appsec.fyi

A somewhat curated list of links to various topics in application security.

Burp Suite

Launching Tea Break burp extension: Reduce Burnout
BurpSuite Extensions: Some Favorites
Authentication Token Obtain and Replace (ATOR) Burp Plugin: Fast and Reliable plugin to handle Complex Login Sequences
[BURP] 12 tricks for Burp Repeater
Integrating Burp Suite Enterprise into Jenkins CI/CD Pipeline
Burp Share Requests
The top 10 best pentesting tools and extensions in Burp Suite
Burp Suite Secret Finder - Burp Suite Extension To Discover Apikeys/Tokens From HTTP Response
PortSwigger Launches Web Security Academy
The Top 8 Burp Suite Extensions That I Use to Hack Web Sites
Redirecting
How i exploit out-of-band resource load (HTTP) using burp suite extension plugin (taborator)
Simple dirty script to fuzz a SOAP request using the BURP Sniper approach using Windows authentication
Using Burp to Test a REST API
Quick and Dirty BurpSuite Tutorial
The Top 5 Burp Suite Extensions
My first Burp Suite extension
My Favorite Burp Suite Extensions
RhinoSecurityLabs/SleuthQL
Attacking Web Applications With Burp Suite
snoopysecurity/awesome-burp-extensions
AES-Killer v3.0 - Burp Plugin To Decrypt AES Encrypted Traffic Of Mobile Apps On The Fly
Playing With the New Burp Suite REST API
PortSwigger/param-miner
nccgroup/AutoRepeater
nccgroup/BurpSuiteHTTPSmuggler
SleuthQL - Burp History Parsing Tool To Discover Potential SQL Injection Points
0ang3el/EasyCSRF
Writing your first Burp Suite extension
The Top 8 Burp Suite Extensions
The Top 8 Burp Suite Extensions
Extending Burp Proxy With Extensions
Writing your first Burp Suite extension