Skip to main content

Burp Plugins

  1. Autorize - To Test BACs
  2. Burp Bounty - Profile-based Scanner
  3. Active Scan++ - Add more power to Burp's Active Scanner
  4. AuthMatrix - Authorization/PrivEsc Checks
  5. Broken Link Hijacking - For BLH
  6. Collaborator Everywhere - Pingback/SSRF
  7. Command Injection Attacker
  8. Content-Type Converter - Trying to bypass certain restrictions by changing Content-Type
  9. Decoder Improved - More Decoder Features
  10. Freddy - Deserialization
  11. Flow - Better HTTP History
  12. Hackvertor - Handy type conversion
  13. HTTP Request Smuggler
  14. Hunt - Potential Vuln Identifier
  15. InQL - GraphQL Introspection testing
  16. J2EE Scan - Scanning J2EE Apps
  17. JSON/JS Beautifier
  18. JSON Web Token Attacker
  19. ParamMiner - Mine Hidden Parameters
  20. Reflected File Download Checker
  21. Reflected Parameter - Potential Reflection
  22. SAML Raider - SAML Testing
  23. Upload Scanner - File Upload Tester
  24. Web Cache Deception Scanner

Credits: https://twitter.com/harshbothra_/status/1299720306777415680