2018.01 [nviso] 结合使用 Burp 与自定义 rootCA 来探查 Android N 网络流量
2018.01 [hackingarticles] WordPress Exploitation using Burpsuite (Burp_wp Plugin)
2018.01 [0x00sec] 之前发布的 Burpsuite Keygen 内嵌的后门分析
2018.01 [hackingarticles] Beginners Guide to Burpsuite Payloads (Part 2)
2018.01 [freebuf] 如何在Android Nougat中正确配置Burp Suite？
2018.01 [hackingarticles] Burpsuite Encoder & Decoder Tutorial
2018.01 [hackingarticles] Beginners Guide to Burpsuite Payloads (Part 1)
2018.01 [security] Burp WP - Find vulnerabilities in WordPress using Burp
2018.01 [ropnop] Configuring Burp Suite with Android Nougat
2018.01 [DemmSec] Beginner Hacking 2.0 - Episode 6 - Burp (Brute-forcing)
2018.01 [blackhillsinfosec] Analyzing Extension Effectiveness with Burp
2018.01 [freebuf] 经验分享 | Burpsuite抓取非HTTP流量
2018.01 [4hou] 实战教程：用Burpsuite测试移动应用程序
2017.12 [pediy] [翻译]使用Burp Suite执行更复杂的Intruder攻击
2017.12 [freebuf] 如何使用Burp和Magisk在Android 7.0监测HTTPS流量
2017.12 [freebuf] 经验分享 | Burpsuite插件的使用
2017.12 [nviso] Intercepting HTTPS Traffic from Apps on Android 7+ using Magisk & Burp
2017.12 [trustedsec] More Complex Intruder Attacks with Burp!
2017.12 [4hou] 如何使用 Burp 代理调试安卓应用中的 HTTP(S) 流量
2017.12 [aliyun] 安卓脱壳&&协议分析&&Burp辅助分析插件编写
2017.12 [freebuf] 新手福利 | Burpsuite你可能不知道的技巧
2017.12 [freebuf] 经验分享 | Burpsuite中宏的使用
2017.12 [aliyun] 使用OWASP Zap度过没有Burp的过渡期
2017.12 [avleonov] Vulners.com vulnerability detection plugins for Burp Suite and Google Chrome
2017.12 [freebuf] 利用Burp Suite挖掘暗网服务的真实IP
2017.11 [digitalforensicstips] Using Burp Suite’s Collaborator to Find the True IP Address for a .Onion Hidden Service
2017.11 [n00py] Exploiting blind Java deserialization with Burp and Ysoserial
2017.11 [nxadmin] burpsuite抓包https请求相关
2017.11 [polaris] reCAPTCHA：一款自动识别图形验证码并用于Intruder Payload中的BurpSuite插件
2017.10 [TechnoHacker] How to Crack Logins with Burp Suite
2017.10 [freebuf] 利用Burp Suite对OWASP Juice Shop进行渗透测试
2017.10 [4hou] Bypass WAF：使用Burp插件绕过一些WAF设备
2017.10 [gdssecurity] Pentesting Fast Infoset based web applications with Burp
2017.10 [d0znpp] The best Burp plugin I’ve ever seen
2017.10 [n00py] How to Burp Good
2017.09 [netspi] BurpCollaboratorDNSTunnel 介绍
2017.09 [freebuf] Handy Collaborator ：用于挖掘out-of-band类漏洞的Burp插件介绍
2017.09 [aliyun] 请问能burpsuite的插件中直接获取到直接获取到漏洞报告吗？
2017.09 [niemand] Automatizing Burp + Carbonator + Slack
2017.09 [trustwave] burplay介绍
2017.09 [freebuf] 如何通过BurpSuiteMacro自动化模糊测试Web应用的输入点
2017.09 [mediaservice] HandyCollaborator介绍
2017.09 [securestate] Updating Anti-CSRF Tokens in Burp Suite
2017.09 [4hou] 利用Burp“宏”解决自动化 web fuzzer的登录问题
2017.09 [securestate] Updating Anti-CSRF Tokens in Burp Suite
2017.09 [360] 如何使用Burp Suite Macros绕过防护进行自动化fuzz测试
2017.09 [initblog] Hacking a Pizza Order with Burp Suite
2017.09 [securelayer7] 使用 Burp 的宏功能，实现 WebApp 输入 Fuzzing 的自动化
2017.09 [securelayer7] Automating Web Apps Input fuzzing via Burp Macros
2017.09 [freebuf] 如何在特定的渗透测试中使用正确的Burp扩展插件
2017.08 [avleonov] Burp Suite Free Edition and NTLM authentication in ASP.net applications
2017.08 [portswigger] 如何为特定的渗透测试环境定制 Burp 扩展
2017.08 [cybrary] Your Complete Guide to Burp Suite
2017.08 [freebuf] 使用Burp和自定义Sqlmap Tamper利用二次注入漏洞
2017.08 [freebuf] HUNT：一款可提升漏洞扫描能力的BurpSuite漏洞扫描插件
2017.08 [4hou] 通过Burp以及自定义的Sqlmap Tamper进行二次SQL注入
2017.08 [360] Burp Suite扩展之Java-Deserialization-Scanner
2017.08 [360] 联合Frida和BurpSuite的强大扩展--Brida
2017.08 [360] 如何借助Burp和SQLMap Tamper利用二次注入
2017.08 [4hou] 如何使用Burp Suite模糊测试SQL注入、XSS、命令执行漏洞
2017.08 [4hou] Brida:将frida与burp结合进行移动app渗透测试
2017.08 [pentest] 使用 Burp 和自定义的Sqlmap Tamper 脚本实现 Second Order SQLi 漏洞利用
2017.07 [360] BurpSuite插件：利用BurpSuite Spider收集子域名和相似域名
2017.07 [polaris] BurpSuite插件：利用BurpSuite Spider收集子域名和相似域名
2017.07 [hackingarticles] Fuzzing SQL,XSS and Command Injection using Burp Suite
2017.07 [freebuf] Burp Suite扫描器漏洞扫描功能介绍及简单教程
2017.07 [hackerone] Hey Hackers: We’ve got your free Burp Suite Professional license right here
2017.07 [hackingarticles] Vulnerability Analysis in Web Application using Burp Scanner
2017.07 [aliyun] Burpsuite handshake alert: unrecognized_name解决办法
2017.07 [4hou] 用VirtualBox、INetSim和Burp配置一个恶意软件分析实验室
2017.07 [vulners] 2 years of Vulners and new plugin for Burp Scanner
2017.07 [intrinsec] Burp extension « Scan manual insertion point »
2017.06 [hackingarticles] How to Spider Web Applications using Burpsuite
2017.06 [4hou] 使用 Burp Infiltrator 进行漏洞挖掘
2017.06 [8090] 渗透测试神器Burp Suite v1.6.17（破解版）
2017.06 [4hou] 将Burp Scanner漏洞结果转换为Splunk事件
2017.06 [portswigger] Behind enemy lines: bug hunting with Burp Infiltrator | Blog
2017.06 [christophetd] 使用 VirtualBox，INetSim和 Burp 搭建自己的恶意软件分析实验室
2017.05 [aliyun] 各位师傅们请问BurpSuite怎么同时传递多个页面
2017.05 [360] Burp Suite Mobile Assistant
2017.05 [4hou] NTLM认证失效时，如何使用Fiddler配合Burp Suite进行渗透测试？
2017.05 [netspi] Beautifying JSON in Burp
2017.05 [mediaservice] NTLM认证失效时，如何使用Fiddler配合Burp Suite进行渗透测试？
2017.05 [compass] JWT Burp Extension
2017.05 [trustwave] Airachnid: Web Cache Deception Burp Extender
2017.05 [moxia] 【技术分享】Burp Suite扩展开发之Shodan扫描器（已开源）
2017.05 [elearnsecurity] Developing Burp Suite Extensions
2017.04 [securityblog] Stunnel and Burp Pro
2017.04 [] Build a Private Burp Collaborator Server on AWS with Terraform and Ansible
2017.04 [aliyun] Burp Suite收集到的录像、文档以及视频资料
2017.04 [360] BurpSuite 代理设置的小技巧
2017.04 [freebuf] 如何通过BurpSuite检测Blind XSS漏洞
2017.04 [jerrygamblin] Burp Settings File
2017.04 [doyler] Burp VERBalyzer v1.0 Release
2017.04 [agarri] Exploiting a Blind XSS using Burp Suite
2017.04 [agarri] Exploiting a Blind XSS using Burp Suite
2017.04 [blackhillsinfosec] Using Burp with ProxyCannon
2017.03 [4hou] 利用Burp“宏”自动化另类 SQLi
2017.03 [freebuf] Burpsuite+SQLMAP双璧合一绕过Token保护的应用进行注入攻击
2017.03 [360] 使用burp macros和sqlmap绕过csrf防护进行sql注入
2017.02 [zsec] Learning the Ropes 101: Burp Suite Intro
2017.02 [cyberis] Creating Macros for Burp Suite
2017.02 [polaris] 使用BurpSuite攻击JavaScript Web服务代理
2017.02 [netspi] Attacking JavaScript Web Service Proxies with Burp
2017.02 [freebuf] 使用Burpsuite代理和pypcap抓包进行抢红包的尝试
2017.02 [polaris] BurpSuite和Fiddler串联使用解决App测试漏包和速度慢的问题
2017.01 [securityinnovation] Solve the Software Security Authorization Testing Riddle with AuthMatrix for Burp Suite
2017.01 [freebuf] 使用Frida配合Burp Suite追踪API调用
2017.01 [hackingarticles] Hack the Basic HTTP Authentication using Burpsuite
2017.01 [hackingarticles] Sql Injection Exploitation with Sqlmap and Burp Suite (Burp CO2 Plugin)
2017.01 [360] 超越检测：利用Burp Collaborator执行SQL盲注
2017.01 [360] 使用Burp的intruder功能测试有csrf保护的应用程序
2017.01 [polaris] BurpSuite插件开发Tips：请求响应参数的AES加解密
2017.01 [silentsignal] Beyond detection: exploiting blind SQL injections with Burp Collaborator
2016.12 [polaris] BurpSuite插件分享：图形化重算sign和参数加解密插件
2016.12 [360] Burp Suite扩展开发之Shodan扫描器（已开源）
2016.12 [rapid7] Burp Series: Intercepting and modifying made easy
2016.12 [polaris] BurpSuite 实战指南
2016.12 [360] BurpSuite 实战指南（附下载地址）
2016.12 [aliyun] BurpSuite实战指南
2016.12 [freebuf] burpsuite_pro_v1.7.11破解版（含下载）
2016.12 [hackers] Web App Hacking: Hacking Form Authentication with Burp Suite
2016.12 [360] burpsuite_pro_v1.7.11破解版(含下载地址)
2016.12 [] burpsuite_pro_v1.7.11破解版(含下载地址)
2016.11 [nxadmin] Burpsuite抓包Android模拟器(AVD)设置
2016.11 [jerrygamblin] Automated Burp Suite Scanning and Reporting To Slack.
2016.11 [360] Burp Suite插件开发之SQL注入检测（已开源）
2016.11 [freebuf] 渗透测试神器Burp Suite v1.7.08发布（含下载）
2016.10 [averagesecurityguy] Recon-ng + Google Dorks + Burp = ...
2016.10 [kalilinuxtutorials] Burpsuite – Use Burp Intruder to Bruteforce Forms
2016.10 [hackingarticles] SMS Bombing on Mobile using Burpsuite
2016.09 [hackingarticles] Hijacking Gmail Message on Air using Burpsuite
2016.09 [securify] Burp Suite security automation with Selenium and Jenkins
2016.09 [hackingarticles] Brute Force Website Login Page using Burpsuite (Beginner Guide)
2016.09 [securityblog] Simple python script to make multiple raw requests from Burp
2016.09 [freebuf] 新手教程：如何使用Burpsuite抓取手机APP的HTTPS数据
2016.08 [bogner] Burp.app – Making Burp a little more OS X like
2016.08 [] Configuring Google Chrome to Proxy Through Burp Suite
2016.07 [portswigger] Introducing Burp Infiltrator | Blog
2016.07 [] Burpsuite之Burp Collaborator模块介绍
2016.06 [timothydeblock] When not to use Burp Suite
2016.06 [freebuf] BurpSuite插件开发Tips：请求响应参数的AES加解密
2016.06 [securityblog] Using Burp Intruder to Test CSRF Protected Applications
2016.06 [insinuator] SAMLReQuest Burpsuite Extention
2016.05 [jerrygamblin] BurpBrowser
2016.05 [safebuff] ImageTragick using BurpSuite and Metasploit
2016.05 [freebuf] BurpSuite日志分析过滤工具，加快SqlMap进行批量扫描的速度
2016.05 [] 再谈Burp破解
2016.05 [silentsignal] Detecting ImageTragick with Burp Suite Pro
2016.04 [freebuf] Burpsuite插件开发（二）：信息采集插件
2016.04 [toolswatch] Burp Suite Professional v1.7.02 Beta
2016.04 [freebuf] 针对非Webapp测试的Burp技巧（二）：扫描、重放
2016.04 [freebuf] 针对非Webapp测试的Burp技巧(一)：拦截和代理监听
2016.04 [portswigger] Introducing Burp Projects | Blog
2016.04 [parsiya] Thick Client Proxying - Part 4: Burp in Proxy Chains
2016.04 [parsiya] Thick Client Proxying - Part 4: Burp in Proxy Chains
2016.04 [breakpoint] Web Hacking with Burp Suite 101
2016.04 [parsiya] Thick Client Proxying - Part 3: Burp Options and Extender
2016.04 [hack] Advanced Burp Suite
2016.04 [parsiya] Thick Client Proxying - Part 3: Burp Options and Extender
2016.03 [freebuf] Burp Suite新手指南
2016.03 [parsiya] Thick Client Proxying - Part 2: Burp History, Intruder, Scanner and More
2016.03 [parsiya] Thick Client Proxying - Part 2: Burp History, Intruder, Scanner and More
2016.03 [freebuf] 如何编写burpsuite联动sqlmap的插件
2016.03 [parsiya] Thick Client Proxying - Part 1: Burp Interception and Proxy Listeners
2016.03 [parsiya] Thick Client Proxying - Part 1: Burp Interception and Proxy Listeners
2016.03 [portswigger] Using Burp Suite to audit and exploit an eCommerce application | Blog
2016.03 [freebuf] 渗透测试神器Burpsuite Pro v1.6.38（含下载）
2016.03 [360] 使用burp进行java反序列化攻击
2016.03 [netspi] Java Deserialization Attacks with Burp
2016.02 [] 对burpsuite_pro逆向的一点心得
2016.02 [parsiya] Installing Burp Certificate Authority in Windows Certificate Store
2016.02 [THER] Learn Burp Suite, the Nr. 1 Web Hacking Tool - 00 - Intro
2016.02 [THER] Learn Burp Suite, the Nr. 1 Web Hacking Tool - 06 - Sequencer and Scanner
2016.02 [THER] Learn Burp Suite, the Nr. 1 Web Hacking Tool - 04 - Repeater Module
2016.02 [THER] Learn Burp Suite, the Nr. 1 Web Hacking Tool - 03 - Proxy Module
2016.02 [THER] Learn Burp Suite, the Nr. 1 Web Hacking Tool - 05 - Target and Spider
2016.02 [THER] Learn Burp Suite, the Nr. 1 Web Hacking Tool - 08 - Congrats
2016.02 [THER] Learn Burp Suite, the Nr. 1 Web Hacking Tool - 02 - General Concept
2016.02 [THER] Learn Burp Suite, the Nr. 1 Web Hacking Tool - 01 - Environment Setup
2016.02 [THER] Learn Burp Suite, the Nr. 1 Web Hacking Tool - 07 - Intruder and Comparer
2016.02 [gracefulsecurity] Introduction to Burp Suite Pro
2016.02 [bishopfox] Burp, Collaborate, and Listen: A Pentester Reviews the Latest Burp Suite Addition
2016.02 [xxlegend] 如何让Burpsuite监听微信公众号
2016.02 [xxlegend] Burpsuite 插件开发之RSA加解密
2016.02 [xxlegend] Burpsuite 插件开发之RSA加解密
2016.02 [xxlegend] 如何让Burpsuite监听微信公众号
2016.01 [hack] Burp Suite For Beginners
2016.01 [freebuf] Burpsuite插件开发之RSA加解密
2016.01 [blackhillsinfosec] Pentesting ASP.NET Cookieless Sessions with Burp
2015.12 [BSidesCHS] BSidesCHS 2015: Building Burp Extensions - Jason Gillam
2015.12 [nsfocus] Burpsuite插件开发之RSA加解密
2015.12 [blackhillsinfosec] Using Simple Burp Macros to Automate Testing
2015.12 [toolswatch] Sleepy Puppy Burp Extension for XSS v1.0
2015.12 [jerrygamblin] Proxying BurpSuite through TOR
2015.12 [mediaservice] Scanning for Java Deserialization Vulnerabilities in web applications with Burp Suite
2015.12 [toolswatch] [New Tool] SAML Raider v1.1.1 – SAML2 Burp Extension
2015.12 [sans] New Burp Feature - ClickBandit
2015.12 [portswigger] Burp Clickbandit: A JavaScript based clickjacking PoC generator | Blog
2015.12 [nabla] Burp and iOS 9 App Transport Security
2015.11 [gracefulsecurity] Burp Suite vs CSRF Tokens: Round Two
2015.11 [gracefulsecurity] Burp Suite vs CSRF Tokens Part 2: CSRFTEI for Remote Tokens
2015.11 [gracefulsecurity] Burp Suite vs CSRF Tokens
2015.11 [gracefulsecurity] Burp Suite vs CSRF Tokens: CSRFTEI
2015.11 [gracefulsecurity] Burp Suite Extensions: Installing Jython and adding an Extension
2015.11 [gracefulsecurity] Burp Macros: Automatic Re-authentication
2015.10 [g0tmi1k] DVWA Brute Force (Low Level) - HTTP GET Form [Hydra, Patator, Burp]
2015.10 [parsiya] Proxying Hipchat Part 2: So You Think You Can Use Burp?
2015.10 [freebuf] J2EEScan：J2EE安全扫描（Burp插件）
2015.09 [freebuf] 渗透测试神器Burpsuite Pro v1.6.24（含下载）
2015.09 [freebuf] BurpSuite下一代渗透检测工具：BurpKit
2015.08 [portswigger] Burp Suite training courses | Blog
2015.08 [portswigger] New release cycle for Burp Suite Free Edition | Blog
2015.08 [portcullis] Burp Extension
2015.08 [freebuf] 本地文件包含漏洞检测工具 – Burp国产插件LFI scanner checks
2015.07 [websecurify] The Rebirth Of REBurp
2015.07 [secist] 使用burp进行java反序列化攻击
2015.07 [compass] SAML Burp Extension
2015.07 [nvisium] Intro to BurpSuite, Part VI: Burpsuite Sequencer
2015.07 [] 小技巧：Burp Suite 插件库 BApp Store
2015.06 [gracefulsecurity] Burp Suite Keyboard Shortcuts!
2015.06 [acunetix] Pre-seeding a crawl using output from Fiddler, Burp, Selenium and HAR files
2015.06 [freebuf] 可绕过WAF的Burp Suite插件 – BypassWAF
2015.05 [netspi] Debugging Burp Extensions
2015.05 [idontplaydarts] Detecting low entropy tokens with massive bloom filters in Burp
2015.05 [portswigger] New Burp Suite testing methodologies | Blog
2015.05 [freebuf] 渗透测试神器Burp Suite v1.6.17（含破解版下载）
2015.05 [portswigger] Burp Suite now reports blind XXE injection | Blog
2015.04 [toolswatch] Burp Suite Professional v1.6.13 Released
2015.04 [mediaservice] Pentesting with Serialized Java Objects and Burp Suite
2015.04 [portswigger] Introducing Burp Collaborator | Blog
2015.04 [freebuf] 渗透测试神器Burp Suite v1.6.12破解版下载
2015.02 [sans] BURP 1.6.10 Released
2015.01 [portswigger] Burp Suite Support Center | Blog
2015.01 [portswigger] Burp Suite Pro price held for 2015 | Blog
2014.12 [insinuator] Getting 20k Inline-QR-Codes out of Burp
2014.11 [liftsecurity] Static Analysis and Burp Suite
2014.10 [buer] Detecting Burp Suite – Part 2 of 3: Callback Exposure
2014.10 [portswigger] Burp integrates with WebInspect | Blog
2014.09 [freebuf] 渗透神器合体：在BurpSuite中集成Sqlmap
2014.09 [compass] BurpSentinel on Darknet
2014.08 [insinuator] ERNW’s Top 9 Burp Plugins
2014.08 [liftsecurity] Burp Extender With Scala
2014.08 [nvisium] Intro to BurpSuite V: Extracting Intrusions
2014.08 [appsecconsulting] Running Stubborn Devices Through Burp Suite via OSX Mountain Lion and Above
2014.08 [nvisium] iOS Assessments with Burp + iFunBox + SQLite
2014.08 [milo2012] Extended functionality for Burp Plugin – Carbonator
2014.07 [portswigger] Burp gets new JavaScript analysis capabilities | Blog
2014.07 [nvisium] Intro to BurpSuite Part IV: Being Intrusive
2014.07 [liftsecurity] Introducing Burpbuddy
2014.07 [buer] Detecting Burp Suite – Part 1 of 3: Info Leak
2014.07 [notsosecure] Pentesting Web Service with anti CSRF token using BurpPro
2014.06 [robert] Howto install and use the Burp Suite as HTTPS Proxy on Ubuntu 14.04
2014.06 [parsiya] Piping SSL/TLS Traffic from SoapUI to Burp
2014.06 [sensepost] Associating an identity with HTTP requests – a Burp extension
2014.05 [sans] Assessing SOAP APIs with Burp
2014.05 [nvisium] Intro to BurpSuite: Part III - It's all about Repetition!
2014.04 [freebuf] 国产BurpSuite插件 Assassin V1.1发布
2014.04 [freebuf] 国产BurpSuite 插件 Assassin V1.0发布
2014.04 [toolswatch] Burp Suite Professional v1.6 Released
2014.04 [portswigger] Burp Suite Free Edition v1.6 released | Blog
2014.03 [freebuf] 知名渗透测试套件BurpSuite Pro v1.6 beta破解版公布
2014.03 [nvisium] Burp App Store
2014.02 [nvisium] Intro to Burp Part II: Sighting in your Burp Scope
2014.02 [silentsignal] Testing websites using ASP.NET Forms Authentication with Burp Suite
2014.02 [nvisium] Using Burp Intruder to Test CSRF Protected Applications
2014.02 [trustwave] “Reversing” Non-Proxy Aware HTTPS Thick Clients w/ Burp
2014.02 [nvisium] Challenges of Mobile API Signature Forgery with Burp Intruder
2014.02 [portswigger] Burp Suite Pro shines in new survey | Blog
2014.01 [nvisium] Accurate XSS Detection with BurpSuite and PhantomJS
2014.01 [nvisium] Android Assessments with GenyMotion + Burp
2014.01 [sethsec] Writing and Debugging BurpSuite Extensions in Python
2014.01 [sethsec] Re-launch - A focus on Web Application Pen Testing, Burp Extensions, etc
2014.01 [nvisium] Intro To Burp Suite Part I: Setting Up BurpSuite with Firefox and FoxyProxy
2014.01 [portswigger] Burp Suite Pro price held for 2014 | Blog
2013.12 [freebuf] Java编写代理服务器(Burp拦截Demo)一
2013.12 [freebuf] burpsuite_pro_v1.5.20破解版下载
2013.12 [appsecconsulting] So You Want to Build a Burp Plugin?
2013.12 [directdefense] Multiple NONCE (one-time token) Value Tracking with Burp Extender
2013.11 [freebuf] burpsuite_pro_v1.5.18 破解版
2013.11 [freebuf] burpsuite_pro_v1.5.11 破解版
2013.10 [debasish] Fuzzing Facebook for $$$ using Burpy
2013.10 [agarri] Exploiting WPAD with Burp Suite and the "HTTP Injector" extension
2013.10 [agarri] Exploiting WPAD with Burp Suite and the "HTTP Injector" extension
2013.10 [portswigger] Burp through the ages | Blog
2013.09 [portswigger] SSL pass through in Burp | Blog
2013.08 [freebuf] BurpSuite权限提升漏洞检测插件——The Burp SessionAuth
2013.08 [toolswatch] The Burp SessionAuth – Extension for Detection of Possible Privilege escalation vulnerabilities
2013.07 [cyberis] Testing .NET MVC for JSON Request XSS - POST2JSON Burp Extension
2013.06 [portswigger] Burp Suite confirmed as best value web security scanner | Blog
2013.06 [raz0r] Radamsa Fuzzer Extension for Burp Suite
2013.06 [sec] How to rapidly build a Burp session handling extension using JavaScript
2013.06 [freebuf] angelc0de原创burpsuite系列培训教程（下载）
2013.06 [freebuf] BurpSuite系列使用视频教程（下载）
2013.05 [] Burp Suite处理“不支持代理”的客户端
2013.05 [] Burp通过注射点dump数据库
2013.05 [trustwave] Introducing the Burp Notes Extension
2013.04 [pediy] [原创]利用sqlmap和burpsuite绕过csrf token进行SQL注入
2013.03 [portswigger] Burp Suite is on a feature roll! | Blog
2013.03 [security] Penetration Test pWnOS v2.0 with BurpSuite
2013.03 [freebuf] 使用Burp攻击Web Services
2013.03 [netspi] Hacking Web Services with Burp
2013.03 [] Burpsuite_pro_v1.5.01多平台破解版
2013.02 [freebuf] Burpsuite教程与技巧之HTTP brute暴力破解
2013.02 [freebuf] Burpsuite_pro_v1.5.01多平台破解版
2013.02 [freebuf] AuthTrans(原创工具)+BurpSuite的暴力美学-破解Http Basic认证
2013.02 [pentestlab] SQL Injection Authentication Bypass With Burp
2013.01 [freebuf] [下载]burpsuite_pro_v1.5_crack更新
2013.01 [rapid7] Video Tutorial: Introduction to Burp-Suite 1.5 Web Pen Testing Proxy
2013.01 [websecurify] Loading Burp Files Inside Websecurify Suite Video
2013.01 [websecurify] Reading Burp Files From Websecurify Suite
2013.01 [netspi] Tool release: AMF Deserialize Burp plugin
2012.12 [pentestlab] Local File Inclusion Exploitation With Burp
2012.12 [freebuf] iPhone上使用Burp Suite捕捉HTTPS通信包方法
2012.12 [portswigger] Sample Burp Suite extension: Intruder payloads | Blog
2012.12 [pentestlab] Brute Force Attack With Burp
2012.12 [portswigger] Sample Burp Suite extension: custom scanner checks | Blog
2012.12 [portswigger] Sample Burp Suite extension: custom scan insertion points | Blog
2012.12 [portswigger] Sample Burp Suite extension: custom editor tab | Blog
2012.12 [portswigger] Sample Burp Suite extension: custom logger | Blog
2012.12 [portswigger] Sample Burp Suite extension: traffic redirector | Blog
2012.12 [portswigger] Sample Burp Suite extension: event listeners | Blog
2012.12 [portswigger] Sample Burp Suite extension: Hello World | Blog
2012.12 [portswigger] Writing your first Burp Suite extension | Blog
2012.12 [portswigger] New Burp Suite Extensibility | Blog
2012.12 [freebuf] Burpsuite sqlmap插件
2012.11 [portswigger] New Burp Suite Extensibility - preview | Blog
2012.11 [freebuf] 渗透测试神器Burp弹药扩充-fuzzdb
2012.11 [freebuf] Burp Suite—BLIND SQL INJECTION
2012.11 [perezbox] Spoofing an Admin’s Cookies Using Burp
2012.11 [freebuf] Burp Suite免费版本（Free Edition）v1.5发布
2012.10 [portswigger] Burp Suite Free Edition v1.5 released | Blog
2012.10 [] 利用burpsuite获得免费空间
2012.10 [freebuf] Burp Suite PayLoad下载
2012.10 [] 使用BurpSuite来进行sql注入
2012.10 [netspi] Pentesting Java Thick Applications with Burp JDSer
2012.10 [toolswatch] Burp Suite v1.5rc2 released
2012.09 [trustwave] Adding Anti-CSRF Support to Burp Suite Intruder
2012.09 [] 用Burp_suite快速处理上传截断
2012.09 [portswigger] All new Burp help | Blog
2012.09 [] 使用burp suite探测Web目录
2012.09 [freebuf] BurpSuite教程与技巧之SQL Injection
2012.08 [freebuf] Burp Suite V1.4.12发布: 新增破解Android SSL功能
2012.08 [toolswatch] Burp Suite v1.4.12 in the wild with the support of Android SSL Analysis
2012.07 [raz0r] Прокачиваем Burp Suite
2012.07 [console] Setting up a Burp development environment
2012.06 [freebuf] burpsuite_pro_v1.4.07破解版
2012.06 [freebuf] burpsuite v1.4.10发布
2012.06 [toolswatch] Burp Suite Professional v1.4.08 Released
2012.06 [toolswatch] Burp Suite Professional v1.4.09 Released
2012.06 [toolswatch] Burp Suite Professional v1.4.10 Released
2012.06 [milo2012] Automating SQL Injection with Burp, Sqlmap and GDS Burp API
2012.06 [freebuf] [连载]Burp Suite详细使用教程-Intruder模块详解(3)
2012.06 [portswigger] Burp gets a makeover | Blog
2012.06 [freebuf] [连载]Burp Suite详细使用教程-Intruder模块详解(2)
2012.06 [websec] Using Burp to exploit a Blind SQL Injection
2012.06 [freebuf] [技巧]Burp Intruder中的Timing选项的使用
2012.06 [secproject] Burp Suite Beautifier Extension
2012.05 [freebuf] [技巧]使用Burpsuite辅助Sqlmap进行POST注入测试
2012.05 [freebuf] Burp Suite详细使用教程-Intruder模块详解
2012.05 [freebuf] Burp Suite python扩展 – Burpy
2012.05 [portswigger] Burp Suite user forum | Blog
2012.05 [freebuf] Burpsuite系列视频教程不加密版第一部分公布下载
2012.05 [freebuf] burpsuite_pro_v1.4.01破解版
2012.04 [firebitsbr] Pentest tool: Gason: A plugin to run sqlmap into burpsuite.
2012.04 [toolswatch] Burp Suite Professional v1.4.07 Released
2012.03 [toolswatch] Burp Suite Professional v1.4.06 Released
2012.01 [idontplaydarts] Extending Burp Suite to solve reCAPTCHA
2011.12 [milo2012] OWASP Ajax Crawling Tool (Good Companion Tool to Burpsuite)
2011.12 [insinuator] Use Python for Burp plugins with pyBurp
2011.12 [toolswatch] Burp Suite Professional v1.4.05 released
2011.11 [portswigger] Burp is voted #1 web scanner | Blog
2011.11 [digi] Burp Intruder Attack Types
2011.10 [toolswatch] Burp Suite Professional v1.4.02 released
2011.10 [portswigger] Breaking encrypted data using Burp | Blog
2011.06 [cyberis] 'Invisible Intercept' Function of Burp
2011.06 [console] Burp Intruder Time fields
2011.06 [toolswatch] Burp Suite Free Edition v1.4 released (Support of IPv6)
2011.06 [portswigger] Burp Suite Free Edition v1.4 released | Blog
2011.05 [console] Web Hacking Video Series #1 Automating SQLi with Burp Extractor
2011.04 [depthsecurity] Blind SQL Injection & BurpSuite - Like a Boss
2011.03 [portswigger] Burp v1.4 beta now available | Blog
2011.03 [portswigger] Burp v1.4 preview - Session handling: putting it all together | Blog
2011.03 [portswigger] Burp v1.4 preview - Macros | Blog
2011.03 [portswigger] Burp v1.4 preview - Session handling | Blog
2011.03 [toolswatch] Burp v1.4 preview – Comparing site maps
2011.03 [portswigger] Burp v1.4 preview - Testing access controls using your browser | Blog
2011.03 [portswigger] Burp v1.4 preview - Comparing site maps | Blog
2010.09 [netspi] Fuzzing Parameters in CSRF Resistant Applications with Burp Proxy
2010.08 [gdssecurity] Constricting the Web: The GDS Burp API
2010.01 [portswigger] Burp Suite v1.3 released | Blog
2009.11 [portswigger] Burp Suite v1.3 preview | Blog
2009.11 [gdssecurity] WCF Binary Soap Plug-In for Burp
2009.11 [portswigger] GIAC paper on Burp Intruder | Blog
2009.04 [portswigger] Burp problems after Windows update | Blog
2009.04 [portswigger] Using Burp Extender | Blog
2008.12 [portswigger] Burp Suite v1.2 released | Blog
2008.11 [portswigger] [MoBP] Burp Extender extended | Blog
2008.11 [raz0r] Эффективный и быстрый пентестинг веб-приложений с Burp Suite
2008.11 [portswigger] [MoBP] The all new Burp Spider | Blog
2008.11 [portswigger] The Month of Burp Pr0n | Blog
2008.05 [portswigger] Burp Sequencer 101 | Blog
2008.02 [gdssecurity] A "Deflate" Burp Plug-In
2007.12 [portswigger] Burp Suite v1.1 released | Blog
2007.11 [gdssecurity] Beta version of the new Burp Suite released
2007.10 [portswigger] Introducing Burp Sequencer | Blog
2007.09 [portswigger] Burp Suite feature requests - thank you | Blog

贡献

内容为系统自动导出, 有任何问题请提issue

Name		Name	Last commit message	Last commit date
Latest commit History 1 Commit
history		history
.gitignore		.gitignore
Readme.md		Readme.md
Readme_en.md		Readme_en.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

所有收集类项目:

BurpSuite

目录

工具

收集

新添加

插件&&扩展

漏洞&&扫描

代理

日志

XSS

Collaborator

Fuzz

Payload

SQL

Android

其他

文章

新添加

贡献

About

Releases

Packages

amok4u/awesome-burp-suite

Folders and files

Latest commit

History

Repository files navigation

所有收集类项目:

BurpSuite

目录

工具

收集

新添加

插件&&扩展

漏洞&&扫描

代理

日志

XSS

Collaborator

Fuzz

Payload

SQL

Android

其他

文章

新添加

贡献

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Packages