Burp extension to evade TLS fingerprinting. Bypass WAF, spoof any browser.
Awesome Burp Suite Resources. 400+ open source Burp plugins, 400+ posts and videos.
HopLa Burp Suite Extender plugin - Brings AI capabilities, autocompletion support, and a set of useful payloads to Burp Suite
Burp Suite extension that adds built-in MCP tooling, AI-assisted analysis, privacy controls, passive and active scanning and more
AI-powered vulnerability scanner extension for Burp Suite with multi-provider support (Ollama, OpenAI, Claude, Gemini)
Hands-on projects for beginners to learn and practice essential cybersecurity skills through security assessments.
Weaponize Your Burp is a repository for automation your Bug Bounty Hunting mindset in Burp Suite
Burp Suite extension for API security testing with 15 attack types, 108+ payloads, intelligent fuzzing, BOLA/IDOR detection, AI integration, and automated reconnaissance. Supports REST/GraphQL/SOAP APIs with Nuclei, Turbo Intruder, and external tool integration. OWASP API Top 10 coverage.
Cheatsheet, Notes, Payloads and Mayhem for Burp Suite Practitioner Exam (BSCP)
Beginner-friendly web penetration testing projects for hands-on learning.
Lightweight BApp that seamlessly integrates powerful LLM-scanning capabilities into Burp's built-in Scanner with improved accuracy. Supports the latest LLMs from OpenAI (gpt-4o, o1), Anthropic (Claude 3.5, Claude 3), and Google (Gemini 1.5). Requires valid API key(s) and an active Burp Suite Pro or Enterprise license.
All Apprentice and Practitioner-level Portswigger labs
A powerful Burp Suite extension that automatically detects JavaScript URLs from HTTP traffic, scans them using TruffleHog for secrets detection, and sends findings to Discord webhooks in real-time.
Battle Cats MITM Mailbox Hack
A curated collection of three cybersecurity learning roadmaps covering web penetration testing, ethical hacking, and foundational security skills. Each roadmap breaks learning into clear stages, tools, labs, and resources, helping beginners progress step-by-step from basics to hands-on offensive security practice.
A universal MCP client with proxying feature to interact with MCP Servers which support STDIO transport.
A Collection of penetration testing and Linux administration commands in PDFs. Include's detailed guides on tools like Nmap, Sqlmap, Hydra, and Linux system management etc..
🐐 GoatOS - A lightweight Linux distribution focused on Web & API penetration testing. Built on Debian with GNOME, featuring nuclei, httpx, ffuf, Burp Suite, and curated tools. Unlike Kali/Parrot, we focus exclusively on web security.
Dual-component security testing tool for bypassing WAFs, CAPTCHAs, and anti-bot protections. Chrome extension records HTTP traffic during manual browser interaction. Burp Suite extension imports HAR files and extracted cookies for automated bug bounty and penetration testing workflows.
🛡️AI-Powered Penetration Testing Platform with intelligent filtering, automated vulnerability testing, and Burp-style request inspector
Add a description, image, and links to the burp-suite topic page so that developers can more easily learn about it.
To associate your repository with the burp-suite topic, visit your repo's landing page and select "manage topics."