Burp extension to evade TLS fingerprinting. Bypass WAF, spoof any browser.
Awesome Burp Suite Resources. 400+ open source Burp plugins, 400+ posts and videos.
Burp Suite extension that adds built-in MCP tooling, AI-assisted analysis, privacy controls, passive and active scanning and more
HopLa Burp Suite Extender plugin - Brings AI capabilities, autocompletion support, and a set of useful payloads to Burp Suite
AI-powered vulnerability scanner extension for Burp Suite with multi-provider support (Ollama, OpenAI, Claude, Gemini)
Hands-on projects for beginners to learn and practice essential cybersecurity skills through security assessments.
API discovery tool that maps attack surfaces from captured traffic and generates specs for REST, GraphQL, SOAP, and WebSocket APIs
Weaponize Your Burp is a repository for automation your Bug Bounty Hunting mindset in Burp Suite
Burp Suite extension for API security testing with 15 attack types, 108+ payloads, intelligent fuzzing, BOLA/IDOR detection, AI integration, and automated reconnaissance. Supports REST/GraphQL/SOAP APIs with Nuclei, Turbo Intruder, and external tool integration. OWASP API Top 10 coverage.
Cheatsheet, Notes, Payloads and Mayhem for Burp Suite Practitioner Exam (BSCP)
Lightweight BApp that seamlessly integrates powerful LLM-scanning capabilities into Burp's built-in Scanner with improved accuracy. Supports the latest LLMs from OpenAI (gpt-4o, o1), Anthropic (Claude 3.5, Claude 3), and Google (Gemini 1.5). Requires valid API key(s) and an active Burp Suite Pro or Enterprise license.
Beginner-friendly web penetration testing projects for hands-on learning.
Burp Suite Extension for LLM Prompt Injection Testing
All Apprentice and Practitioner-level Portswigger labs
A powerful Burp Suite extension that automatically detects JavaScript URLs from HTTP traffic, scans them using TruffleHog for secrets detection, and sends findings to Discord webhooks in real-time.
A curated collection of three cybersecurity learning roadmaps covering web penetration testing, ethical hacking, and foundational security skills. Each roadmap breaks learning into clear stages, tools, labs, and resources, helping beginners progress step-by-step from basics to hands-on offensive security practice.
A Collection of penetration testing and Linux administration commands in PDFs. Include's detailed guides on tools like Nmap, Sqlmap, Hydra, and Linux system management etc..
Battle Cats MITM Mailbox Hack
Burp Suite extension for passive JS reconnaissance - detects 1,600+ secret patterns, API keys, endpoints, and security misconfigurations in HTTP responses in real-time.
A universal MCP client with proxying feature to interact with MCP Servers which support STDIO transport.
Add a description, image, and links to the burp-suite topic page so that developers can more easily learn about it.
To associate your repository with the burp-suite topic, visit your repo's landing page and select "manage topics."