30 open-source projects similar to fsecurelabs/timeinator, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Timeinator alternative.
Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist
HaE is a network traffic analysis tool designed to extract, classify, and highlight specific data fragments within network messages and HTTP traffic. It functions as an HTTP data extractor and traffic content filter, utilizing a network metadata aggregator to centralize highlighted data fragments and annotations for analysis. The tool identifies high-value network packets by mapping classification results to visual color markers and employs a modular classification system to isolate data fragments from binary or text streams. It distinguishes the severity of matched data by piping extracted c
Adds a customizable "Send to..."-context-menu to your BurpSuite.
This is a Burp Suite Pro extension that is able to find the “Reverse Tabnabbing” attack. For more information about “Reverse Tabnabbing” attack please see https://www.owasp.org/index.php/Reverse_Tabnabbing
PyCript Websocket is now merge into https://github.com/Anof-cyber/PyCript, this repo is not available anymore.
A BurpSuite extension to aid pentesting web applications that use Blazor Server/BlazorPack. Primary functionality includes converting BlazorPack messages to JSON and vice versa, introduces tamperability for BlazorPack serialized messages.
This tool detects XML Fast Infoset encoded HTTP requests in Burp based on the Content-Type header (xml/fastinfoset). Once the encoding is detected, it un-gzips the requests and decodes it to present a text-based readable user-friendly version. After a request has been edited, the plugin converts…
This extension copies the selected request(s) to the clipboard as PowerShell object assignments. Standard or Base64 formats are available, with Base64 being the best option for binary data such as file uploads. Copied data also includes the necessary command to invoke the web request(s).
Doxycannon uses docker to create multiple socks proxies where the upstream internet connections are either VPN connections or Tor nodes
A BurpSuite extension for beautifying .NET message parameters and hiding some of the extra clutter that comes with .NET web apps (i.e. VIEWSTATE).
Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in their official BApp Store).
Burp Suite plugin identifies insertion points for GWT (Google Web Toolkit) requests
Burp Suite extension for parsing Swagger web service definition files
Utilities for creating Burp Suite Extensions, including the Burp Extensions API interfaces.
BurpSuite extension to assist with Automated Forced Browsing/Endpoint Enumeration
A simple burp plugin that highlights the Proxy history to differentiate requests made by different browsers. The way this works is that each browser would be assigned one color and the highlights happen automatically.
PwnFox is a Firefox/Burp extension that provide usefull tools for your security audit.
This Burp extension will auto-extract and display values from HTTP Response bodies based on a Regular Expression, similarly to the "Grep - Extract" feature in Burp Intruder but will work on any Responses. This can be helpful when trying to perform manual reconnaissance or building an injection…
BurpelFish - Adds Google Translate to Burp's Context Menu. "Babel Fish" language translation for app-sec testing in other languages.
Burp extension to detect alias traversal via NGINX misconfiguration at scale.
Burp Suite extension that automatically highlights different HTTP requests
This Burp Suite extension turns Burp into a Google Authenticator client. The current Google Two-Factor Authentication (2FA) code is automatically computed from a given shared secret and applied to bespoke location(s) in relevant requests in real-time.