The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →
Top 23 burpsuite Open-Source Projects
-
IntruderPayloads
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
burpgpt
A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities, and enables running traffic-based analysis of any type.
-
inql
InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.
-
Autorize
Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
-
IPRotate_Burp_Extension
Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
Burp2Malleable
Quick python utility I wrote to turn HTTP requests from burp suite into Cobalt Strike Malleable C2 profiles
-
cervantes
Cervantes is an open-source, collaborative platform designed specifically for pentesters and red teams. It serves as a comprehensive management tool, streamlining the organization of projects, clients, vulnerabilities, and reports in a single, centralized location. (by CervantesSec)
-
Jasmin-Ransomware
Jasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.
-
ParaForge
A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing
-
BrowserBruter
BrowserBruter is a powerful web form fuzzing automation tool designed for web security professionals and penetration testers. This Python-based tool leverages Selenium and Selenium-Wire to automate web form fuzzing, making it easier to identify potential vulnerabilities in web applications.
-
Admin-Panel_Finder
A burp suite extension that enumerates infrastructure and application admin interfaces (OTG-CONFIG-005)
-
Pentest-Mapper
A Burp Suite Extension for pentester and bug bounty hunters an to maintain checklist, map flows, write test cases and track vulnerabilities
-
bhhb
Burp HTTP history browser (BHHB) - A tool to view HTTP history exported from Burp Suite Community Edition
-
report-ng
Generate MS Word template-based reports with HP WebInspect / Burp Suite Pro input, own custom data and knowledge base.
-
BurpPro-FastCrawler
The simplest way to integrate your subdomain enum outputs with Burp Pro (Fast Crawler)
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Project mention: Lost all my content writing contracts. Feeling hopeless as an author. | /r/ChatGPT | 2023-05-06
Project mention: Autorize – The most popular tool to discover AuthZ/AuthN flaws | news.ycombinator.com | 2023-12-28
Project mention: ParaForge: A BurpSuite extension to create a custom word list of endpoints and parameters for enumeration and fuzzing | /r/cybersecurity | 2023-06-30
Rate limiting on the web app level using WAF would block malicious traffic to Firebase Hosting but still would allow the traffic to Firestore since the calls are going to googleapi domain with our firebase project details. An authenticated actor with intent can utilise tools and make repeated grcp calls and crack the nuts out of firebase billing. Hope the Firebase team provide some sort of custom rate-limiting functionality for Firestore through GCP sometime in future.
Project mention: The Browser Bruter – First Ever Browser based web application fuzzing tool | news.ycombinator.com | 2024-04-08
burpsuite related posts
- New Release PyCript Burp Suite Extension v0.3
- Burp HTTP history browser (BHHB)
- Pentest Mapper Burp Suite extension 1.7 is released.
- Pentest Mapper Burp Suite Extension Version 1.7 Release
- Pentest Mapper Burp Suite extension 1.7 is released.
- ParaForge: A BurpSuite extension to create a custom word list of endpoints and parameters for enumeration and fuzzing
- ParaForge: A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing
-
A note from our sponsor - WorkOS
workos.com | 28 Apr 2024
Index
What are some of the best open-source burpsuite projects? This list will help you:
Project | Stars | |
---|---|---|
1 | faraday | 4,615 |
2 | IntruderPayloads | 3,526 |
3 | burpgpt | 1,875 |
4 | HackBar | 1,462 |
5 | inql | 1,462 |
6 | Autorize | 882 |
7 | IPRotate_Burp_Extension | 767 |
8 | Burp2Malleable | 330 |
9 | vaf | 307 |
10 | cervantes | 250 |
11 | VulnerableApp | 250 |
12 | PyCript | 172 |
13 | Jasmin-Ransomware | 149 |
14 | ParaForge | 134 |
15 | grpc-pentest-suite | 124 |
16 | BrowserBruter | 122 |
17 | Admin-Panel_Finder | 112 |
18 | Pentest-Mapper | 108 |
19 | burp-copy-as-ffuf | 101 |
20 | bhhb | 100 |
21 | report-ng | 64 |
22 | BurpPro-FastCrawler | 7 |
23 | tryhackme | 1 |
Sponsored