BadIntent is the missing link between the Burp Suite and the core Android's IPC/Messaging-system. BadIntent consists of two parts, an Xposed-based module running on Android and a Burp-plugin. Based on this interplay, it is possible to use the Burp's common workflow and all involved tools and extensions, since the intercept and repeater functionality is provided. BadIntent hooks deeply into the Android system, performs various method redirections in Parcels and adds additional services to provide the described features. Most notably, BadIntent works system-wide (experimental) and is not restricted to individual user apps. The most handy approach is to install BadIntent Android from the Xposed Module Repository and BadIntent Burp from the Burp’s BApp Store. Both are made available/submitted before the Arsenal presentation of BadIntent in Black Hat Las Vegas 2017.
android burp-extensions pentesting mobile-securityBurp-molly-pack is Yandex security checks pack for Burp. The main goal of Burp-molly-pack is to extend Burp checks. Plugins contains Active and Passive security checks.
security burp-extensions burp-plugin vulnerability-detection burpsuite burpsuite-proThe main goal of Burp-molly-scanner is to extend Burp and turn it into headless active scanner.
security burp-extensions vulnerability-scanners automated-testingA Burp Suite extender that search sub domains,similar domains and related domains from sitemap. Some times similar domain and related domains give you surprise^_^. that's why I care about it. 2017-07-28: Add a function to crawl all known subdomains; fix some bug.
domain-hunter subdomain burp-extensions burp-plugin spider sitemap similar-domain related-domain certification subject-alternative-namereCAPTCHA = REcognize CAPTCHA: A Burp Suite Extender that recognize CAPTCHA and use for intruder payload
burp-extensions burp-plugin captcha intruder burpsuite recaptcha recognize-captcha recognizes-imagesA burp extender that recalculate signature value automatically after you modified request parameter value.but you need to know the signature algorithm detail and configure at GUI. More and more mobile developers begin to use the signature algorithm to improve the security of App. when we test the App generated requests, always need to recalculate the sign value and update it again and again to make the request pass the server check.
extender sign signature-algorithms secretkey sha1 md5 burp-extensions resignUnicode To Chinese -- U2C : A burpsuite Extender That Convert Unicode To Chinese
burp-extensions burp-plugin burpsuite-extender unicode chinese一款快速修改HTTP数据包头的Burp Suite插件
burp-extensions httphelperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 9200+ malicious cryptocurrency mining domains (cryptojacking). As this is the first build of Minesweeper lists are currently built based on CoinBlockerLists. As the project matures more sources will be added, as well as direct code checks. Since CoinBlockerLists updates quite frequently code is included to allow you to manually update your source list from the CoinBlockerLists github project.
burpsuite burpsuitepro burp-extensions burp-plugin web-security hacking hacking-tool web-application-hacking cryptocurrency bitcoin coinhive coinhive-miners blacklist blacklist-extension bugbounty security-audit security-tools security-scanner penetration-testing cryptojackingThis extension will scan some sensitive files (backup files likes .index.php.swp or .git directory) in web server that makes solving CTF challenge faster. Set up jython variable correctly.
burp burp-extensions ctfThe plugin has several settings that a user can define depending on their hardware setup.
security-tools burp burpsuite burp-extensions information-retrieval osint
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.