Burp extension to evade TLS fingerprinting. Bypass WAF, spoof any browser.
Burp Suite extension that adds built-in MCP tooling, AI-assisted analysis, privacy controls, passive and active scanning and more
Awesome Burp Suite Resources. 400+ open source Burp plugins, 400+ posts and videos.
HopLa Burp Suite Extender plugin - Brings AI capabilities, autocompletion support, and a set of useful payloads to Burp Suite
AI-powered vulnerability scanner extension for Burp Suite with multi-provider support (Ollama, OpenAI, Claude, Gemini)
Hands-on projects for beginners to learn and practice essential cybersecurity skills through security assessments.
API discovery tool that maps attack surfaces from captured traffic and generates specs for REST, GraphQL, SOAP, and WebSocket APIs
Weaponize Your Burp is a repository for automation your Bug Bounty Hunting mindset in Burp Suite
Burp Suite extension for API security testing with 15 attack types, 108+ payloads, intelligent fuzzing, BOLA/IDOR detection, AI integration, and automated reconnaissance. Supports REST/GraphQL/SOAP APIs with Nuclei, Turbo Intruder, and external tool integration. OWASP API Top 10 coverage.
Cheatsheet, Notes, Payloads and Mayhem for Burp Suite Practitioner Exam (BSCP)
Beginner-friendly web penetration testing projects for hands-on learning.
Burp Suite Extension for LLM Prompt Injection Testing
Lightweight BApp that seamlessly integrates powerful LLM-scanning capabilities into Burp's built-in Scanner with improved accuracy. Supports the latest LLMs from OpenAI (gpt-4o, o1), Anthropic (Claude 3.5, Claude 3), and Google (Gemini 1.5). Requires valid API key(s) and an active Burp Suite Pro or Enterprise license.
All Apprentice and Practitioner-level Portswigger labs
A curated collection of three cybersecurity learning roadmaps covering web penetration testing, ethical hacking, and foundational security skills. Each roadmap breaks learning into clear stages, tools, labs, and resources, helping beginners progress step-by-step from basics to hands-on offensive security practice.
A powerful Burp Suite extension that automatically detects JavaScript URLs from HTTP traffic, scans them using TruffleHog for secrets detection, and sends findings to Discord webhooks in real-time.
Pentest Coverage Tracker is a Burp Suite extension that helps penetration testers monitor testing coverage in real time. It logs discovered endpoints and tracks whether their parameters are actually tested in Burp Suite. This helps highlight untested attack surfaces and provides clear visibility of coverage for security teams.
A Collection of penetration testing and Linux administration commands in PDFs. Include's detailed guides on tools like Nmap, Sqlmap, Hydra, and Linux system management etc..
Burp Suite extension for passive JS reconnaissance - detects 1,600+ secret patterns, API keys, endpoints, and security misconfigurations in HTTP responses in real-time.
Battle Cats MITM Mailbox Hack
Add a description, image, and links to the burp-suite topic page so that developers can more easily learn about it.
To associate your repository with the burp-suite topic, visit your repo's landing page and select "manage topics."