![]() CMS Scanner - An active scan extension for Burp that provides supplemental coverage when testing popular content management systems.Image Size Issues - This extension passively detects potential denial of service attacks due to the size of an image being specified in request parameters.If the server is vulnerable, data retrieved from the server's memory will be dumped and viewed. HeartBleed - This extension adds a new tab to Burp's Suite main UI allowing a server to be tested for the Heartbleed bug. ![]() Headers Analyzer - This extension adds a passive scan check to report security issues in HTTP headers.Length Extension Attacks - his extension lets you perform hash length extension attacks on weak signature mechanisms.Reflected File Download Checker - This extension checks for reflected file downloads.SRI Check - A Burp Suite extension for identifying missing Subresource Integrity attributes.Reverse Proxy Detector - This extension detects reverse proxy servers.Software Vulnerability Scanner - This extension scans for vulnerabilities in detected software versions using the API.UUID Detector - This extension passively reports UUID/GUIDs observed within HTTP requests.Web Cache Deception Burp Extension - This extension tests applications for the Web Cache Deception vulnerability.WordPress Scanner - Find known vulnerabilities in WordPress plugins and themes using WPScan database.Yara - This extension allows you to perform on-demand Yara scans of websites within the Burp interface based on custom Yara rules that you write or obtain.Minesweeper - A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 14000+ malicious cryptocurrency mining domains (cryptojacking).Burp Suite GWT Scan - Burp Suite plugin identifies insertion points for GWT (Google Web Toolkit) requests.CSP Auditor - Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a Website/.Identity Crisis - A Burp Suite extension that checks if a particular URL responds differently to various User-Agent headers.Error Message Checks - Burp Suite extension to passively scan for applications revealing server error messages.ParrotNG - ParrotNG is a tool capable of identifying Adobe Flex applications (SWF) vulnerable to CVE-2011-2461.HTTPoxy Scanner - A Burp Suite extension that checks for the HTTPoxy vulnerability.SOMEtime - A BurpSuite plugin to detect Same Origin Method Execution vulnerabilities.Burp Retire JS - Burp/ZAP/Maven extension that integrate Retire.js repository to find vulnerable Javascript libraries.JSON array issues for Burp Suite - JSON Array issues plugin for Burp Suite.UUID issues for Burp Suite - UUID issues for Burp Suite.Burp Image Size - Image size issues plugin for Burp Suite.ActiveScan3Plus - Modified version of ActiveScan++ Burp Suite extension.Noopener Burp Extension - Find Target=_blank values within web pages that are set without noopener and noreferrer attributes.Burp Molly Pack - Security checks pack for Burp Suite.Collaborator Everywhere - A Burp Suite Pro extension which augments your proxy traffic by injecting non-invasive headers designed to reveal backend systems by causing pingbacks to Burp Collaborator.Backslash Powered Scanner - Finds unknown classes of injection vulnerabilities.Burp Sentinel - GUI Burp Plugin to ease discovering of security holes in web applications.CSP Bypass - A Burp Plugin for Detecting Weaknesses in Content Security Policies.Java Deserialization Scanner - All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities. ![]() The goal of this plugin is to improve the test coverage during web application penetration tests on J2EE applications. J2EEScan - J2EEScan is a plugin for Burp Suite Proxy.Software Version Reporter - Burp extension to passively scan for applications revealing software version numbers.HTML5 Auditor - This extension checks for usage of HTML5 features that have potential security risks.CSRF Scanner - CSRF Scanner Extension for Burp Suite Pro.Additional Scanner checks - Collection of scanner checks missing in Burp.Burp Vulners Scanner - Vulnerability scanner based on search API.Active Scan++ - ActiveScan++ extends Burp Suite's active and passive scanning capabilities.Simply press command + F to search for a keyword.How to UseĪwesome burp extensions is an amazing list for people who want to spice up their Burp instance with awesome plugins. ![]() Please refer to the contributing guide for details. A curated list of amazingly awesome Burp Extensions Contributing ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |