Skip to content

@PortSwigger PortSwigger

Change the repository type filter

All

    Repositories list

    467 repositories

    • http-request-smuggler

      Public
      Java
      Other
      10699792Updated May 30, 2025May 30, 2025

    • turbo-intruder

      Public
      Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
      Kotlin
      Apache License 2.0
      2221.6k161Updated May 30, 2025May 30, 2025

    • semgrepper

      Public
      An extension to use Semgrep inside Burp Suite.
      Java
      GNU General Public License v3.0
      8500Updated May 29, 2025May 29, 2025

    • jwt-scanner

      Public
      JWT-attacker Burp Extension
      Java
      MIT License
      7200Updated May 29, 2025May 29, 2025

    • twilio-otp-authenticator

      Public
      This extension utilizes session handling rules to provide a Twilio OTP code to outgoing requests, used in BurpSuite Pro
      extension
      Java
      1000Updated May 29, 2025May 29, 2025

    • burp-extensions-montoya-api-examples

      Public
      Examples for using the Montoya API with Burp Suite
      Java
      Other
      1814521Updated May 28, 2025May 28, 2025

    • xss-cheatsheet-data

      Public
      This repository contains all the XSS cheatsheet data to allow contributions from the community.
      Other
      8542011Updated May 27, 2025May 27, 2025

    • ununicode

      Public
      "de-unicode" unicode escaped sequenses
      extension
      Java
      4100Updated May 23, 2025May 23, 2025

    • okta-totp-authenticator

      Public
      Burp Suite plugin that dynamically generates Okta TOTP 2FA code for use in session handling rules
      extension
      Java
      1000Updated May 23, 2025May 23, 2025

    • saml-raider

      Public
      SAML2 Burp Extension
      Java
      MIT License
      783200Updated May 23, 2025May 23, 2025

    • sqli-py

      Public
      SQLiPy is a Python plugin for Burp Suite that integrates SQLMap using the SQLMap API.
      Python
      The Unlicense
      949100Updated May 23, 2025May 23, 2025

    • extensibility-helper

      Public
      Java
      GNU General Public License v3.0
      3600Updated May 23, 2025May 23, 2025

    • inql

      Public
      InQL - A Burp Extension for GraphQL Security Testing
      Kotlin
      Apache License 2.0
      1684000Updated May 22, 2025May 22, 2025

    • active-scan-plus-plus

      Public
      ActiveScan++ Burp Suite Plugin
      Java
      Apache License 2.0
      19722400Updated May 22, 2025May 22, 2025

    • sequence-comparer

      Public
      Burp Suite Extension
      extension
      Python
      MIT License
      1000Updated May 22, 2025May 22, 2025

    • enterprise-helm-charts

      Public
      Helm charts for Burp Suite DAST Kubernetes installation.
      kubernetesenterpriseburpdasthelm-chart
      Smarty
      Apache License 2.0
      9523Updated May 22, 2025May 22, 2025

    • burp-suite-enterprise-edition-ami

      Public
      MIT License
      1400Updated May 22, 2025May 22, 2025

    • passkey-raider

      Public
      Burp Suite extension for testing Passkey systems.
      extension
      Java
      MIT License
      3000Updated May 21, 2025May 21, 2025

    • url-harvester

      Public
      This Burp Suite Extension, URL Harvester captures in-scope URLs from Burp's Proxy and Target tools, providing a GUI to view, manage, and export them.
      extension
      Java
      GNU General Public License v3.0
      1000Updated May 21, 2025May 21, 2025

    • ai-prompt-fuzzer

      Public
      Burp extension to fuzz/brute force GenAI/LLM prompts using a list of various payloads.
      Java
      GNU General Public License v3.0
      2700Updated May 20, 2025May 20, 2025

    • highlighter-and-extractor

      Public
      HaE - BurpSuite Highlighter and Extractor
      Java
      Apache License 2.0
      2692600Updated May 20, 2025May 20, 2025

    • certsquirt

      Public
      A golang PKI in less than 1000 lines of code.
      Go
      BSD 3-Clause "New" or "Revised" License
      3800Updated May 20, 2025May 20, 2025

    • magic-variables

      Public
      🪄 Magic variables is a Burp extension that provides helpful replacements in traffic such as random integers, random UUIDs and random strings.
      extension
      Java
      Other
      1000Updated May 16, 2025May 16, 2025

    • BChecks

      Public
      BChecks collection for Burp Suite Professional and Burp Suite DAST
      GNU Lesser General Public License v3.0
      128696271Updated May 15, 2025May 15, 2025

    • bambdas

      Public
      Bambdas collection for Burp Suite Professional and Community.
      Java
      GNU Lesser General Public License v3.0
      4832810Updated May 14, 2025May 14, 2025

    • collector-and-analyzer

      Public
      CaA - Collector and Analyzer, Insight into information, exploring with intelligence in a thousand ways.
      Java
      Apache License 2.0
      73100Updated May 14, 2025May 14, 2025

    • burp-extensions-montoya-api

      Public
      Burp Extensions Api
      Java
      Other
      9168170Updated May 13, 2025May 13, 2025

    • pdf-render

      Public
      BurpSuite extension that renders PDF files and allows viewing them in a custom tab in the response section inside the repeater
      extension
      Java
      1200Updated May 7, 2025May 7, 2025

    • url-cheatsheet-data

      Public
      This is the data that powers the PortSwigger URL validation bypass cheat sheet.
      JavaScript
      94910Updated May 2, 2025May 2, 2025

    • extension-template-project-wrapper

      Public
      Contains a ready-to-use extension template to help you start writing your extension immediately.
      Java
      1001Updated May 1, 2025May 1, 2025