HackBar plugin for Burpsuite

Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.

Awesome Burp Suite Resources. 400+ open source Burp plugins, 400+ posts and videos.

InQL - A Burp Extension for GraphQL Security Testing

reCAPTCHA = REcognize CAPTCHA: A Burp Suite Extender that recognize CAPTCHA and use for intruder payload 自动识别图形验证码并用于burp intruder爆破模块的插件

A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅

A Burp Suite Extender that try to find sub-domain, similar-domain and related-domain of an organization, not only a domain! 利用burp收集整个企业、组织的域名（不仅仅是单个主域名）的插件

有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file

Burp Suite extension to discover apikeys/accesstokens and sensitive data from HTTP response.

Burp plugin to decrypt AES Encrypted traffic of mobile apps on the fly

Intercept, modify, repeat and attack Android's Binder transactions using Burp Suite

Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.

sqlmap4burp++是一款兼容Windows，mac，linux多个系统平台的Burp与sqlmap联动插件

burp验证码识别接口调用插件

Burp Extender plugin that generates a sitemap of a website using Wayback Machine

BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite).

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

Turn your Burp suite into headless active web application vulnerability scanner

jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints. This could help reveal cross-site script inclusion vulnerabilities or aid in bypassing content security policies.

Security checks pack for Burp Suite

一款快速修改HTTP数据包头的Burp Suite插件

Exporter is a Burp Suite extension to copy a request to the clipboard as multiple programming languages functions.

Unicode To Chinese -- U2C : A burpsuite Extender That Convert Unicode To Chinese 【Unicode编码转中文的burp插件】

Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in their official BApp Store).

SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.

SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing

CSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

Burp extension helps in finding blind xss vulnerabilities