Burpsuite 资料整理

2022-07-02 01:17:18 115 15962 13


Burpsuite 资料整理, 整到一起比较方便。

大家有更多关于Burpsuite的Tip请一起增量。谢谢!

插件

序号名称功能参考文档
1Turbo intruder并发https://www.freebuf.com/sectool/243953.html
https://blog.csdn.net/qq_28205153/article/details/113832488
2ddddocr验证码爆破https://www.t00ls.com/thread-64254-1-2.html
3xp_CAPTCHAburp 插件 验证码识别https://www.t00ls.com/thread-66205-1-2.html
4RouteVulScan一个用来挖掘路径相关漏洞burp插件https://www.t00ls.com/thread-66114-1-2.html
https://github.com/F6JO/RouteVulScan
5xia SQL (瞎注)每个参数后面填加一个单引号,两个单引号,一个简单的判断注入小插件https://github.com/smxiazi/xia_sql
6HaE信息高亮与提取者https://www.t00ls.com/thread-58253-1-2.html
https://github.com/gh0stkey/HaE
7BurpCryptoBurpCrypto加解密https://www.t00ls.com/thread-65078-1-2.html
https://github.com/whwlsfb/BurpCrypto
8BurpBountyPlus BurpBounty 魔改版本https://github.com/ggg4566/BurpBountyPlus
https://www.t00ls.com/thread-65127-1-2.html
9CaA CaA -  BurpSuite流量收集和分析插件https://github.com/gh0stkey/CaA
https://www.t00ls.com/thread-63366-1-2.html
10copy-goburp插件-copy-gohttps://www.t00ls.com/thread-62891-1-2.html
11HopLaburpsuie的payload自动补全工具https://www.t00ls.com/thread-61497-1-2.html
https://github.com/synacktiv/HopLa
12burp插件burp插件https://www.t00ls.com/thread-58240-1-2.html
https://www.t00ls.com/redirect.php?goto=findpost&;ptid=58240&pid=961604
13BurpShiroPassiveScan插件BurpShiroPassiveScan插件较为完整key版本https://www.t00ls.com/thread-61066-1-2.html
https://github.com/pmiaowu/BurpShiroPassiveScan
14Charset_encoding-Burp利用字符集编码绕过wafhttps://github.com/GuoKerS/Charset_encoding-Burp
https://www.t00ls.com/thread-60120-1-2.html
15BurpFakeIPBurpsuit  伪造ip爆破脚本BurpFakeIPhttps://www.t00ls.com/thread-57080-1-2.html
https://github.com/TheKingOfDuck/burpFakeIP
16burpsuite_jsapi一个用于查找JS文件中API接口的BurpSuite插件(Python)
https://www.t00ls.com/thread-54286-1-2.html
https://github.com/0x-zmz/burpsuite_jsapi
17BurpSuite - Authz基于BurpSuite快速探测越权-Authz插件https://mp.weixin.qq.com/s/pxkM7wwGLNexA1RZhtes9A
https://www.t00ls.com/thread-53394-1-2.html (关于burp内容自动替换的问题)
18chunked-coding-converterBurp suite分块传输插件https://github.com/c0ny1/chunked-coding-converter
https://www.t00ls.com/thread-50275-1-2.html
19NoPE ProxyBurp Suite 的非 HTTP  协议扩展 (NoPE) 代理和 DNShttps://github.com/summitt/Burp-Non-HTTP-Extension
https://www.t00ls.com/thread-42857-1-2.html
20HTTPHeadModiferHTTPHeadModifer:一款快速修改HTTP数据包头的Burp  Suite插件https://www.t00ls.com/thread-47371-1-2.html
https://github.com/c0ny1/HTTPHeadModifer/
21HackBarBurpsuite 的 HackBar  插件https://github.com/d3vilbug/HackBar
https://www.t00ls.com/thread-47851-1-2.html
22Unicode To ChineseUnicode转中文的burpsuite插件https://www.t00ls.com/thread-46957-1-2.html
https://github.com/bit4woo/u2c/releases
23knife添加一些右键菜单让burp用起来更顺畅https://github.com/bit4woo/knife
https://www.t00ls.com/thread-46344-1-2.html
24shiro被动检测8楼liuxiu添加 burp的shiro被动检测插件https://github.com/pmiaowu/BurpShiroPassiveScan
25Fastjson8楼liuxiu添加 Fastjson检测https://github.com/pmiaowu/BurpFastJsonScan
26log4j29楼BlackHorse添加 log4j2 监测插件https://www.t00ls.com/thread-64121-1-2.html
27xia Liao (瞎料) 1.0burp插件 xia Liao (瞎料) 快速生成注册需要的资料https://www.t00ls.com/thread-66987-1-2.html
https://github.com/smxiazi/xia_Liao
28Spring Core RCE 漏洞检测工具Spring Core RCE 漏洞检测工具https://www.t00ls.com/viewthread.php?tid=65348
29burp联动sqlmapapiburp联动sqlmapapihttps://www.t00ls.com/viewthread.php?tid=67711


插件编写
序号标题链接
1从验证码爆破开始的burp插件学习https://www.t00ls.com/thread-64264-1-2.html
2Python编写Burpsuite插件(1)https://www.t00ls.com/thread-65589-1-2.html
3编写简单burp插件https://www.t00ls.com/thread-61654-1-2.html
https://github.com/S9MF/sql-sup
4BurpSuite插件-HAE修改、测试、规则分享https://www.t00ls.com/thread-60400-1-2.html
5怎么高效开发burp插件https://www.t00ls.com/thread-51859-1-2.html
6使用Python编写burpsuite插件https://www.t00ls.com/thread-49796-1-2.html
https://portswigger.net/burp/extender/writing-your-first-burp-suite-extension
7burpsuite插件开发之检测越权访问漏洞https://www.t00ls.com/thread-45788-1-2.html

Burpsuite 文章
序号标题 链接
1win下微信小程序一键抓包教程,非proxifler+burp方案https://www.t00ls.com/thread-65726-1-2.html
2最新版本 破解教程https://github.com/x-Ai/BurpSuite
3Proxifier+Burpsuite  联动抓取PC端微信小程序http(s)数据包https://www.t00ls.com/thread-65591-1-2.html
4sqlmap+burp组合fuzzy并绕过过滤https://www.t00ls.com/thread-35855-1-2.html
5武装你的BurpSuitehttps://www.t00ls.com/thread-65095-1-2.html
6sql注入扫描工具/burpsuitehttps://www.t00ls.com/thread-64455-1-2.html
7burpsuite怎么设置延迟爆破https://www.t00ls.com/thread-51342-1-2.html
8Burp  Suite使用的几个小技巧【更新】https://www.t00ls.com/thread-49051-1-2.html
9使用burp绕过token验证爆破后台(以fastadmin为例)https://www.t00ls.com/thread-57373-1-2.html
10 关于burpsuite 扩展插件websocket模块不可用问题https://www.t00ls.com/thread-62615-1-2.html
https://www.freebuf.com/articles/web/189994.html
https://xz.aliyun.com/t/2572
11burp光标错位解决方法https://www.t00ls.com/thread-61131-1-2.html
12burp新版默认使用HTTP/2https://www.t00ls.com/thread-60691-1-2.html
https://www.t00ls.com/redirect.php?goto=findpost&;ptid=61254&pid=1008428
13burp 中宏功能的实用技巧https://www.t00ls.com/thread-61056-1-2.html
14BURP 商店插件目录及功能介绍https://www.t00ls.com/thread-58902-1-2.html
15使用xray被动式扫描增强awvs  burp扫描能力https://www.t00ls.com/thread-54456-1-2.html
16一款相当于TCP协议版的BURP抓包工具https://www.t00ls.com/thread-51069-1-2.html
17Burpsuite如何抓取Tor  Browser的数据包https://www.t00ls.com/thread-50564-1-2.html
18burpsuite实战指南https://t0data.gitbooks.io/burpsuite/content/chapter1.html
https://github.com/xl7dev/Burpsuite
19Burp如何重复发送上传文件的包https://www.t00ls.com/thread-44663-1-2.html
20Burpsuite自带小功能分享https://www.t00ls.com/thread-44422-1-2.html
21新版本保存httplog 选项在哪https://www.t00ls.com/thread-44634-1-2.html
22利用burp的扩展插件秒破一句话密码https://www.t00ls.com/thread-40724-1-2.html


----change logs:
1. 2022.11.19 新增 {【xia Liao (瞎料) 1.0】,【Spring Core RCE 漏洞检测工具】,【burp联动sqlmapapi】}
----other:
论坛出现链接后登陆状态消失,【已解决】
复现方法: "https://www.t00ls.com/viewthread.php?tid=66257"  (选中链接-->右键-->点转到) 登陆状态清除
类别 安全研究

关于作者

t0ols73篇文章313篇回复

https://www.t00ls.net/memcp.php?action=creditslog&operation=attachpaymentlog
https://www.t00ls.net/stats.php?type=threadsrank

t0ols
115

评论115次

要评论?请先  登录  或  注册