# Web Traffic Interception Tools > Search results for `Burp Suite alternatives for intercepting and tampering web traffic` on awesome-repositories.com. 118 total matches; showing the first 50. Explore on the web: https://awesome-repositories.com/q/burp-suite-alternatives-for-intercepting-and-tampering-web-traffic **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [this search on awesome-repositories.com](https://awesome-repositories.com/q/burp-suite-alternatives-for-intercepting-and-tampering-web-traffic).** ## Results - [jaykali/maskphish](https://awesome-repositories.com/repository/jaykali-maskphish.md) (3,020 ⭐) — Maskphish is a comprehensive security toolkit that integrates capabilities for digital forensics, network vulnerability scanning, open-source intelligence, penetration testing, and social engineering. It functions as a multi-purpose framework for automating reconnaissance and executing security audits across diverse network environments. The project features a specialized phishing and social engineering toolkit used for cloning websites, masking URLs, and deploying deceptive pages to capture user credentials. It also includes a remote access Trojan builder for generating platform-specific executables and mobile application packages to establish remote command sessions. The framework covers a broad surface of capabilities, including web application penetration testing, OSINT reconnaissance, memory and disk forensics, and wireless network auditing. It provides tools for payload generation, credential theft, and the automation of information gathering from public data sources. This project is implemented primarily as a shell-based application. - [ariya/phantomjs](https://awesome-repositories.com/repository/ariya-phantomjs.md) (29,489 ⭐) — PhantomJS is a scriptable, headless browser engine based on WebKit that provides a programmatic interface for automating web page interactions. It operates without a graphical user interface, allowing for the execution of JavaScript to navigate pages, manipulate the document object model, and perform functional testing of web applications. The tool distinguishes itself by providing low-level control over the browser rendering lifecycle and network stack. It enables real-time interception and modification of network traffic, alongside the ability to generate visual snapshots and document exports from pages that rely on complex dynamic content. By maintaining a virtual display buffer and running the engine in an isolated memory space, it ensures consistent layout calculations and stability during automated sessions. Beyond its core rendering capabilities, the project supports complex automation workflows through command-line configuration and inter-process communication. These features facilitate the integration of browser-based tasks into larger software systems, enabling automated data extraction, performance analysis, and the verification of web application behavior. - [augustd/burp-suite-swaggy](https://awesome-repositories.com/repository/augustd-burp-suite-swaggy.md) (20 ⭐) — Burp Suite extension for parsing Swagger web service definition files - [mitmproxy/mitmproxy](https://awesome-repositories.com/repository/mitmproxy-mitmproxy.md) (43,943 ⭐) — Mitmproxy is an interactive, programmable network proxy engine designed for traffic analysis and protocol manipulation. It functions as a gateway that intercepts, inspects, and modifies network traffic in real-time, supporting HTTP, HTTPS, WebSocket, DNS, and generic TCP or UDP streams. By acting as a trusted certificate authority, the proxy can dynamically generate and sign certificates to decrypt and analyze secure TLS-encrypted connections. The project distinguishes itself through a highly extensible, event-driven architecture that allows users to automate traffic transformation using custom scripts. It provides a unified command-based interface for manual interaction, enabling users to define custom key bindings, content views, and command-line tools. The engine supports multiple operational modes, including explicit, transparent, reverse, and SOCKS proxying, as well as a userspace WireGuard VPN mode for capturing traffic without requiring client-side configuration changes. Beyond basic interception, the platform includes comprehensive tools for recording and replaying network conversations to simulate complex interactions or automate repetitive tasks. It offers advanced capabilities such as request blocking, header and body modification, and local resource mapping. The system also provides robust support for debugging and performance analysis, including integration with external tools through secret logging and structured data representation. The software is designed for rapid iteration, featuring live script reloading that updates custom logic without restarting the proxy process. It includes extensive documentation for managing certificates, configuring proxy modes, and implementing custom addons through a well-defined programmatic interface. - [infobyte/faraday](https://awesome-repositories.com/repository/infobyte-faraday.md) (6,523 ⭐) — Faraday is a vulnerability management platform and security tool aggregator designed to centralize security findings from multiple scanners into a single dashboard. It utilizes a relational security database to catalog hosts, services, and security flaws, enabling users to track remediation and analyze organizational risk. The platform distinguishes itself through a plugin-based system that normalizes diverse security tool outputs into a unified data model. It supports deep integration with a wide array of scanners and CLI tools, intercepting shell command output or parsing report files to aggregate findings. Additionally, it provides bidirectional synchronization with external ticketing systems via webhooks to maintain consistency between vulnerability states and remediation tasks. Broad capabilities include automated scan scheduling, role-based access control, and identity federation via SAML 2.0 and LDAP. The system also features template-driven report generation for executive and compliance documents, as well as a Model Context Protocol server to expose management data to AI assistants. The project is written in Python and integrates with PostgreSQL for data storage and Elasticsearch for high-performance querying. - [andresriancho/w3af](https://awesome-repositories.com/repository/andresriancho-w3af.md) (4,850 ⭐) — w3af is a web penetration testing suite and security audit framework designed to identify and exploit vulnerabilities in web applications. It functions as a vulnerability scanner that crawls targets to find injection points and a fuzzer used to discover hidden endpoints and test input validation. The project distinguishes itself by providing an intercepting HTTP proxy for capturing and modifying traffic, combined with a knowledge-base driven exploitation system. It enables the execution of security exploits to gain remote shell access and supports post-exploitation activities, such as routing traffic through compromised hosts via reverse TCP tunnels and SOCKS proxies. The platform covers a broad range of security capabilities, including REST API auditing, infrastructure fingerprinting, and automated login processing. It supports session maintenance through various authentication methods and provides tools for visualizing site structures and analyzing HTTP response clusters. Users can manage the scanner via a graphical interface or a programmatic API to automate scans and retrieve vulnerability data. The application is delivered as a dockerized environment to ensure consistent runtime behavior and simplified dependency management. - [augustd/burp-suite-utils](https://awesome-repositories.com/repository/augustd-burp-suite-utils.md) (0 ⭐) — Utilities for creating Burp Suite Extensions, including the Burp Extensions API interfaces. - [augustd/burp-suite-gwt-scan](https://awesome-repositories.com/repository/augustd-burp-suite-gwt-scan.md) (13 ⭐) — Burp Suite plugin identifies insertion points for GWT (Google Web Toolkit) requests - [alibaba/higress](https://awesome-repositories.com/repository/alibaba-higress.md) (7,558 ⭐) — Higress is an AI API gateway and cloud-native traffic manager that functions as a Kubernetes ingress controller. It provides a centralized system for routing, securing, and optimizing traffic directed toward large language models, AI agents, and microservice architectures. The project distinguishes itself through deep AI orchestration, including the ability to host and manage Model Context Protocol servers that transform REST APIs into tools for AI agents. It features specialized AI infrastructure for model request proxying, protocol translation across multiple providers, and semantic-based caching to reduce token consumption and latency. Broad capabilities cover API lifecycle management and traffic control, including canary releases, load balancing, and rate limiting. The system includes a comprehensive security suite with WAF filtering, OIDC and OAuth2 identity integration, and automated TLS certificate management. Extensibility is provided via a WebAssembly-based plugin system that allows for hot-loading custom logic without interrupting traffic. The gateway can be deployed to Kubernetes or Docker and supports the Kubernetes Gateway API and Ingress standards. - [fingerprintjs/fingerprintjs](https://awesome-repositories.com/repository/fingerprintjs-fingerprintjs.md) (27,334 ⭐) — Fingerprint is a visitor identification and fraud detection platform that generates persistent, unique identifiers by analyzing browser and device attributes. By extracting technical signals from the client environment, it enables reliable user tracking across sessions without relying on traditional cookies. The platform distinguishes itself through its focus on high-accuracy identification and security-first architecture. It employs edge-side proxying to bypass ad-blockers and privacy restrictions, ensuring consistent data collection. To maintain data integrity, it uses cryptographic payload sealing and server-side verification flows, which prevent tampering by ensuring that identification data is processed securely on the backend rather than solely on the client. Beyond core identification, the project provides a comprehensive suite for bot detection and security. It analyzes network metadata, device reputation, and behavioral patterns to identify malicious traffic, AI agents, and automated scrapers. These capabilities are supported by granular risk assessment tools, including confidence scoring and protection rulesets that allow for automated blocking of suspicious interactions. The platform offers extensive administrative and integration features, including multi-environment resource isolation, regional data residency controls, and programmatic API management. It supports diverse deployment environments through framework-specific SDKs, mobile integration, and automated proxy infrastructure deployment. - [monikamorrow/burp-suite-extension-examples](https://awesome-repositories.com/repository/monikamorrow-burp-suite-extension-examples.md) (0 ⭐) — Repository of Burp Suite starter example projects. - [ddgksf2013/ddgksf2013](https://awesome-repositories.com/repository/ddgksf2013-ddgksf2013.md) (13,109 ⭐) — This project is a network traffic manipulation tool and proxy designed to intercept, inspect, and modify data streams between mobile applications and their servers. It functions as a scriptable content blocker and traffic router, allowing users to apply custom rules to incoming and outgoing network requests. The tool enables users to bypass regional restrictions and subscription paywalls by injecting configuration rules that override server-side validation. It also provides capabilities for removing advertisements, tracking scripts, and promotional content from mobile applications and web services in real time. Beyond traffic management, the framework supports automated task execution and web content customization. Users can schedule recurring scripts for routine maintenance or information retrieval and inject custom code or styles into web sessions to alter page layouts and remove visual clutter. - [autoscrape-labs/pydoll](https://awesome-repositories.com/repository/autoscrape-labs-pydoll.md) (6,919 ⭐) — pydoll is a Chrome DevTools Protocol automation library and headless browser controller used for web data extraction and parallel browser automation. It controls Chromium-based browsers via direct WebSocket connections, allowing it to manage isolated browser contexts and tabs while bypassing the overhead and detection associated with WebDriver. The project features an anti-bot evasion framework that mimics natural human behavior, including mouse movements generated via Bezier curves and variable typing patterns. It provides specialized stealth capabilities to bypass behavioral analysis and automate interactions with CAPTCHA challenges. The library covers a broad range of capabilities, including network traffic interception for mocking server responses, comprehensive DOM manipulation and shadow DOM traversal, and structured data mapping for extracting content from dynamic pages. It also includes tools for browser fingerprint spoofing, identity synchronization, and the capture of page screenshots, PDFs, and screencasts. - [cloudflare/pingora](https://awesome-repositories.com/repository/cloudflare-pingora.md) (26,833 ⭐) — Pingora is a Rust-based framework for building high-performance network services, including HTTP reverse proxies, layer seven load balancers, and TLS termination proxies. It serves as an asynchronous network library designed to intercept and route HTTP, gRPC, and WebSocket traffic between clients and upstream backend servers. The project enables zero-downtime service updates by handing over listening sockets between processes during binary or configuration upgrades. It utilizes a programmable multi-phase pipeline to modify request and response bodies and headers, and it provides a pluggable TLS backend for managing secure encryption and client certificate validation. The framework covers a broad range of traffic management capabilities, including consistent hashing for load balancing, backend health monitoring, and failover strategies. It also implements high-performance content caching with in-memory storage and maintains upstream connection pools to reduce handshake latency. - [xer0days/sqli-query-tampering](https://awesome-repositories.com/repository/xer0days-sqli-query-tampering.md) (157 ⭐) — SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques. - [augustd/burp-suite-paste-curl](https://awesome-repositories.com/repository/augustd-burp-suite-paste-curl.md) (4 ⭐) — A Burp Suite extension to allow pasting cURL commands as raw HTTP requests in a new tab in Repeater. - [drogonframework/drogon](https://awesome-repositories.com/repository/drogonframework-drogon.md) (13,568 ⭐) — Drogon is a high-performance, cross-platform C++ framework designed for building asynchronous web services and server-side applications. It functions as a multi-threaded, event-driven server engine that manages concurrent network traffic and WebSocket connections with minimal latency. By leveraging non-blocking input/output and native code compilation, the framework provides a foundation for scalable applications that operate efficiently across diverse hardware architectures. The framework distinguishes itself through its compile-time template rendering, which transforms dynamic HTML views into native machine code to maximize execution speed. It also incorporates a sophisticated object-relational mapping layer that enables asynchronous database operations and persistent connection pooling, ensuring that data-heavy tasks do not stall the main execution thread. These capabilities are supported by a middleware-based filtering system that allows for the injection of custom logic and security policies throughout the request-response cycle. Beyond its core engine, the framework provides a comprehensive suite of tools for modern web development, including RESTful service support, real-time bidirectional communication, and automated project scaffolding. It handles complex operational requirements such as request proxying, load balancing, and secure traffic management through integrated SSL/TLS configuration. The system also includes built-in support for monitoring, logging, and performance metrics export to maintain visibility into application health. Developers can manage the entire application lifecycle through command-line tools that facilitate project generation, dependency management, and runtime configuration. The framework is designed to be portable, supporting cross-platform compilation to ensure consistent behavior across different operating systems. - [dragonflydb/dragonfly](https://awesome-repositories.com/repository/dragonflydb-dragonfly.md) (30,688 ⭐) — Dragonfly is a high-performance, multi-model in-memory data store designed to serve as a drop-in replacement for existing database infrastructures. By utilizing a multi-threaded, shared-nothing architecture and a fiber-based concurrency model, it maximizes CPU utilization and minimizes latency for read and write operations. The system supports a wide range of data structures, including strings, hashes, lists, sets, sorted sets, and JSON documents, while maintaining full compatibility with standard industry wire protocols and client libraries. What distinguishes Dragonfly is its focus on efficiency and scalability through advanced memory management and request processing. It employs a lock-free, cache-friendly hash table structure and zero-copy serialization to reduce overhead during high-throughput operations. For durability, the system utilizes asynchronous, snapshot-based persistence that captures the state of the dataset without blocking active requests. Furthermore, it provides built-in support for horizontal scaling and cluster management, allowing for the distribution of large datasets across multiple nodes to ensure high availability. Beyond core storage, the platform includes a comprehensive suite of operational and analytical capabilities. It features integrated support for geospatial data management, real-time message brokering via publish-subscribe patterns, and full-text search. To handle massive datasets efficiently, the engine incorporates probabilistic data structures for cardinality estimation, frequency tracking, and membership testing. These features are complemented by robust administrative tools, including access control, request rate limiting, and detailed server monitoring. - [istio/istio](https://awesome-repositories.com/repository/istio-istio.md) (38,226 ⭐) — Istio is a service mesh infrastructure that provides a centralized control plane to manage, secure, and observe communication between distributed microservices. It functions as a policy-driven network traffic controller, enabling developers to route, balance, and secure service-to-service traffic without requiring modifications to application code. The system enforces zero-trust security by utilizing mutual transport layer authentication to verify cryptographic identities for every network request. The project distinguishes itself through a sidecar-less proxy architecture, which offloads networking tasks to shared infrastructure proxies rather than requiring individual proxies for every container. This approach is complemented by waypoint proxies, which perform deep packet inspection and enforce granular access policies at the application layer. Furthermore, the platform provides a unified connectivity fabric that synchronizes service registry data across multiple clusters, allowing for consistent traffic management and security policy enforcement across disparate network boundaries. The system operates on a declarative model where a centralized management component continuously reconciles the desired state with the underlying network infrastructure. It supports both transport-layer and application-layer authorization, allowing for precise control over service access based on service accounts and specific request methods. The architecture is designed to simplify operational management and reduce resource overhead while maintaining consistent network behavior across complex, multi-cluster environments. - [augustd/burp-suite-error-message-checks](https://awesome-repositories.com/repository/augustd-burp-suite-error-message-checks.md) (65 ⭐) — Burp Suite extension to passively scan for applications revealing server error messages - [semporia/tiktok-unlock](https://awesome-repositories.com/repository/semporia-tiktok-unlock.md) (11,833 ⭐) — TikTok-Unlock is a utility designed for the management and retrieval of historical mobile application versions. It functions as a network traffic proxy that intercepts and inspects outgoing requests from desktop applications to identify and download specific software release identifiers. The tool utilizes man-in-the-middle traffic interception to capture and modify encrypted network requests between a client and remote servers. By performing dynamic API response injection and client-side request redirection, it enables the identification of legacy build metadata, allowing users to access and archive previous software releases for testing or compatibility purposes. The project provides a command-line interface to automate the retrieval of version manifests and the subsequent download of binary packages. It supports comprehensive network traffic analysis to facilitate the preservation of software states and the rollback to stable application versions. - [gorhill/ublock](https://awesome-repositories.com/repository/gorhill-ublock.md) (65,524 ⭐) — uBlock is a browser-based content blocker that functions as a declarative filtering engine to intercept network requests and modify web page content. It operates by parsing standardized filter lists into optimized data structures, allowing it to block network hosts, enforce security policies, and prevent unauthorized data transmission. The extension provides a comprehensive security layer that monitors outgoing traffic and disables intrusive browser features to enhance user privacy. What distinguishes this project is its granular control over filtering behavior through a dynamic rule orchestrator. Users can manage custom rules, apply site-specific overrides, and toggle filtering settings on a per-domain basis. The engine also employs advanced techniques such as CNAME uncloaking, IP address filtering, and response body modification to identify and neutralize trackers that attempt to bypass standard blocking methods. Furthermore, it supports enterprise-grade deployment, enabling organizations to enforce consistent security and filtering configurations across managed environments. The project covers a broad capability surface including cosmetic page modification, which uses CSS injection and sandboxed scriptlets to remove visual clutter and neutralize anti-blocking scripts. It also provides interactive tools for real-time network traffic inspection and manual element removal, ensuring users can debug and customize their browsing experience. The extension is designed to maintain high performance by synchronizing its initialization at startup, ensuring that all security rules are active before any network requests are processed. - [mrts/burp-suite-http-proxy-history-viewer](https://awesome-repositories.com/repository/mrts-burp-suite-http-proxy-history-viewer.md) (0 ⭐) — JavaFX application for viewing Burp Suite HTTP proxy history files. - [angular/angular](https://awesome-repositories.com/repository/angular-angular.md) (100,360 ⭐) — Angular is a platform for building web applications using a component-based architecture. It provides a comprehensive suite of tools for managing encapsulated UI units, including hierarchical dependency injection, a declarative template system, and fine-grained reactivity through signals. The framework supports complex application requirements such as client-side routing, form management, and internationalization. The project includes a command-line interface for scaffolding and build automation, alongside a testing ecosystem for unit and integration verification. It offers multiple rendering strategies, including server-side rendering and static site generation, with support for hydration processes to optimize application delivery. Additionally, the framework features a built-in animation suite and security mechanisms to handle common web vulnerabilities. - [boreas514/burp-suite-2.0-chinese-document](https://awesome-repositories.com/repository/boreas514-burp-suite-2-0-chinese-document.md) (0 ⭐) — Burp Suite 2.0 测试版已经对专业人士开放。 这是一次重大更新,包括成吨的新特性,包括如下内容: - [johnshall/shadowrocket-adblock-rules-forever](https://awesome-repositories.com/repository/johnshall-shadowrocket-adblock-rules-forever.md) (22,324 ⭐) — This project provides a comprehensive collection of curated configuration files and rule sets designed for the Shadowrocket proxy client. It functions as a centralized repository for managing network traffic, enabling users to implement granular routing policies, content filtering, and connection management across their devices. The repository distinguishes itself by offering advanced traffic orchestration capabilities, including domain-suffix pattern matching and rule-based interception. It supports complex network configurations such as proxy group load balancing, custom DNS resolution, and real-time URL rewriting. By utilizing these declarative rule sets, users can enforce specific traffic behaviors, such as bypassing local network services or directing requests through designated proxy nodes based on domain or IP criteria. Beyond basic routing, the project facilitates enhanced privacy and security through content filtering and encrypted traffic inspection. These features allow for the systematic blocking of advertisements, trackers, and malicious domains, while also providing the ability to modify web requests to improve service access and bypass regional restrictions. The configuration files are structured to be imported directly into the client to automate these network management tasks. - [awesome-selfhosted/awesome-selfhosted](https://awesome-repositories.com/repository/awesome-selfhosted-awesome-selfhosted.md) (299,516 ⭐) — This project is a community-curated directory of open-source software designed for deployment in private server environments and home labs. It serves as a comprehensive resource for discovering independent, self-hosted alternatives to mainstream cloud services, enabling users to maintain full data ownership and control over their digital infrastructure. The directory is structured through a hierarchical taxonomy that organizes a vast collection of applications into logical categories, ranging from media management and data analytics to private communication and team productivity tools. It distinguishes itself through a collaborative peer-review process, where community members validate the quality and relevance of each submission to ensure the directory remains accurate and reliable. The project covers a broad capability surface, including infrastructure automation, container-based service deployment, and declarative configuration management. These tools assist users in maintaining reproducible server environments and managing complex service dependencies across private hardware. The directory is maintained as a version-controlled repository, ensuring that all updates and community-driven changes are tracked and transparent. - [getpaseo/paseo](https://awesome-repositories.com/repository/getpaseo-paseo.md) (9,118 ⭐) — Paseo is an LLM coding agent orchestrator and multi-agent workflow manager designed to coordinate multiple AI agents across isolated git worktrees. It provides a unified control interface for managing these agents and their associated environments to execute complex programming tasks. The system distinguishes itself through a remote agent daemon that enables secure access to local coding agents via encrypted relays. It employs a git worktree environment manager to isolate parallel tasks into dedicated directories and branch-based server URLs, preventing file collisions and network port conflicts between concurrent agents. The platform covers wide-ranging capabilities including multi-agent orchestration via specialized agent committees, iterative worker-verifier execution loops, and comprehensive git workflow management. It includes tools for visual code review, GitHub API integration, and a command line interface for streaming real-time output and managing agent sessions. The architecture utilizes a headless daemon and a standardized JSON-RPC protocol to communicate with agent binaries over stdio. - [nobyda/script](https://awesome-repositories.com/repository/nobyda-script.md) (8,460 ⭐) — Script is a collection of scripts and rule-sets designed for iOS proxy tools to modify mobile application behavior, filter network traffic, and automate interactions with online services. It provides a library of scripts and a network filter to manage how applications communicate with web services. The project enables the unlocking of premium features, memberships, and VIP content within third-party applications. It also allows for the bypass of geographical restrictions on downloads and the removal of advertisements from mobile application interfaces. The toolset covers the automation of web service tasks to collect daily rewards and bonuses, the coordination of multiple account credentials, and the installation of signed IPA files via proxy overrides. It further supports the manipulation of HTTP headers and response bodies to adjust application functionality. - [augustd/burp-suite-token-fetcher](https://awesome-repositories.com/repository/augustd-burp-suite-token-fetcher.md) (0 ⭐) — Burp Extender to add unique form tokens to scanner requests. - [fastapi/fastapi](https://awesome-repositories.com/repository/fastapi-fastapi.md) (99,260 ⭐) — FastAPI is a web framework for building APIs with Python. It leverages standard language type hints to provide automatic data validation, request parsing, and interactive API documentation generation. The framework supports asynchronous request handling and manages execution contexts to prevent blocking the main event loop. The project includes a dependency injection system that allows for the resolution and injection of reusable components into request handlers. This system supports request-scoped caching, lifecycle management, and integration with security mechanisms like OAuth2 and JSON Web Tokens. Developers can organize applications into modular routers and mount sub-applications to manage complex routing logic. Infrastructure features include middleware support for cross-origin resource sharing, background task management, and static file serving. The framework automatically generates OpenAPI specifications for defined endpoints, which can be customized through metadata and schema extensions. Testing utilities are provided to simulate HTTP and WebSocket connections, allowing for isolated verification of application behavior. - [burp-hash/burp-hash](https://awesome-repositories.com/repository/burp-hash-burp-hash.md) (34 ⭐) — Burp-hash is a Burp Suite plugin. - [adguardteam/adguardfilters](https://awesome-repositories.com/repository/adguardteam-adguardfilters.md) (4,142 ⭐) — AdguardFilters is a collection of curated adblock filter lists, content blocking rulesets, and DNS blocklists. Its primary purpose is to provide the rules necessary to identify and remove advertisements, tracking scripts, and intrusive elements across web browsers and applications. The project includes specialized rules for cosmetic filtering to hide layout gaps and a malware domain database to block phishing and spyware destinations. It provides distinct filtering sets for different regions and purposes, such as social media blocking. The repository covers broad capability areas including malware and phishing defense, parental content control, and web privacy protection through the blocking of telemetry and analytics. It also provides rules for web content modification, such as restoring disabled page actions and suppressing site annoyances. The filter lists are organized using preprocessor directives and support delta-based updating to reduce bandwidth. - [apache/apisix](https://awesome-repositories.com/repository/apache-apisix.md) (16,767 ⭐) — This project is a high-performance, distributed API gateway designed to manage, secure, and observe traffic for microservices, serverless functions, and artificial intelligence model providers. It functions as a dynamic service proxy and cloud-native ingress controller, centralizing policy enforcement and traffic routing through a unified configuration interface that synchronizes state across multiple nodes in real time. The platform distinguishes itself through a highly extensible architecture that utilizes a high-performance scripting engine to execute modular logic directly within the request lifecycle. It provides specialized capabilities for modern AI workflows, including model request proxying, token-based budget enforcement, content moderation, and agentic workflow tracing. Furthermore, it supports complex multi-protocol environments by bridging diverse communication standards, including gRPC and various binary protocols, without requiring additional sidecar processes. Beyond its core proxying functions, the gateway offers a comprehensive suite of traffic management and security tools. It handles authentication and authorization through multiple strategies, including token validation and identity provider integration, while maintaining granular control over TLS policies and secret management. The system also provides robust observability through distributed tracing, metrics exporting, and detailed request logging, ensuring visibility into both standard API traffic and complex AI-driven interactions. The software is designed for containerized environments and can be deployed using standard container images, with full support for translating Kubernetes ingress resources into live routing rules. - [akashc99/json-escaper-burp-suite-python-plugin](https://awesome-repositories.com/repository/akashc99-json-escaper-burp-suite-python-plugin.md) (2 ⭐) — The JSON Escaper Burp Suite plugin simplifies the process of escaping JSON payloads for pentesters, as there is no built-in option for this in Burp. - [openresty/lua-nginx-module](https://awesome-repositories.com/repository/openresty-lua-nginx-module.md) (11,764 ⭐) — This project is an NGINX module that embeds the Lua scripting language directly into the server environment. It functions as a request processor and response filter, enabling the execution of scripts to handle HTTP requests, generate dynamic content, and manage server behavior without external application calls. The module provides a shared memory dictionary and cache manager, allowing data to be stored and retrieved across all active worker processes. This capability supports the collection of high-performance server metrics and the synchronization of information across concurrent processes. The system covers a broad range of programmable server extensions, including custom HTTP middleware, dynamic request routing, and programmable access control for validating client identity. It also includes tools for intercepting and transforming response bodies and headers, modifying request URIs during the rewrite phase, and executing initialization code during server startup. - [landrix/the-drag-and-drop-component-suite-for-delphi](https://awesome-repositories.com/repository/landrix-the-drag-and-drop-component-suite-for-delphi.md) (0 ⭐) — The Drag and Drop Component Suite for Delphi - [flutter/flutter](https://awesome-repositories.com/repository/flutter-flutter.md) (177,056 ⭐) — This project is a multi-platform UI framework designed for building applications that target mobile, web, and desktop environments from a single codebase. It utilizes a declarative paradigm where the user interface is defined as a function of application state, supported by a layered architecture that includes a high-performance rendering engine and a multi-platform compilation model. The framework provides a comprehensive suite of developer tools, including hot reloading for real-time code injection and diagnostic utilities for monitoring application state and performance. It features a modular component system, a constraint-based layout engine, and built-in support for navigation, localization, and accessibility. Developers can extend functionality through a native integration model that supports platform-specific APIs, foreign function interfaces, and a package management system for dependency distribution. Beyond core UI development, the project includes infrastructure for application packaging and distribution across various app stores and web environments. It also incorporates concurrency models for background task management, security utilities for code obfuscation, and tools for integrating generative AI into the development workflow. - [http-party/node-http-proxy](https://awesome-repositories.com/repository/http-party-node-http-proxy.md) (14,135 ⭐) — node-http-proxy is a Node.js HTTP proxy library used for forwarding requests to target servers. It functions as reverse proxy middleware capable of mapping incoming routes to target destinations and transforming request and response data streams. The library includes a WebSocket proxy gateway that upgrades standard HTTP connections into bidirectional streams between clients and backend servers. It also provides a response transformer for modifying bodies, location headers, and cookie domains. The project covers traffic routing management via rule-based translation tables and secure connection establishment using TLS termination and SSL certificates. It further supports real-time data transformation for request and response headers and event-driven error handling to capture failures during the proxying lifecycle. - [requestly/requestly](https://awesome-repositories.com/repository/requestly-requestly.md) (6,341 ⭐) - [mrts/burp-suite-http-proxy-history-converter](https://awesome-repositories.com/repository/mrts-burp-suite-http-proxy-history-converter.md) (0 ⭐) — Python script that converts Burp Suite HTTP proxy history files to HTML or CSV. - [hashicorp/terraform](https://awesome-repositories.com/repository/hashicorp-terraform.md) (48,720 ⭐) — Terraform is a declarative infrastructure-as-code tool designed to manage the lifecycle of cloud and on-premises resources. It functions as a workflow engine that reconciles a defined desired state against real-world infrastructure, using a persistent state-tracking layer to maintain consistency and visibility across distributed environments. By mapping infrastructure components into a directed acyclic graph, the system calculates the optimal order for provisioning, updating, or destroying resources. The platform is distinguished by its extensible plugin-based architecture, which decouples core orchestration logic from vendor-specific service APIs. This allows users to manage diverse infrastructure across multiple providers through a unified workflow. The system enforces predictability by separating operations into a three-stage lifecycle—planning, applying, and state-updating—and supports policy-as-code evaluation to validate changes against security and compliance rules before any modifications are executed. Beyond core orchestration, the tool provides robust support for collaborative management, including workspace isolation for environment separation and module sharing for distributing standardized infrastructure patterns. It integrates into broader development ecosystems through support for programmatic definition in various languages, external system hooks, and comprehensive tooling for configuration debugging and editor assistance. - [augustd/burp-suite-jsonpath](https://awesome-repositories.com/repository/augustd-burp-suite-jsonpath.md) (30 ⭐) — JSONPath extension for BurpSuite - [django-commons/django-debug-toolbar](https://awesome-repositories.com/repository/django-commons-django-debug-toolbar.md) (8,373 ⭐) — django-debug-toolbar is a developer tool that provides a browser-based set of diagnostic panels for inspecting HTTP requests and responses within a Django web application. It serves as a server-side diagnostics tool and web framework development suite, allowing developers to profile and inspect request-response cycles. The tool focuses on Django application troubleshooting, database optimization, and general web development. It enables the analysis of SQL queries and database performance to identify slow calls and reduce the number of requests per page. The software includes capabilities for HTTP request inspection, allowing for the viewing of detailed metadata and payload information to verify how a server handles incoming data. - [juspay/hyperswitch](https://awesome-repositories.com/repository/juspay-hyperswitch.md) (43,019 ⭐) — Hyperswitch is a payment orchestration platform designed to manage complex transaction lifecycles through a centralized control layer. It functions as a processor-agnostic integration hub that standardizes disparate external payment APIs, allowing businesses to route transactions across multiple providers to optimize for authorization rates and cost efficiency. The platform utilizes a state-machine-based architecture to track every payment from initial authentication to final settlement, ensuring consistent processing and reliable error recovery. What distinguishes the platform is its intelligent, rule-based traffic routing engine, which dynamically selects the most performant or cost-effective processor in real time. It includes automated recovery mechanisms that execute background retries for failed payments and payouts without requiring additional customer interaction. Furthermore, the platform provides a secure tokenization vault that replaces sensitive card data with non-sensitive tokens, which minimizes regulatory compliance scope and simplifies security audits. The platform offers a comprehensive suite of financial operations tools, including automated reconciliation pipelines that match transaction records across multiple banks and processors. It also provides centralized management for disputes, refunds, and global payouts, alongside detailed analytics for monitoring payment costs, interchange fees, and provider markups. Security is managed through adaptive authentication workflows and integrated fraud risk management modules that can be configured via a no-code interface. - [augustd/burp-suite-software-version-checks](https://awesome-repositories.com/repository/augustd-burp-suite-software-version-checks.md) (33 ⭐) — Burp extension to passively scan for applications revealing software version numbers - [fastapi/typer](https://awesome-repositories.com/repository/fastapi-typer.md) (19,632 ⭐) — This project is a Python framework for building command-line interfaces by converting standard functions into executable programs. It uses type hints to automatically infer and generate argument parsers, validation logic, and help documentation, allowing developers to define complex terminal applications through simple function signatures. The framework distinguishes itself through a decorator-driven registration system that enables the construction of hierarchical command trees. It supports dependency injection to manage shared state and runtime configuration across subcommands, and it utilizes reflective metadata inspection to dynamically build help screens and parameter configurations. Beyond core parsing, the library provides a comprehensive suite of tools for terminal interaction, including support for interactive prompts, secure input collection, and visual feedback like progress indicators. It also handles advanced system integration tasks such as generating shell completion scripts, reading configuration from environment variables, and formatting terminal output with custom styling. The project is designed to be installed as a standard Python package, enabling developers to expose command-line entry points directly from their modules. - [elysiajs/elysia](https://awesome-repositories.com/repository/elysiajs-elysia.md) (18,531 ⭐) — Elysia is a high-performance TypeScript web framework designed for building type-safe backend services. It provides a modular, plugin-based architecture that allows developers to compose server logic, middleware, and validation schemas into scalable application instances. By leveraging native web standards, the framework ensures portability across diverse JavaScript runtimes, including Node.js, Deno, and various edge computing environments. The framework distinguishes itself through its focus on end-to-end type safety, automatically synchronizing request and response definitions between the server and client. It features a sophisticated plugin system that enables granular control over the request lifecycle, allowing for scoped validation, dependency injection, and shared state management. Additionally, it includes built-in support for real-time communication via WebSockets and provides automated generation of interactive API documentation directly from server routes. Beyond its core routing and validation capabilities, the framework offers a comprehensive suite of tools for managing the request-response lifecycle, including custom payload parsing, reactive cookie management, and streaming responses. It also integrates observability features such as request tracing and performance monitoring, alongside testing utilities that allow for in-memory request simulation without requiring a live network connection. The project is designed for flexibility in deployment, supporting everything from standard server environments to serverless and edge platforms, with options for bundling applications into portable binaries. - [fastapi/sqlmodel](https://awesome-repositories.com/repository/fastapi-sqlmodel.md) (18,137 ⭐) — SQLModel is a type-safe object-relational mapping library for Python that integrates database schema definitions with data validation logic. By combining these two roles into a single class, it allows developers to manage relational data structures and enforce data integrity for web APIs simultaneously. The framework is built to support asynchronous database operations, enabling high-performance applications to execute queries and transactions without blocking the main execution thread. The library distinguishes itself by leveraging Python type hints to provide IDE autocompletion and compile-time safety for database operations, effectively eliminating the need for raw SQL. It simplifies complex relational tasks by allowing developers to navigate and manage related records through object attributes, while automatically handling session lifecycles and transaction commits. Furthermore, it includes built-in support for circular dependency resolution and forward-reference type definitions, which helps maintain clean code organization in large-scale projects. Beyond its core mapping capabilities, the project provides a comprehensive suite of tools for data lifecycle management, including automated schema initialization, migration tracking, and granular control over cascade operations. It also features robust testing utilities, such as dependency overrides and support for in-memory database execution, to facilitate isolated and efficient test environments. Security is addressed through automatic query sanitization, which protects database interactions from malicious input. - [lgandx/pcredz](https://awesome-repositories.com/repository/lgandx-pcredz.md) (2,509 ⭐) — PCredz is a network credential extraction tool and traffic analyzer designed to intercept passwords, hashes, and tokens from IPv4 and IPv6 traffic. It functions as both a real-time monitor for live network interfaces and a parser for saved packet capture files. The tool identifies sensitive information, including credit card numbers and authentication tokens, using protocol-aware parsing. It further acts as a password hash recovery utility by normalizing captured authentication hashes into specific syntaxes compatible with external recovery software. Capabilities include real-time traffic interception with IP-based filtering to reduce noise, as well as recursive scanning of directories for historical packet capture files. Extracted data is organized into chronological logs sorted by credential type.