Skip to content

@PortSwigger PortSwigger

Change the repository type filter

All

    Repositories list

    425 repositories

    • url-cheatsheet-data

      Public
      This is the data that powers the PortSwigger URL validation bypass cheat sheet.
      JavaScript
      42410Updated Oct 18, 2024Oct 18, 2024

    • burp-suite-enterprise-edition-ami

      Public
      MIT License
      1200Updated Oct 18, 2024Oct 18, 2024

    • enterprise-helm-charts

      Public
      Helm charts for BSEE Kubernetes installation.
      kubernetesenterpriseburphelm-chart
      Smarty
      Apache License 2.0
      4323Updated Oct 18, 2024Oct 18, 2024

    • look-over-there

      Public
      Python
      3100Updated Oct 17, 2024Oct 17, 2024

    • cache-killer

      Public
      Java
      0000Updated Oct 17, 2024Oct 17, 2024

    • qualys-was

      Public
      Qualys' Burp Extension for WAS
      Java
      3400Updated Oct 16, 2024Oct 16, 2024

    • host-header-inchecktion

      Public
      A burp extention to find host header injection vulnerabilities
      Java
      4300Updated Oct 15, 2024Oct 15, 2024

    • content-type-converter

      Public
      Central Repo for Burp extensions
      Java
      532200Updated Oct 11, 2024Oct 11, 2024

    • param-miner

      Public
      Java
      Other
      1661.2k196Updated Oct 10, 2024Oct 10, 2024

    • turbo-intruder

      Public
      Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
      Kotlin
      Apache License 2.0
      2071.5k131Updated Oct 9, 2024Oct 9, 2024

    • websocket-turbo-intruder

      Public
      Fuzz WebSockets with custom Python code
      Java
      MIT License
      1100Updated Oct 9, 2024Oct 9, 2024

    • prototype-pollution-gadgets-finder

      Public
      Python
      3000Updated Oct 9, 2024Oct 9, 2024

    • certsquirt

      Public
      A golang PKI in less than 1000 lines of code.
      Go
      BSD 3-Clause "New" or "Revised" License
      2601Updated Oct 7, 2024Oct 7, 2024

    • BChecks

      Public
      BChecks collection for Burp Suite Professional and Burp Suite Enterprise Edition
      GNU Lesser General Public License v3.0
      110625252Updated Oct 4, 2024Oct 4, 2024

    • splitting-the-email-atom

      Public
      HTML
      56200Updated Oct 4, 2024Oct 4, 2024

    • copy-request-response

      Public
      Burp extension for quickly copying request/response data.
      Java
      17800Updated Sep 27, 2024Sep 27, 2024

    • research-labs

      Public
      This repository contains a number of insecure self-hosted applications that allows interested security engineers to test vulnerabilities found by Portswigger Research team.
      TypeScript
      Apache License 2.0
      01300Updated Sep 27, 2024Sep 27, 2024

    • json-escaper

      Public
      Python
      MIT License
      5200Updated Sep 24, 2024Sep 24, 2024

    • copy-as-python-requests

      Public
      Copy as requests plugin for Burp Suite
      Java
      MIT License
      246100Updated Sep 24, 2024Sep 24, 2024

    • reshaper

      Public
      Burp Suite Extension - Trigger actions and reshape HTTP request and response traffic using configurable rules
      Java
      MIT License
      121500Updated Sep 23, 2024Sep 23, 2024

    • display-switcher

      Public
      Repository for the DisplaySwitcher Burp Suite extension
      Java
      1000Updated Sep 20, 2024Sep 20, 2024

    • autorize

      Public
      Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
      Python
      19621500Updated Sep 18, 2024Sep 18, 2024

    • batch-scan-report-generator

      Public
      Small Burp Suite Extension to generate multiple scan reports by host with just a few clicks. Works with Burp Suite Professional only.
      Java
      MIT License
      2400Updated Sep 18, 2024Sep 18, 2024

    • nuclei-template-generator

      Public
      Nuclei plugin for BurpSuite
      Java
      MIT License
      1141300Updated Sep 18, 2024Sep 18, 2024

    • pyburp

      Public
      BcryptMontoya is a powerful plugin for Burp Suite that allows you to effortlessly modify HTTP requests and responses passing through the Burp Suite proxy using Jython code or gRPC, especially when dealing with encrypted requests.
      Java
      7700Updated Sep 18, 2024Sep 18, 2024

    • padding-oracle-hunter

      Public
      Python
      MIT License
      6800Updated Sep 13, 2024Sep 13, 2024

    • jwt-editor

      Public
      A Burp Suite extension for creating and editing JSON Web Tokens. This tool supports signing and verification of JWS, encryption and decryption of JWE and automation of several well-known attacks against applications that consume JWT.
      Java
      Apache License 2.0
      102000Updated Sep 13, 2024Sep 13, 2024

    • saml-raider

      Public
      SAML2 Burp Extension
      Java
      MIT License
      732700Updated Sep 13, 2024Sep 13, 2024

    • bypass-bot-detection

      Public
      Burp Suite extension that mutates ciphers to bypass TLS-fingerprint based bot detection
      Java
      Apache License 2.0
      920000Updated Sep 4, 2024Sep 4, 2024

    • copy-as-python-aiohttp

      Public
      Copy as aiohttp extension for Burp Suite
      Java
      MIT License
      1000Updated Sep 2, 2024Sep 2, 2024