Skip to content

@PortSwigger PortSwigger

Change the repository type filter

All

    Repositories list

    435 repositories

    • enterprise-reference-stack-for-aws

      Public
      Smarty
      Apache License 2.0
      71100Updated Jan 21, 2025Jan 21, 2025

    • certsquirt

      Public
      A golang PKI in less than 1000 lines of code.
      Go
      BSD 3-Clause "New" or "Revised" License
      2702Updated Jan 20, 2025Jan 20, 2025

    • customizer

      Public
      Because just a dark theme wasn't enough!
      Java
      GNU Affero General Public License v3.0
      47200Updated Jan 15, 2025Jan 15, 2025

    • bypass-bot-detection

      Public
      Burp Suite extension that mutates ciphers to bypass TLS-fingerprint based bot detection
      Java
      Apache License 2.0
      1226900Updated Jan 15, 2025Jan 15, 2025

    • pycript

      Public
      Burp Suite extension for bypassing client-side encryption using custom logic for manual and automation testing.
      Python
      MIT License
      26800Updated Jan 15, 2025Jan 15, 2025

    • param-miner

      Public
      Java
      Other
      1701.3k195Updated Jan 13, 2025Jan 13, 2025

    • turbo-intruder

      Public
      Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
      Kotlin
      Apache License 2.0
      2211.5k141Updated Jan 10, 2025Jan 10, 2025

    • burp-suite-enterprise-edition-ami

      Public
      MIT License
      1200Updated Jan 9, 2025Jan 9, 2025

    • enterprise-helm-charts

      Public
      Helm charts for BSEE Kubernetes installation.
      kubernetesenterpriseburphelm-chart
      Smarty
      Apache License 2.0
      5422Updated Jan 9, 2025Jan 9, 2025

    • bambdas

      Public
      Bambdas collection for Burp Suite Professional and Community.
      Java
      GNU Lesser General Public License v3.0
      3421912Updated Jan 9, 2025Jan 9, 2025

    • trusted-types-checker

      Public
      Python
      1000Updated Jan 8, 2025Jan 8, 2025

    • jwt-editor

      Public
      A Burp Suite extension for creating and editing JSON Web Tokens. This tool supports signing and verification of JWS, encryption and decryption of JWE and automation of several well-known attacks against applications that consume JWT.
      Java
      Apache License 2.0
      122301Updated Jan 6, 2025Jan 6, 2025

    • saml-raider

      Public
      SAML2 Burp Extension
      Java
      MIT License
      763000Updated Jan 6, 2025Jan 6, 2025

    • http-request-smuggler

      Public
      Java
      Other
      10496772Updated Jan 6, 2025Jan 6, 2025

    • trusted-domain-cors-scanner

      Public
      My own additional active scan checks.
      Kotlin
      1000Updated Jan 3, 2025Jan 3, 2025

    • scoper

      Public
      This is a Burp Suite extension that allows users to easily add web addresses to the Burp Suite scope.
      Java
      GNU General Public License v3.0
      13000Updated Jan 2, 2025Jan 2, 2025

    • burp-variables

      Public
      Burp Suite extension that extends Burp to support storing and reusing variables in requests
      Java
      MIT License
      1000Updated Dec 29, 2024Dec 29, 2024

    • license-title-cleaner

      Public
      Removing " - licensed to .*" from Burp window title
      Java
      1000Updated Dec 23, 2024Dec 23, 2024

    • go-ocsp-responder

      Public
      OCSP responder written in Go meant to be used with PortSwigger's CertSquirt solution
      Go
      MIT License
      11200Updated Dec 17, 2024Dec 17, 2024

    • burp-extensions-montoya-api

      Public
      Burp Extensions Api
      Java
      Other
      7152110Updated Dec 16, 2024Dec 16, 2024

    • content-type-converter

      Public
      Central Repo for Burp extensions
      Java
      542200Updated Dec 13, 2024Dec 13, 2024

    • hackvertor

      Public
      Java
      508800Updated Dec 13, 2024Dec 13, 2024

    • batch-scan-report-generator

      Public
      Small Burp Suite Extension to generate multiple scan reports by host with just a few clicks. Works with Burp Suite Professional only.
      Java
      MIT License
      2400Updated Dec 12, 2024Dec 12, 2024

    • active-scan-plus-plus

      Public
      ActiveScan++ Burp Suite Plugin
      Java
      Apache License 2.0
      19021201Updated Dec 12, 2024Dec 12, 2024

    • sign-saboteur

      Public
      SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokens
      Java
      Apache License 2.0
      11300Updated Dec 5, 2024Dec 5, 2024

    • oauth-scan

      Public
      Burp Suite Extension useful to verify OAUTHv2 and OpenID security
      Java
      GNU General Public License v3.0
      2618600Updated Dec 3, 2024Dec 3, 2024

    • saml-encoder-decoder

      Public
      Python
      6000Updated Dec 3, 2024Dec 3, 2024

    • BChecks

      Public
      BChecks collection for Burp Suite Professional and Burp Suite Enterprise Edition
      GNU Lesser General Public License v3.0
      117655280Updated Dec 2, 2024Dec 2, 2024

    • autorize

      Public
      Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
      Python
      20723000Updated Nov 29, 2024Nov 29, 2024

    • cstc

      Public
      CSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef
      Java
      GNU General Public License v3.0
      27800Updated Nov 29, 2024Nov 29, 2024