Hack-Tools – The All-In-One Red Team Extension For Web Pentester

The all-in-one Red Team browser extension for Web PentestersHackTools, is a web extension facilitating your web application penetration tests, it includes cheat sheets as well as all the tools used during a test such as XSS payloads, Reverse shells and much more.With the extension you no longer need to search for payloads in different websitesRead More

AuthMatrix – A Burp Suite Extension That Provides A Simple Way To Test Authorization

AuthMatrix is an extension to Burp Suite that provides a simple way to test authorization in web applications and web services. With AuthMatrix, testers focus on thoroughly defining tables of users, roles, and requests for their specific target application upfront. These tables are structured in a similar format to that of an access control matrixRead More

Behave – A Monitoring Browser Extension For Pages Acting As Bad Boys

A (Still in Development) monitoring browser extension for pages acting as bad boys.NB: This is the code repository of the project, if you’re looking for the packed extensions:Firefox: https://addons.mozilla.org/en-US/firefox/addon/behave/Chrome: https://chrome.google.com/webstore/detail/mppjbkhgconmemoeagfbgilblohhcica/Introduction.Behave! monitors and warn if a web page performs any of following actions: Browser based Port Scan Access to Private IPs DNS Rebinding attacks to PrivateRead More

InQL – A Burp Extension For GraphQL Security Testing

A security testing tool to facilitate GraphQL technology security auditing efforts. InQL can be used as a stand-alone script or as a Burp Suite extension.InQL Stand-Alone CLIRunning inql from Python will issue an Introspection query to the target GraphQL endpoint in order fetch metadata information for: Queries, mutations, subscriptions Its fields and arguments Objects andRead More

TeaBreak – A Productivity Burp Extension Which Reminds To Take Break While You Are At Work!

TeaBreak is a simple burp extension for security researchers and bug bounty hunters for helping them to increase their work productivity. We know how much health is important. It is recommended to take break from your work to avoid burnout, reduce eye strain and other health problems.How? Set your break time before commencement of yourRead More

Generator-Burp-Extension – Everything You Need About Burp Extension Generation

Everything You Need About Burp Extension Generation InstallationFirst, install Yeoman and generator-burp-extension using npm (we assume you have pre-installed node.js). npm install -g yonpm install -g generator-burp-extension Then generate your new project: yo burp-extension Burp Extension featuresWhen you generate your plugin project, the generator will ask you what features should be included in your plugin.Read More

Burp Exporter – A Burp Suite Extension To Copy A Request To The Clipboard As Multiple Programming Languages Functions

Exporter is a Burp Suite extension to copy a request to the clipboard as multiple programming languages functions.You can export as: cURL Wget Python Request Perl LWP PHP HTTP_Request2 Go Native NodeJS Request jQuery AJAX PowerShell Requirements Jython >= 2.7.1 Burp Suite importIn Burp Suite, under the Extender/Extensions tab, click on the Add button, selectRead More

crauEmu – An uEmu Extension For Developing And Analyzing Payloads For Code-Reuse Attacks

crauEmu is an uEmu extension for developing and analyzing payloads for code-reuse attacks. Slides from ZeroNights 2019 Demo 1 – X32-64, Edge, rop-gadgets from pwnjs Demo 2 – ARM64, checkm8 callback-chain * Mascot designed by @kottsarapkin RopEditor Installation Put the file crauEmu.py in same location as uEmu.py. Use File / Script file… or ALT+F7 in IDARead More

Privacy Badger – A Browser Extension That Automatically Learns To Block Invisible Trackers

Privacy Badger is a browser extension that automatically learns to block invisible trackers. Instead of keeping lists of what to block, Privacy Badger learns by watching which domains appear to be tracking you as you browse the Web. Privacy Badger sends the Do Not Track signal with your browsing. If trackers ignore your wishes, yourRead More

InQL Scanner – A Burp Extension For GraphQL Security Testing

A security testing tool to facilitate GraphQL technology security auditing efforts. InQL can be used as a stand-alone script, or as a Burp Suite extension.InQL Stand-AloneRunning inql from Python will issue an Introspection query to the target GraphQL endpoint in order fetch metadata information for: Queries, mutations, subscriptions Its fields and arguments Objects and customRead More

X