Lists (15)
Stars
A Burp Suite extension for identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violations. It supports dynamic payload generation, including BChec…
xia SQL (瞎注) burp 插件 ,在每个参数后面填加一个单引号,两个单引号,一个简单的判断注入小插件。
Burp Plugin to Bypass WAFs through the insertion of Junk Data
BetterBugBounty - Here tools are classic, bugs are hunted, and nostalgia is the ultimate weapon!
jsluice++ is a Burp Suite extension designed for passive and active scanning of JavaScript traffic using the CLI tool jsluice
A BurpSuite extension for vulnerability Scanning
Passively check for XSS character encodings
BChecks collection for Burp Suite Professional and Burp Suite DAST
FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application and matches their occurrences in the responses.
A tool for extract Endpoints, URLs and Secrets from contents
A command-line tool to query the DeHashed API. Easily search for various parameters like usernames, emails, hashed passwords, IP addresses, and more.
practical toolkit for cybersecurity and IT professionals. It features a detailed Linux cheatsheet for incident response
My Private Bug Hunting Methodology
Uncover the true IP address of websites safeguarded by Cloudflare & Others
A modern tool written in Python that automates your xss findings.
A collection of various awesome lists for hackers, pentesters and security researchers
A simple plugin to export JS files from one or multiple targets
Nuclei AI - Browser Extension for Rapid Nuclei Template Generation
Modern real world bug bounty payloads and exploitation techniques with may earn you some $$$.
This Burp Suite extension allows for the automatic creation and deletion of an upstream SOCKS5 proxy on popular cloud services.
For unpacking base64:ed "Save items"-content from Burp (From search + proxy history)