Shadow Repeater

Shadow Repeater enhances your manual testing with AI-powered, fully automatic variation testing. Simply use Burp Repeater as you normally would, and behind the scenes Shadow Repeater will monitor your attacks, try permutations, and report any discoveries via Organizer.

Whether you're probing for path traversal, SQL injection, XSS, or other vulnerabilities, Shadow Repeater intelligently mutates your inputs and analyzes responses for anomalies, making it valuable for in-depth manual testing and fuzzing. Stay one step ahead by discovering bypasses and alternative attack vectors that might otherwise go unnoticed.

Features

• Automated Payload Mutation - Automatically mutates user generated payloads
• Anomaly Detection - Analyzes responses using response diffing to flag interesting items
• Intelligent Fuzzing - Enhances manual testing by automating attack vector discovery
• Repeater Integration - Activates automatically by default after the fifth modified Repeater request

Usage

• Install Shadow Repeater and tick the "Use AI" checkbox.
• Use Repeater to test endpoints.
• Every 5th request, Shadow Repeater will send variations of your attacks and look for differences in the response.
• If Shadow Repeater finds something interesting, it will send it to the "Organizer" tool for further inspection.

Copyright © 2025 PortSwigger Ltd.