30 open-source projects similar to d3vilbug/hackbar, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best HackBar alternative.
A collection of enhancements for Portswigger's popular Burp Suite web penetration testing tool.
OneScan 是一款用于递归目录扫描的 BurpSuite 插件
A TCP/UDP Non-HTTP Proxy Extension for Burp Suite
A curated list of amazingly awesome Burp Extensions
reCAPTCHA = REcognize CAPTCHA: A Burp Suite Extender that recognize CAPTCHA and use for intruder payload 自动识别图形验证码并用于burp intruder爆破模块的插件
A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅
Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist
HopLa Burp Suite Extender plugin - Brings AI capabilities, autocompletion support, and a set of useful payloads to Burp Suite
A Burp Suite Extension to pull Employee Names from Google and Bing LinkedIn Search Results
captcha-killer的修改版,支持关键词识别base64编码的图片,添加免费ocr库,用于验证码爆破,适配新版Burpsuite
This is a collection of Python automation scripts and utility tools designed to handle repetitive technical tasks, system administration, and developer workflows. The project serves as a suite for task automation, data utility, and web automation. The collection includes specialized tools for multimedia processing, such as optical character recognition for extracting text from images, speech-to-text conversion, and real-time face and human body detection. It also features web scraping and monitoring capabilities to track product prices, fetch external API content, and automate interactions wi
XSStrike is a security tool designed to detect cross-site scripting vulnerabilities through parameter fuzzing and web response analysis. It functions as a web application fuzzer and vulnerability scanner that identifies injection points and security flaws. The project includes a specialized utility for detecting blind XSS, where payloads execute asynchronously or on separate pages. It also features a JavaScript library auditor to identify outdated libraries with known vulnerabilities and a dedicated tool for identifying and bypassing web application firewalls using various evasion techniques.
dirsearch is a command-line security tool and web path scanner used for discovering hidden directories and files on web servers. It functions as a recursive directory fuzzer and brute-force utility that identifies undocumented paths and sensitive files using wordlists and HTTP status codes. The tool distinguishes itself through template-driven path generation and an automated HTTP response filter that uses status codes, content length, and regex patterns to isolate valid targets. It supports recursive directory crawling to map complex web structures and provides state-persistence serializatio
This extension copies the selected request(s) to the clipboard as PowerShell object assignments. Standard or Base64 formats are available, with Base64 being the best option for binary data such as file uploads. Copied data also includes the necessary command to invoke the web request(s).
This tool detects XML Fast Infoset encoded HTTP requests in Burp based on the Content-Type header (xml/fastinfoset). Once the encoding is detected, it un-gzips the requests and decodes it to present a text-based readable user-friendly version. After a request has been edited, the plugin converts…
BurpelFish - Adds Google Translate to Burp's Context Menu. "Babel Fish" language translation for app-sec testing in other languages.
A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing
A simple burp plugin that highlights the Proxy history to differentiate requests made by different browsers. The way this works is that each browser would be assigned one color and the highlights happen automatically.
Burp extension to detect alias traversal via NGINX misconfiguration at scale.
Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
This is a Burp Suite Pro extension that is able to find the “Reverse Tabnabbing” attack. For more information about “Reverse Tabnabbing” attack please see https://www.owasp.org/index.php/Reverse_Tabnabbing