Search Results for "burp"
Sort By:
Showing 21 open source projects for "burp"
View related business solutions-
HubSpot is an AI-powered customer platform with all the software, integrations, and resources you need to connect your marketing, sales, and customer service. HubSpot's connected platform enables you to grow your business faster by focusing on what matters most: your customers.
-
The Vivantio Platform allows you to focus on the IT service management tools that make sense for your organization’s unique service model: from incident, problem and change requests, to service requests, client knowledge and asset management
-
1
Burp Suite Professional
Burp Suite Professional for Linux
Burp Suite Professional (Cracked) and wrapped into a Universal Package Format (AppImage) with Java open-jdk-18. Only for Linux. -
2
Retire.js
Scanner detecting the use of JavaScript libraries
...-retire scans your grunt-enabled app for use of vulnerable JavaScript libraries and/or node modules. Scans visited sites for references to insecure libraries and puts warnings in the developer console. An icon on the address bar displays will also indicate if vulnerable libraries were loaded. Retire.js has been adapted as a plugin for the penetration testing tools Burp and OWASP ZAP. -
3
InQL Scanner
A Burp Extension for GraphQL Security Testing
A security testing tool to facilitate GraphQL technology security auditing efforts. InQL can be used as a stand-alone script or as a Burp Suite extension. Since version 1.0.0 of the tool, InQL was extended to operate within Burp Suite. In this mode, the tool will retain all the stand-alone script capabilities and add a handy user interface for manipulating queries. Search for known GraphQL URL paths; the tool will grep and match known values to detect GraphQL endpoints within the target website... -
4
Payloads All The Things
A list of useful payloads and bypass for Web Application Security
A list of useful payloads and bypasses for Web Application Security. Feel free to improve with your payloads and techniques. The API key is a unique identifier that is used to authenticate requests associated with your project. Some developers might hardcode them or leave it on public shares. -
KrakenD is a high-performance API Gateway optimized for resource efficiency, capable of managing 70,000 requests per second on a single instance. The stateless architecture allows for straightforward, linear scalability, eliminating the need for complex coordination or database maintenance.
-
5
Interactsh
An OOB interaction gathering server and client library
Interactsh is an open-source tool for detecting out-of-band interactions. It is a tool designed to detect vulnerabilities that cause external interactions. Interactsh Cli client requires go1.17+ to install successfully. interactsh-client with -sf, -session-file flag can be used store/read the current session information from user defined file which is useful to resume the same session to poll the interactions even after the client gets stopped or closed. Running the interactsh-client in... -
6
Burp Suite Community Edition
Burp Suite Community with java wrapped in a single file
A Universal Package Format (AppImage) for Burp Suite Community Edition with Java (openjdk-18) wrapped in a single file. It can be easily executed by a single click! -
7
Hetty
An HTTP toolkit for security research
Hetty is an HTTP toolkit for security research. It aims to become an open-source alternative to commercial software like Burp Suite Pro, with powerful features tailored to the needs of the infosec and bug bounty communities. Machine-in-the-middle (MITM) HTTP proxy, with logs and advanced search. HTTP client for manually creating/editing requests, and replay proxied requests. Intercept requests and responses for manual review (edit, send/receive, cancel) Scope support, to help keep work... -
8
GoSpider
Gospider - Fast web spider written in Go
GoSpider - Fast web spider written in Go. Fast web crawling. Brute force and parse sitemap.xml. Parse robots.txt. Generate and verify link from JavaScript files. Link Finder. Find AWS-S3 from response source. Find subdomains from the response source. Get URLs from Wayback Machine, Common Crawl, Virus Total, Alien Vault. Format output easy to Grep. Support Burp input. Crawl multiple sites in parallel. -
9
Tamper Dev
Extension that allows you to intercept and edit HTTP/HTTPS requests
If you are a developer, you can use Tamper Dev to debug your websites, or if you are a pentester, you can use it to search for security vulnerabilities by inspecting the HTTP traffic from your browser. Unlike most other extensions, Tamper Dev allows you to intercept, inspect and modify the requests before they are sent to the server. This extension provides functionality similar to Burp Proxy, MITM Proxy, OWASP ZAP, Tamper Data, and Postman Proxy, but without the need of additional software... -
ConnectWise CPQ, formerly ConnectWise Sell, is a professional quote and proposal automation software for IT solution providers. ConnectWise CPQ offers a wide range of tools that enables IT solution providers to save time, quote more, and win big. Top features include professional quote or proposal templates, product catalog and sourcing, workflow automation, sales reporting, and integrations with best-in-breed solutions like Cisco, Dell, HP, and Salesforce.
-
10
BugBuntu
Linux Distribution for Bug Hunters
BugBuntu is a Fork of Ubuntu 18.04 customized for Bug Hunters. The distribution contains almost all tools used by KingOfBugBounty tips repository for Recon and tests on platforms like Hackerone, Bugcrowd and others. Default credential: user: bugbuntu pwd: bugbuntu KingOfBugBoutyTips: https://github.com/KingOfBugbounty/KingOfBugBountyTips Telegram Group: https://t.me/joinchat/DN_iQksIuhyPKJL1gw0ttA -
11
XSpear
Powerfull XSS Scanning and Parameter analysis tool&gem
XSpear is an XSS Scanner on ruby gems. Powerful XSS Scanning and Parameter analysis tool&gem. -
12
Burp is a backup and restore program. It uses librsync in order to save on the amount of space that is used by each backup. It also uses VSS (Volume Shadow Copy Service) to make snapshots when backing up Windows computers.
-
13
Pentdroid
Small tool for apk operations required during android app pentesting
Tools consist of mini modules which automates and reduces tester efforts for setting up the basic environment and typing long tool queries . -
14
PentDroid
Small tool for apk operations required during android app pentesting
Tools consist of mini modules which automates and reduces tester efforts for setting up the basic environment and typing long tool queries . For Installation guide refer : https://github.com/vishwaraj/PentDroid/blob/master/README.md -
15
bscan
BScan is an extendable application security scanner
BScan is a configurable and extendable web application security scanner that can be run from a command line headless (without UI). It's built on top of arguably the most popular commercial security testing tool Burp Suite from PortSwigger and Buby from E. Monti and T. Duehr. The major use cases and advantages can be summarized as follows: 1) Run security scans offline from a command line headless (without UI); 2) Change the type of scanning easily by changing configuration parameters; 3... -
16
SauceWalk Proxy Helper
Enumeration and automation of file discovery for your sec tools.
SauceWalk is a freeware(.exe)/Open Source(.py) tool for aiding in the enumeration of web application structure. It consists of 2 parts a local executable (walk.exe) and a remote agent. Walk.exe iterates through the local files and folders of your target web application (for example a local copy of Wordpress) and generates requests via your favourite proxy (for example burp suite) against a given target url. The remote agent can be used to identify target files and folders on a live system via... -
17
Belch - Burp External Channel Belch is an BurpSuite extender plug-in that implements burp suite IExtender capabilities and allow burp users to channel network transport on the fly and to log, process and replay it by using any arbitrary external editors
-
18
Webarmy is an application web application scanner that accepts burp proxy log file as an input and fuzz all GET/POST input parameters from a defined list. As such, it can be used detect SQL injection and Cross Site Scripting vulnerabilities.
-
19
Skavenger analyzes HTTP traffic logged by various Web proxies (including WebScarab and Burp) for indications of common web vulnerabilities such as XSS, CRLF injection and various kinds of information disclosure.
-
20
BURP aims to develop a publicly distributed system for rendering 3D animations over the Internet using CPU idle time.
-
21
Malicious PDF Generator
Generate a bunch of malicious pdf files with phone-home functionality
Generate ten different malicious PDF files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh. Used for penetration testing and/or red-teaming etc. I created this tool because I needed a third-party tool to generate a bunch of PDF files with various links.
- Previous
- You're on page 1
- Next