Hidden parameters discovery suite

Rust-based high performance domain permutation generator.

全自动字典生成---定向字典/社工字典/字典碰撞---火花(spark)

RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.

Rockyou for web fuzzing

🛡️ Awesome Cloud Security Resources ⚔️

A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅

Simple DNS Rebinding Service

DNS rebinding toolkit

Basics on commands/tools/info on how to assess the security of mobile applications

[漏洞复现] 全球首款单文件利用 CVE-2023-4357 Chrome XXE 漏洞 EXP, 实现对访客者本地文件窃取. Chrome XXE vulnerability EXP, allowing attackers to obtain local files of visitors.

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

Adds a customizable "Send to..."-context-menu to your BurpSuite.

captcha-killer的修改版，支持关键词识别base64编码的图片，添加免费ocr库，用于验证码爆破，适配新版Burpsuite

Burp插件，自动化挖掘SSRF，Redirect，Sqli漏洞，自定义匹配参数

从wooyun中提取的payload，以及burp插件

This is a burp intruder extender that is designed for automation and validation of XSS vulnerabilities.

This is a burp intruder extender that is designed for automation and validation of XSS vulnerabilities.

Burpsuite-Plugins-Usage

CeWL is a Custom Word List Generator

common methods that used by my burp extension projects

burp插件开发指南

Burp Plugin to Bypass WAFs through the insertion of Junk Data

Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.

服务端配置错误情况下用于伪造ip地址进行测试的Burp Suite插件

一个用于伪造ip地址进行爆破的Burp Suite插件

A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.