|
.NET Beautifier
Masks verbose parameter details in .NET requests.
|
Rating
|
Popularity
|
Last updated
23 January 2017
|
|
Active Scan++
Extends Burp's active and passive scanning capabilities.
|
Rating
|
Popularity
|
Last updated
04 April 2018
|
|
Add & Track Custom Issues
Create custom issues in Burp Scanner results, using predefined issue templates.
|
Rating
|
Popularity
|
Last updated
16 January 2018
|
|
Additional CSRF Checks
Performs additional checks for CSRF vulnerabilities in a semi-automated manner.
|
Rating
|
Popularity
|
Last updated
09 January 2018
|
|
Additional Scanner Checks
Provides some additional passive Scanner checks.
|
Rating
|
Popularity
|
Last updated
12 January 2017
|
|
AES Payloads
Allows encryption and decryption of AES payloads in Burp Intruder and Scanner.
|
Rating
|
Popularity
|
Last updated
28 August 2015
|
|
AuthMatrix
Provides a simple way to test authorization in web applications and web services.
|
Rating
|
Popularity
|
Last updated
02 February 2018
|
|
Authz
Helps test for authorization vulnerabilities.
|
Rating
|
Popularity
|
Last updated
01 July 2014
|
|
Auto Repeater
Automatically repeat requests, with replacement rules and response diffing.
|
Rating
|
Popularity
|
Last updated
04 April 2018
|
|
Autorize
Automatically detects authorization enforcement.
|
Rating
|
Popularity
|
Last updated
09 July 2018
|
|
AWS Security Checks
Additional Scanner checks for AWS security issues.
|
Rating
|
Popularity
|
Last updated
18 January 2018
|
|
Backslash Powered Scanner
Finds unknown classes of injection vulnerabilities.
|
Rating
|
Popularity
|
Last updated
06 June 2018
|
|
Batch Scan Report Generator
Generates multiple scan reports by host with just a few clicks.
|
Rating
|
Popularity
|
Last updated
03 October 2017
|
|
Blazer
Generates and fuzzes custom AMF messages.
|
Rating
|
Popularity
|
Last updated
01 February 2017
|
|
Bradamsa
Generates Intruder payloads using the Radamsa test case generator.
|
Rating
|
Popularity
|
Last updated
02 July 2014
|
|
Brida, Burp to Frida bridge
A bridge between Burp Suite and Frida to help test Android applications.
|
Rating
|
Popularity
|
Last updated
08 June 2018
|
|
Browser Repeater
Automatically renders Repeater responses in Firefox.
|
Rating
|
Popularity
|
Last updated
01 July 2014
|
|
Buby
Adds Ruby scripting capabilities to Burp.
|
Rating
|
Popularity
|
Last updated
14 February 2017
|
|
Burp Chat
Enables collaborative usage of Burp using XMPP/Jabber.
|
Rating
|
Popularity
|
Last updated
23 January 2017
|
|
Burp CSJ
Integrates Crawljax, Selenium and JUnit into Burp.
|
Rating
|
Popularity
|
Last updated
23 March 2015
|
|
Burp-hash
Identifies previously submitted inputs appearing in hashed form.
|
Rating
|
Popularity
|
Last updated
28 August 2015
|
|
BurpSmartBuster
Looks for files, directories and file extensions based on current requests received by Burp Suite.
|
Rating
|
Popularity
|
Last updated
22 January 2018
|
|
Bypass WAF
Adds headers useful for bypassing some WAF devices.
|
Rating
|
Popularity
|
Last updated
29 March 2017
|
|
Carbonator
Provides a command-line interface to drive spidering and scanning.
|
Rating
|
Popularity
|
Last updated
23 January 2017
|
|
Cloud Storage Tester
Test Amazon S3, Google Storage and Azure Storage for common misconfiguration issues.
|
Rating
|
Popularity
|
Last updated
05 October 2017
|
|
CMS Scanner
Scan for common vulnerabilities in popular CMS.
|
Rating
|
Popularity
|
Last updated
03 October 2017
|
|
CO2
Adds various capabilities including SQL Mapper, User Generator and Prettier JS.
|
Rating
|
Popularity
|
Last updated
20 July 2017
|
|
Code Dx
Uploads scan reports directly to CodeDx, a software vulnerability correlation and management system.
|
Rating
|
Popularity
|
Last updated
06 June 2018
|
|
Collaborator Everywhere
Augments your proxy traffic by injecting non-invasive headers designed to reveal backend systems by causing pingbacks to Burp Collaborator.
|
Rating
|
Popularity
|
Last updated
21 May 2018
|
|
Command Injection Attacker
Customizable payload generator to detect and exploit command injection flaws during blind testing.
|
Rating
|
Popularity
|
Last updated
27 June 2018
|
|
Commentator
Generates comments for selected requests based on regular expressions.
|
Rating
|
Popularity
|
Last updated
16 July 2018
|
|
Content Type Converter
Converts JSON To XML, XML to JSON, body parameters to JSON, and body parameters to XML.
|
Rating
|
Popularity
|
Last updated
23 January 2017
|
|
Copy as Node Request
Copies the selected requests as Node.JS request code.
|
Rating
|
Popularity
|
Last updated
09 November 2017
|
|
Copy as PowerShell Requests
Copies the selected request(s) as PowerShell invocation(s).
|
Rating
|
Popularity
|
Last updated
31 January 2018
|
|
Copy As Python-Requests
Copies selected request(s) as Python-Requests invocations.
|
Rating
|
Popularity
|
Last updated
23 November 2017
|
|
Cryptojacking Mine Sweeper
Detects script includes from over 6100 known cryptojacking domains.
|
Rating
|
Popularity
|
Last updated
23 July 2018
|
|
CSP Auditor
Displays CSP headers for responses, and passively reports CSP weaknesses.
|
Rating
|
Popularity
|
Last updated
15 August 2017
|
|
CSP-Bypass
Passively scans for CSP headers that contain known bypasses or other potential weaknesses.
|
Rating
|
Popularity
|
Last updated
24 January 2017
|
|
CSRF Scanner
Passively scans for CSRF vulnerabilities.
|
Rating
|
Popularity
|
Last updated
02 October 2017
|
|
CSRF Token Tracker
Provides a sync function for CSRF token parameters.
|
Rating
|
Popularity
|
Last updated
14 February 2017
|
|
CSurfer
Hides and automatically handles anti-CSRF token defenses.
|
Rating
|
Popularity
|
Last updated
10 November 2015
|
|
Custom Logger
Adds a new tab to log all requests and responses.
|
Rating
|
Popularity
|
Last updated
01 July 2014
|
|
Custom Parameter Handler
Provides a simple way to automatically modify any part of an HTTP message.
|
Rating
|
Popularity
|
Last updated
31 July 2017
|
|
CustomDeserializer
Speeds up manual testing of web applications by performing custom deserialization.
|
Rating
|
Popularity
|
Last updated
06 February 2017
|
|
CVSS Calculator
Calculates CVSS v2 and v3 scores of vulnerabilities.
|
Rating
|
Popularity
|
Last updated
30 March 2017
|
|
Decoder Improved
A replacement for Burp decoder with tabs, an improved hex editor, and extensibiity.
|
Rating
|
Popularity
|
Last updated
12 July 2018
|
|
Decompressor
View and modify compressed HTTP messages without changing the content-encoding.
|
Rating
|
Popularity
|
Last updated
19 June 2018
|
|
Detect Dynamic JS
Passively checks for differing content in JavaScript files and aids in finding user/session data.
|
Rating
|
Popularity
|
Last updated
08 February 2018
|
|
Distribute Damage
Evenly distributes scanner load across targets.
|
Rating
|
Popularity
|
Last updated
05 June 2018
|
|
Dradis Framework
Send Scanner issues to Dradis collaboration and reporting framework.
|
Rating
|
Popularity
|
Last updated
17 February 2017
|
|
ElasticBurp
Stores requests/responses in an ElasticSearch index.
|
Rating
|
Popularity
|
Last updated
15 August 2017
|
|
Error Message Checks
Passively detects detailed server error messages.
|
Rating
|
Popularity
|
Last updated
31 January 2018
|
|
EsPReSSO
Processes and recognizes single sign-on protocols.
|
Rating
|
Popularity
|
Last updated
06 June 2018
|
|
ExifTool Scanner
Reads metadata from various file types (JPEG, PNG, PDF, DOC, and much more) using ExifTool.
|
Rating
|
Popularity
|
Last updated
15 December 2017
|
|
ExtendedMacro
Provides a similar but extended version of the Burp Suite macro feature.
|
Rating
|
Popularity
|
Last updated
27 June 2017
|
|
Faraday
Integrates Burp with the Faraday Integrated Penetration-Test Environment.
|
Rating
|
Popularity
|
Last updated
20 April 2017
|
|
Fast Infoset Tester
Allows Burp to test applications that use Fast Infoset XML encoding
|
Rating
|
Popularity
|
Last updated
02 October 2017
|
|
File Upload Traverser
Checks whether file uploads are vulnerable to path traversal
|
Rating
|
Popularity
|
Last updated
03 August 2017
|
|
Flow
Provides request history view for all Burp tools.
|
Rating
|
Popularity
|
Last updated
20 November 2017
|
|
Freddy, Deserialization Bug Finder
Helps detect and exploit deserialization vulnerabilities in Java and .Net
|
Rating
|
Popularity
|
Last updated
09 July 2018
|
|
Git Bridge
Lets Burp users store Burp data and collaborate via git.
|
Rating
|
Popularity
|
Last updated
17 June 2015
|
|
Google Authenticator
Generate Google Authenticator OTPs in session handling rules.
|
Rating
|
Popularity
|
Last updated
05 June 2018
|
|
Google Hack
Lets you run Google Hacking queries and add results to Burp's site map.
|
Rating
|
Popularity
|
Last updated
01 July 2014
|
|
GWT Insertion Points
Automatically identifies insertion points for GWT (Google Web Toolkit) requests.
|
Rating
|
Popularity
|
Last updated
24 January 2017
|
|
Hackvertor
Converts data using a tag-based configuration to apply various encoding and escaping operations.
|
Rating
|
Popularity
|
Last updated
20 November 2017
|
|
Handy Collaborator
Assists with using Collaborator during manual testing.
|
Rating
|
Popularity
|
Last updated
05 June 2018
|
|
Headers Analyzer
Reports security issues in HTTP headers.
|
Rating
|
Popularity
|
Last updated
24 November 2014
|
|
Headless Burp
Allows Burp Scanner to be automated, using Spider or an existing Site Map.
|
Rating
|
Popularity
|
Last updated
09 July 2018
|
|
HeartBleed
Checks whether a server is vulnerable to the Heartbleed bug.
|
Rating
|
Popularity
|
Last updated
01 July 2014
|
|
HTML5 Auditor
Scans for usage of risky HTML5 features.
|
Rating
|
Popularity
|
Last updated
01 July 2014
|
|
HTTP Mock
Provides mock responses that can be configured, based on real ones.
|
Rating
|
Popularity
|
Last updated
10 July 2018
|
|
HTTPoxy Scanner
Scans for the HTTPoxy vulnerability.
|
Rating
|
Popularity
|
Last updated
21 October 2016
|
|
Identity Crisis
Checks if a particular URL responds differently to various User-Agent headers.
|
Rating
|
Popularity
|
Last updated
22 January 2015
|
|
Image Location & Privacy Scanner
Passively scans jpeg / png / tiff for embedded GPS, IPTC, and camera-proprietary location & privacy exposures.
|
Rating
|
Popularity
|
Last updated
23 January 2018
|
|
Image Metadata
Extracts metadata from image files.
|
Rating
|
Popularity
|
Last updated
31 January 2017
|
|
Image Size Issues
Detects potential denial of service attacks in image retrieval functions.
|
Rating
|
Popularity
|
Last updated
06 February 2017
|
|
Intruder File Payload Generator
Allows use of file contents and filenames as Intruder payloads.
|
Rating
|
Popularity
|
Last updated
02 September 2015
|
|
Intruder Time Payloads
Lets you include the current epoch time in Intruder payloads.
|
Rating
|
Popularity
|
Last updated
24 January 2017
|
|
Issue Poster
Posts discovered Scanner issues to an external web service.
|
Rating
|
Popularity
|
Last updated
07 September 2015
|
|
J2EEScan
Adds scan checks focused on Java environments and technologies.
|
Rating
|
Popularity
|
Last updated
02 October 2017
|
|
Java Deserialization Scanner
Performs active and passive scans to detect Java deserialization vulnerabilities.
|
Rating
|
Popularity
|
Last updated
27 June 2017
|
|
Java Serial Killer
Performs Java deserialization attacks using the ysoserial payload generator tool.
|
Rating
|
Popularity
|
Last updated
30 January 2017
|
|
Java Serialized Payloads
Generates Java serialized payloads to execute OS commands.
|
Rating
|
Popularity
|
Last updated
06 February 2017
|
|
JCryption Handler
Analyze web applications that use JCryption
|
Rating
|
Popularity
|
Last updated
14 July 2017
|
|
JSON Beautifier
Beautifies JSON content in the HTTP message viewer.
|
Rating
|
Popularity
|
Last updated
03 October 2017
|
|
JSON Decoder
Displays JSON messages in decoded form.
|
Rating
|
Popularity
|
Last updated
24 January 2017
|
|
JSON Web Token Attacker
JOSEPH - JavaScript Object Signing and Encryption Pentesting Helper
|
Rating
|
Popularity
|
Last updated
22 November 2017
|
|
JSON Web Tokens
Enables Burp to decode and manipulate JSON web tokens.
|
Rating
|
Popularity
|
Last updated
03 May 2018
|
|
JSWS Parser
Parses JSWS responses and generates JSON requests for all supported methods.
|
Rating
|
Popularity
|
Last updated
15 February 2017
|
|
JVM Property Editor
Allows viewing and editing of JVM system properties.
|
Rating
|
Popularity
|
Last updated
24 January 2017
|
|
Kerberos Authentication
Adds support for performing Kerberos authentication.
|
Rating
|
Popularity
|
Last updated
30 August 2017
|
|
Lair
Sends Burp Scanner issues directly to a remote Lair project.
|
Rating
|
Popularity
|
Last updated
25 January 2017
|
|
Length Extension Attacks
Performs hash length extension attacks on weak signature mechanisms.
|
Rating
|
Popularity
|
Last updated
25 January 2017
|
|
LightBulb WAF Auditing Framework
An open source python framework for auditing WAFs and Filters.
|
Rating
|
Popularity
|
Last updated
22 January 2018
|
|
Logger++
Logs requests and responses for all Burp tools in a sortable table.
|
Rating
|
Popularity
|
Last updated
21 May 2018
|
|
Manual Scan Issues
Allows users to manually create custom issues within the Burp Scanner results.
|
Rating
|
Popularity
|
Last updated
23 May 2017
|
|
Match/Replace Session Action
Provides a match and replace function as a Session Handling Rule.
|
Rating
|
Popularity
|
Last updated
24 August 2017
|
|
MessagePack
Allows conversion of MessagePack messages to/from JSON format.
|
Rating
|
Popularity
|
Last updated
20 April 2017
|
|
Meth0dMan
Generates custom Intruder payloads based on the site map.
|
Rating
|
Popularity
|
Last updated
24 January 2017
|
|
MindMap Exporter
Aids with documentation of OWASP Testing Guide V4 tests.
|
Rating
|
Popularity
|
Last updated
25 January 2017
|
|
Multi Session Replay
Allows replay of requests in multiple sessions, to identify authorization vulnerabilities
|
Rating
|
Popularity
|
Last updated
03 October 2017
|
|
Multi-Browser Highlighting
Highlight the Proxy history to differentiate requests made by different browsers
|
Rating
|
Popularity
|
Last updated
02 February 2018
|
|
NMAP Parser
Parses Nmap output files and adds common web ports to Burp's target scope.
|
Rating
|
Popularity
|
Last updated
09 January 2017
|
|
Notes
Lets you take notes and manage external documents from within Burp.
|
Rating
|
Popularity
|
Last updated
01 July 2014
|
|
NTLM Challenge Decoder
Decode NTLM SSP headers and extract domain/host information
|
Rating
|
Popularity
|
Last updated
29 June 2018
|
|
Office Open XML Editor
Lets you edit Office Open XML files directly in Burp; useful for exploiting XXE
|
Rating
|
Popularity
|
Last updated
05 January 2018
|
|
Paramalyzer
Improves efficiency of manual parameter analysis for web penetration tests.
|
Rating
|
Popularity
|
Last updated
30 January 2017
|
|
ParrotNG
Adds a custom Scanner check to identify Flex applications vulnerable to CVE-2011-2461 (APSB11-25).
|
Rating
|
Popularity
|
Last updated
17 June 2015
|
|
Payload Parser
Generates payload lists based on a set of characters that are sanitized.
|
Rating
|
Popularity
|
Last updated
01 July 2014
|
|
Pcap Importer
Imports and passively scans Pcap files.
|
Rating
|
Popularity
|
Last updated
04 April 2017
|
|
PDF Metadata
Provides an additional passive Scanner check for metadata in PDF files.
|
Rating
|
Popularity
|
Last updated
20 April 2017
|
|
PDF Viewer
Allows viewing of PDF files directly within Burp.
|
Rating
|
Popularity
|
Last updated
02 September 2015
|
|
PeopleSoft Token Extractor
TODO
|
Rating
|
Popularity
|
Last updated
11 January 2018
|
|
PHP Object Injection Check
Finds PHP object injection vulnerabilities.
|
Rating
|
Popularity
|
Last updated
01 June 2018
|
|
Protobuf Decoder
Decodes and beautifies protobuf responses.
|
Rating
|
Popularity
|
Last updated
20 April 2017
|
|
Proxy Action Rules
Automatically forward, intercept and drop requests based on rules.
|
Rating
|
Popularity
|
Last updated
12 January 2018
|
|
Proxy Auto Config
Automatically configures Burp upstream proxies to match desktop proxy settings.
|
Rating
|
Popularity
|
Last updated
05 October 2017
|
|
PsychoPATH
A customizable payload generator suitable for detecting a variety of file path vulnerabilities.
|
Rating
|
Popularity
|
Last updated
28 June 2018
|
|
Python Scripter
Allows execution of a custom Python script on each HTTP request and response.
|
Rating
|
Popularity
|
Last updated
28 September 2017
|
|
Random IP Address Header
Automatically generates fake source IP address headers to evade WAF filters.
|
Rating
|
Popularity
|
Last updated
01 July 2014
|
|
Reflected File Download Checker
Checks for reflected file downloads.
|
Rating
|
Popularity
|
Last updated
24 January 2017
|
|
Reflected Parameters
Monitors traffic and looks for parameter values that are reflected in the response.
|
Rating
|
Popularity
|
Last updated
10 November 2014
|
|
Reissue Request Scripter
This extension generates scripts to reissue selected requests.
|
Rating
|
Popularity
|
Last updated
23 December 2016
|
|
Replicator
Helps developers replicate findings discovered in pen tests.
|
Rating
|
Popularity
|
Last updated
15 February 2018
|
|
Report To Elastic Search
Reports issues discovered by Burp to an ElasticSearch database.
|
Rating
|
Popularity
|
Last updated
10 May 2017
|
|
Request Highlighter
Automatically highlights different HTTP requests based on headers content
|
Rating
|
Popularity
|
Last updated
23 July 2018
|
|
Request Minimizer
Minimize requests by removing ad cookies, cachebusters, etc.
|
Rating
|
Popularity
|
Last updated
25 June 2018
|
|
Request Randomizer
Places a random value into a specified location within requests.
|
Rating
|
Popularity
|
Last updated
24 January 2017
|
|
Request Timer
Captures response times for requests made by all Burp tools.
|
Rating
|
Popularity
|
Last updated
08 November 2017
|
|
Response Clusterer
Clusters similar responses together.
|
Rating
|
Popularity
|
Last updated
06 February 2017
|
|
Retire.js
Integrates with the Retire.js repository to find vulnerable JavaScript libraries.
|
Rating
|
Popularity
|
Last updated
29 June 2018
|
|
Reverse Proxy Detector
Detects reverse proxy servers.
|
Rating
|
Popularity
|
Last updated
13 February 2017
|
|
Same Origin Method Execution
Detects same origin method execution vulnerabilities.
|
Rating
|
Popularity
|
Last updated
26 January 2017
|
|
SAML Editor
Adds a tab to Burp's message editor for decoding/encoding SAML messages.
|
Rating
|
Popularity
|
Last updated
01 July 2014
|
|
SAML Encoder / Decoder
Adds a tab to Burp's main UI for decoding/encoding SAML messages.
|
Rating
|
Popularity
|
Last updated
01 July 2014
|
|
SAML Raider
Provides a SAML message editor and a certificate management tool to help with testing SAML infrastructures.
|
Rating
|
Popularity
|
Last updated
04 November 2016
|
|
SAMLReQuest
Enables you to view, decode, and modify SAML requests and responses.
|
Rating
|
Popularity
|
Last updated
06 February 2017
|
|
Scan Check Builder
Extend the Burp active and passive scanner by creating custom scan checks with an intuitive graphical interface.
|
Rating
|
Popularity
|
Last updated
08 June 2018
|
|
Scan manual insertion point
Do an active scan of just the insertion point defined by a selection in the UI.
|
Rating
|
Popularity
|
Last updated
24 May 2017
|
|
Sentinel
Performs custom scanning for vulnerabilities in web applications.
|
Rating
|
Popularity
|
Last updated
10 April 2017
|
|
Session Auth
Identifies authentication privilege escalation vulnerabilities.
|
Rating
|
Popularity
|
Last updated
24 January 2017
|
|
Session Timeout Test
Determines server session timeout intervals.
|
Rating
|
Popularity
|
Last updated
01 July 2014
|
|
Session Tracking Checks
Checks for the presence of known session tracking sites
|
Rating
|
Popularity
|
Last updated
05 January 2018
|
|
Similar Request Excluder
Improves efficiency by automatically marking similar requests as 'out-of-scope'.
|
Rating
|
Popularity
|
Last updated
20 June 2018
|
|
Site Map Extractor
Extracts key data from the Site Map and allows export to CSV.
|
Rating
|
Popularity
|
Last updated
01 March 2018
|
|
Site Map Fetcher
Fetches the responses of unrequested items in the site map.
|
Rating
|
Popularity
|
Last updated
22 January 2015
|
|
Software Version Reporter
Passively reports server software version numbers.
|
Rating
|
Popularity
|
Last updated
08 February 2018
|
|
Software Vulnerability Scanner
Software vulnerability scanner based on Vulners.com audit API
|
Rating
|
Popularity
|
Last updated
17 July 2017
|
|
SpyDir
Enumerates application endpoints via a local source code repository.
|
Rating
|
Popularity
|
Last updated
17 July 2018
|
|
SQLiPy Sqlmap Integration
Initiates SQLMap scans directly from within Burp.
|
Rating
|
Popularity
|
Last updated
25 June 2018
|
|
SSL Scanner
Scan for SSL vulnerabilities using techniques from testssl.sh and a2sv.
|
Rating
|
Popularity
|
Last updated
17 July 2018
|
|
Swagger Parser
Parse OpenAPI specifications, previously known as Swagger specifications, supporting JSON and YAML formats.
|
Rating
|
Popularity
|
Last updated
16 July 2018
|
|
Target Redirector
Redirect requests to a new target, to cope with moved apps.
|
Rating
|
Popularity
|
Last updated
04 April 2018
|
|
ThreadFix
Provides an interface to the ThreadFix vulnerability management platform.
|
Rating
|
Popularity
|
Last updated
25 January 2017
|
|
Token Incrementor
Increment a token in each request. Useful for parameters like username that must be unique.
|
Rating
|
Popularity
|
Last updated
02 January 2018
|
|
TokenJar
Manages tokens and updates request parameters with current values.
|
Rating
|
Popularity
|
Last updated
20 June 2018
|
|
Upload Scanner
Test file uploads with payloads embedded in meta data for various file formats.
|
Rating
|
Popularity
|
Last updated
16 July 2018
|
|
UUID Detector
Passively reports UUID/GUIDs observed within HTTP requests.
|
Rating
|
Popularity
|
Last updated
23 February 2017
|
|
WAF Cookie Fetcher
Fetches JavaScript cookies into the Burp cookie jar; useful to handle WAFs.
|
Rating
|
Popularity
|
Last updated
16 January 2018
|
|
WAFDetect
Passively detects web application firewalls from HTTP responses.
|
Rating
|
Popularity
|
Last updated
08 February 2017
|
|
Wayback Machine
Generate a sitemap using Wayback Machine.
|
Rating
|
Popularity
|
Last updated
18 June 2018
|
|
WCF Deserializer
Allows Burp to view and modify binary SOAP objects.
|
Rating
|
Popularity
|
Last updated
15 June 2017
|
|
Web Cache Deception Scanner
Detect web cache misconfigurations with Burp.
|
Rating
|
Popularity
|
Last updated
23 November 2017
|
|
WebInspect Connector
Integrates Burp with HP WebInspect.
|
Rating
|
Popularity
|
Last updated
10 August 2016
|
|
WebSphere Portlet State Decoder
Displays information about IBM WebSphere Portlet state.
|
Rating
|
Popularity
|
Last updated
17 February 2015
|
|
What-The-WAF
Extends Intruder to aid in testing Web Application Firewalls.
|
Rating
|
Popularity
|
Last updated
02 October 2014
|
|
Wordlist Extractor
Scrapes all unique words and numbers for use with password cracking
|
Rating
|
Popularity
|
Last updated
20 April 2017
|
|
WordPress Scanner
Find known vulnerabilities in WordPress plugins and themes using WPScan database.
|
Rating
|
Popularity
|
Last updated
29 May 2018
|
|
WSDL Wizard
Scans a target server for WSDL files.
|
Rating
|
Popularity
|
Last updated
01 July 2014
|
|
Wsdler
Parses WSDL files and generates SOAP requests to the enumerated endpoints.
|
Rating
|
Popularity
|
Last updated
01 November 2016
|
|
XChromeLogger Decoder
Adds a new HTTP message editor tab to display X-ChromeLogger-Data in decoded form.
|
Rating
|
Popularity
|
Last updated
25 January 2017
|
|
XSS Validator
Sends responses to a locally-running XSS-Detector server.
|
Rating
|
Popularity
|
Last updated
25 January 2017
|
|
Yara
Integrates Yara scanner into Burp Suite.
|
Rating
|
Popularity
|
Last updated
25 January 2017
|
