Stars
反中共政治宣传库。Anti Chinese government propaganda. 住在中国真名用户的网友请别给星星,不然你要被警察请喝茶。常见问答集,新闻集和饭店和音乐建议。卐习万岁卐。冠状病毒审查郝海东新疆改造中心六四事件法轮功 996.ICU709大抓捕巴拿马文件邓家贵低端人口西藏骚乱。Friends who live in China and have real name on…
The "Pentest Checklist Generator" is a Burp Suite extension designed to streamline the penetration testing process by automatically generating a customized checklist based on the HTTP traffic obser…
Collection of configuration files, bambdas, and extensions for use with burpsuite
A Burp Suite extension that detects broken authentication using AI. Learns from feedback, rescans intelligently, and shows clear prediction reasons.
Burpsuite Extension built to passively send copies of proxied HTML/JS to Semgrep
A template for building your own appsec research tools for use within BurpSuite. Implements James Kettle's BulkScan extension to handle basically everything except the actual check you want to perf…
An extension for BurpSuite to automatically annotate requests based on scanning history
A research project to add some brrrrrr to Burp
AnonLFI – A lightweight and intuitive Python tool designed for automated detection and exploitation of Local File Inclusion (LFI) vulnerabilities in web applications. Built for bug bounty hunters, …
subfalcon is a subdomain enumeration tool that allows you to discover and monitor subdomains for a given list of domains or a single domain. It fetches subdomains from various sources, checks for p…
A python script to automatically dump files and source code of a Symfony server in debug mode.
Exploit tool for CVE-2021-43008 Adminer 1.0 up to 4.6.2 Arbitrary File Read vulnerability
This script automates SQL injection testing using SQLMap with AI-powered decision making.
AIHTTPAnalyzer revolutionizes web application security testing by bringing artificial intelligence capabilities to Burp Suite. This innovative extension harnesses the power of AI to automate vulner…
BurpSuite MCP Server: A powerful Model Context Protocol (MCP) server implementation for BurpSuite, providing programmatic access to Burp's core functionalities.
Confluence Pre-Auth Remote Code Execution via OGNL Injection (CVE-2022-26134)
all subdomains wordlist unique and sorted total words are - 13048313
CVE-2024-0012 PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015) RCE POC
CVE-2024-56145 SSTI to RCE - twig templates