appsec.fyi

A somewhat curated list of links to various topics in application security.

Burp Suite

LinkExcerptWord Count
Writing your first Burp Suite extensionThe new Burp Suite extensibility makes it much easier for non-programmers to create and use Burp extensions. This post explains the basics, and we'll soon be releasing a series of examples of Burp's extensibility in action. You can create Burp extensions using Java or Python.543
Creating Burp extensionsIf you're proficient in Java, you can create your own extensions for Burp Suite using our Montoya API. Note that Burp Suite only supports extensions written in Java 21 or lower. To get started, create a new Maven or Gradle project and add a dependency for the Montoya API as follows.393
My First Burp Suite ExtensionI recently had a career change from the defensive side of security to the offensive which means a whole knew set of skills to develop. For those who are not familiar Burp Suite is a security tool for testing web applications.2077
0ang3el/EasyCSRFEasyCSRF helps to find weak CSRF-protection in WebApp which can be easily bypassed. For example, content type based protection for API (Rest API, GraphQL API, etc) or CSRF-protection based on obscure data format (binary format, etc) are known to be weak.462
nccgroup/AutoRepeaterAutoRepeater will only resend requests which are changed by a defined replacement.727
RhinoSecurityLabs/SleuthQLSleuthQL is a python3 script to identify parameters and values that contain SQL-like syntax. Once identified, SleuthQL will then insert SQLMap identifiers (*) into each parameter where the SQL-esque variables were identified. SleuthQL requires an export of Burp's Proxy History.447
SleuthQL - Burp History Parsing Tool To Discover Potential SQL Injection PointsSleuthQL is a python3 script to identify parameters and values that contain SQL-like syntax. Once identified, SleuthQL will then insert SQLMap identifiers (*) into each parameter where the SQL-esque variables were identified. SleuthQL requires an export of Burp's Proxy History.421
The Top 5 Burp Suite ExtensionsIf you’re a freelance security researcher, chances are you’ve heard of — or use — Burp Suite, a program commonly considered the gold standard for penetration testing software.576
nccgroup/BurpSuiteHTTPSmugglerA Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques. This extension has been developed by Soroush Dalili (@irsdl) from NCC Group. The initial release (v0.102
Quick and dirty BurpSuite tutorialIn this article we look at BurpSuite, a framework of tools that can be used during penetration testing. We’ll cover the latest release of BurpSuite, version 2.0, getting our hands dirty with the OWASP Juice Shop vulnerable Web application.1763
PortSwigger/param-minerThis extension identifies hidden, unlinked parameters. It's particularly useful for finding web cache poisoning vulnerabilities. It combines advanced diffing logic from Backslash Powered Scanner with a binary search technique to guess up to 65,000 param names per request.334
Playing With the New Burp Suite REST APIOne of the coolest new features released in the recent beta version of Burp Suite is the introduction of a REST API. I blogged about the UI and some other feature enhancements earlier this week.670
AES-Killer v3.0 - Burp Plugin To Decrypt AES Encrypted Traffic Of Mobile Apps On The FlyBurpsuite Plugin to decrypt AES Encrypted traffic on the fly.227
Using Burp to Test a REST APIREST (representational state transfer) is an architectural style consisting of a coordinated set of constraints applied to components, connectors, and data elements, within a distributed hypermedia system.491
snoopysecurity/awesome-burp-extensionsPlease refer to the contributing guide for details. Awesome burp extensions is an amazing list for people who want to spice up their Burp instance with awesome plugins. The best ways to use are:9950
Attacking Web Applications With Burp SuiteLearn to effectively and dynamically attack web applications by discovering security weaknesses and common vulnerabilities using an industry standard methodology backed by the most comprehensive suite of web application penetration testing tools available today. The Burp Suite!100
HTTP Desync Attacks: Request Smuggling RebornHTTP requests are traditionally viewed as isolated, standalone entities.5102
Simple dirty script to fuzz a SOAP request using the BURP Sniper approach using Windows authentication.This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.39
The Top 8 Burp Suite Extensions That I Use to Hack Web SitesWhen doing Web Application Penetration Tests, one tool dominates the desktops of most Security Consultants: Burp Suite Professional (https://portswigger.net). This comes as no surprise. It has solid performance, a ton of features, and most importantly, extensibility.1415
Swing in Python Burp Extensions - Part 1TL;DR: What I learned from creating handcrafted GUIs for Python Burp extensions using Swing. Code is at: In April 2019, I had just joined Electronic Arts and I wanted to make a Burp extension. I saw only tutorials on creating a GUI in Jython.2067
PortSwigger Launches Web Security AcademyPortSwigger has launched a free interactive training platform in an attempt to address the global shortage of cybersecurity talent. The Web Security Academy features a vast amount of high-quality reading materials and interactive labs of varying levels of difficulty.351
Burp Suite Secret Finder - Burp Suite Extension To Discover Apikeys/Tokens From HTTP ResponseBurp Suite extension to discover a apikey/tokens from HTTP response.55
The top 10 best pentesting tools and extensions in Burp SuiteAt its heart, Burp Suite is an intercepting proxy. Manually proxying HTTP(S) traffic can provide a great deal of insight into a target web application's behavior.201
[BURP] 12 tricks for Burp RepeaterRepeater is one of the most frequently used part of Burp Suite. But there is plenty of hidden features there. Do you know all of them? Check my video with 12 tricks. 0:09 Change tab name 0:24 Restore closed tab 0:44 Request history 0:55 Auto scroll 1:19 Export to XML 1:41 Create request based on UR0
Burp Share RequestsThis Burp Suite extension enables the generation of shareable links to specific requests which other Burp Suite users can import.197
BurpSuite Pro Extensions: Some FavoritesPart of our internal mentoring and training culture at VDA includes Lunch and Learn events where engineers share helpful information about a relevant security topic.700
Authentication Token Obtain and Replace (ATOR) Burp Plugin: Fast and Reliable plugin to handle Complex Login SequencesAutomated scanners require a constant flow of requests and most tools have built-in session handling logic. Automated scanning/Session Handling for web applications is tricky these days especially because of the following vectors:1095
ethicalhackingplayground/ssrf-kingSSRF plugin for burp that Automates SSRF Detection in all of the Request If you are facing any problems or would like a new feature that is not listed below Please create a new issue below in this form Create New Issue ✔️ It will soon have a user Interface to specifiy your own call back payloa286
Burp Suite Extensions Rarely Utilized but Quite UsefulAlmost everyone who is involved in the security field especially web application security, already familiar with a fairly strong platform namely Burp Suite.1082
Web App Pentesting With Burp Suite Scan ProfilesWith the introduction of the Configuration Library in Burp Suite 2.0’s release, we’ve been creating more and more predefined templates to use during our web application penetration tests.1057
Great getting started resources for new users of Burp Suite ProfessionalIf you're new to Burp Suite Professional, then congratulations. Not only have you just bought into the world's leading toolkit for web security testing - you've also joined a massive worldwide community of security professionals. Welcome to the party.1033
Some of the best Burp extensions - as chosen by youAs we mentioned in our recent blog post on good resources for new Burp Suite Professional users, the BApp Store is one of the largest repositories of community-created user content you're likely to find anywhere.357
Web App Pentesting With Burp Suite Scan ProfilesWith the introduction of the Configuration Library in Burp Suite 2.0’s release, we’ve been creating more and more predefined templates to use during our web application penetration tests.1057
Automating Authorization Testing: AuthMatrix – Part 1If you’ve ever encountered a large web application with multiple roles, each with their own distinct permissions, you will understand the pain that comes with testing for authorization issues.1096
xnl-h4ck3r/GAP-Burp-ExtensionThis is an evolution of the original getAllParams extension for Burp. Not only does it find more potential parameters for you to investigate, but it also finds potential links to try these parameters on, and produces a target specific wordlist to use for fuzzing.601
A Step-by-Step Guide to Writing Extensions for API Pentesting in BurpSuiteAPI pentesting is an integral part of any security assessment, and BurpSuite can be a powerful tool for testing APIs. But did you know that you can extend the capabilities of BurpSuite even further by writing your own extensions?2241
botesjuan/Burp-Suite-Certified-Practitioner-Exam-StudyBurp Suite Certified Practitioner Exam Study. Contribute to botesjuan/Burp-Suite-Certified-Practitioner-Exam-Study development by creating an account on GitHub.0
Vulnerabilities detected by Burp ScannerBurp Scanner is capable of detecting a wide range of vulnerabilities, which are flagged by the scanner as issues. This table lists all vulnerabilities that can be identified by Burp Scanner. It is regularly updated in line with the latest PortSwigger research.56
Burp extensionsBurp extensions enable you to customize how Burp Suite behaves. You can use Burp extensions created by the community, or you can write your own. You can download Burp extensions from the BApp Store.120
lucsemassa/burp_bug_finderBurp_bug_finder is a custom burpuite plugin (written in python) that makes easy the discovery of web vulnerabilities.256
Burp Suite: The Basics TryHackMe WriteupThis is a writeup and first-time walkthrough of the Burp Suite: The Basics room on the TryHackMe Cybersecurity training platform. The Attack box virtual machine was used to walk through the room task questions.3531
hisxo/JSpectorJSpector is a Burp Suite extension that passively crawls JavaScript files and automatically creates issues with URLs, endpoints and dangerous methods found on the JS files. Before installing JSpector, you need to have Jython installed on Burp Suite.148
7 Essential Burp Extensions for Hacking APIsBurp Suite is a powerful tool used by security professionals and hackers to test the security of web applications. It contains a variety of features that allow you to find vulnerabilities in web apps and APIs, and in turn, exploit them.1225
DNS Analyzer - Finding DNS vulnerabilities with Burp SuiteDNS Analyzer - Finding DNS vulnerabilities with Burp Suite 26.06.2023research news vulnerability A brand-new Burp Suite extension for discovering DNS vulnerabilities in web applications.1730
Improve your API Security Testing with Burp BCheck ScriptsI’m a big fan of Burp Suite. In my Beginner’s Guide to API Hacking, I even go so far as to outright state you should BUY Burp Suite Professional if you are going to get serious about API security testing. Today, I am going to showcase WHY I believe that.1625
synfron/ReshaperForBurpExtension for Burp Suite to trigger actions and reshape HTTP request/response and WebSocket traffic using configurable Rules Example Usage Rules allow you to set actions to perform (called Thens) if messages/connections (event) received by Burp Suite meet certain criteria (called Whens).756
Writing Burp Bambda Filters Like a BossI have to tell you about Burp Bambda filters. This neat new feature in Burp helped me discover a new P1 crit on a target this week. Let me explain how.1465
Finding that one weird endpoint, with BambdasSecurity research involves a lot of failure. It's a perpetual balancing act between taking small steps with a predictable but boring outcome, and trying out wild concepts that are so crazy they might just work... but probably won't.997
Burp Extension Dev Part 1: Setup & BasicsYou can ensure that the Montoya API library was downloaded successfully by checking the “External Libraries” in your project. Creating a JAR File You need to set up your project to create a JAR file when you compile your code. This JAR file will be used to install or share your Burp extension.158
dwisiswant0/ngocokIf is already configured on your machine with , you can go ahead to the installation section. To find the location of the configuration file, execute or consult the ngrok Agent Configuration File documentation page.272
federicodotta/Burp-Suite-Extender-Montoya-CourseThis repository contains all the examples related to a series of tutorials that demonstrate how to use the new Montoya API of Burp Suite to create extensions that will greatly simplify our pentester lives.163
Burp Extension Dev Part 4: GUI DesignCustomizing the JPanel First, click on the JPanel in either the Component Tree or the visual representation. This will load the JPanel’s properties. To interact with components like JPanel programmatically, assign them a field name, like “ui”.168
254Labs/awesome-bambdasA collection of Bambdas (Burp Suite's Lambdas) Switch to Bambda mode now! 🤖 What can I do with Bambdas? Customize Burp Suite to suit your personal workflow with Bambdas. Start reading Introducing Bambdas226
bambdas/Filter/Proxy/HTTP/FilterHighlightAnnotateOWASP.bambda at main · PortSwigger/bambdasBambdas collection for Burp Suite Professional and Community. - bambdas/Filter/Proxy/HTTP/FilterHighlightAnnotateOWASP.bambda at main · PortSwigger/bambdas0
Tib3rius.bambdaA collection of TUBs (Totally Useless Bambdas) for Burp Suite, created by Tib3rius & friends. - Tibs-TUBs/Custom Column TUBs/Tib3rius.bambda at main · Tib3rius/Tibs-TUBs0
BugBountyzip/BambdasEndpoint Guessing Logic: The script uses the OpenAI API to guess potential endpoints based on the path of an HTTP request. Selecting a Request for Analysis: It identifies the request to analyze based on a specific annotation ("aaa") added to a request in Burp Suite's history.292
d0ge/sign-saboteurSignSaboteur is a Burp Suite extension for editing, signing, verifying, and attacking signed tokens.773