rep+ — Burp-style HTTP Repeater for Chrome DevTools with built‑in AI to explain requests and suggest attacks

💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh

IDOR Scanner is a Burp Suite extension that automates the detection and enumeration of potentially vulnerable numeric fields to identify IDOR vulnerabilities in web applications. 🚀

Proactive, Open source API security → API discovery, API Security Posture, Testing in CI/CD, Test Library with 1000+ Tests, Add custom tests, Sensitive data exposure

漏洞挖掘神器 | 浏览器插件 | 发现页面和JS中的隐藏接口和敏感信息、URL批量打开 & Vulnerability Mining Tool | Browser Plugin | Discover Hidden Interfaces, Sensitive Information in Pages and JS, Open Multiple URLs | Notepad

A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.

A modern GUI client based on Tauri, designed to run in Windows, macOS and Linux for tailored proxy experience

最新ChatGPT Plus代充值教程：2025年最可靠的ChatGPT Plus代充值平台推荐！你可以直接购买原生ChatGPT Plus独立账号，也可为你现有ChatGPT账号代充值！

辅助甲方安全人员巡检网站资产，发现并分析API安全问题

一款用于快速打点JS文件及路径扫描的单兵工具 / A single player tool for quickly scanning JS files and paths

Community curated list of templates for the nuclei engine to find security vulnerabilities.

🐍 A toolkit for testing, tweaking and cracking JSON Web Tokens

Advanced JWT decoding & cracking toolkit with a user-friendly UI for security testing

OSWE, OSEP, OSED, OSEE

A list of useful Powershell scripts with 100% AV bypass (At the time of publication).

Stuff that doesn't deserves its own repository.

List of XSS Vectors/Payloads

Directory/File, DNS and VHost busting tool written in Go

xss-payload-list

Collection of XSS Payloads for fun and profit

Most advanced XSS scanner.

Prototype Pollution and useful Script Gadgets

Prototype Pollution Scanner

Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that improve an active and passive scanner by yourself. This extension requires Burp Suite Pro.

Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules thro…

404StarLink - 推荐优质、有意义、有趣、坚持维护的安全开源项目

HaE - Highlighter and Extractor, Empower ethical hacker for efficient operations.

A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅

xia Liao（瞎料）burp插件 用于Windows在线进程/杀软识别 与 web渗透注册时，快速生成需要的资料用来填写，资料包含：姓名、手机号、身份证、统一社会信用代码、组织机构代码、银行卡，以及各类web语言的hello world输出和生成弱口令字典等。