Hack-Tools v0.3.0 – The All-In-One Red Team Extension For Web Pentester

The all-in-one Red Team browser extension for Web Pentesters HackTools, is a web extension facilitating your web application penetration tests, it includes cheat sheets as well as all the tools used during a test such as XSS payloads, Reverse shells and much more. With the extension you no longer need to search for payloads inRead More

403Bypasser – Burpsuite Extension To Bypass 403 Restricted Directory

An burpsuite extension to bypass 403 restricted directory. By using PassiveScan (default enabled), each 403 request will be automatically scanned by this extension, so just add to burpsuite and enjoy. Payloads: $1: HOSTNAME $2: PATH $1/$2$1/%2e/$2$1/$2/.$1//$2//$1/./$2/./$1/$2anything -H “X-Original-URL: /$2” $1/$2 -H “X-Custom-IP-Authorization: 127.0.0.1” $1 -H “X-Rewrite-URL: /$2″$1/$2 -H “Referer: /$2″$1/$2 -H “X-Originating-IP: 127.0.0.1″$1/$2 -H “X-Forwarded-For:Read More

Widevine-L3-Decryptor – A Chrome Extension That Demonstrates Bypassing Widevine L3 DRM

Widevine is a Google-owned DRM system that’s in use by many popular streaming services (Netflix, Spotify, etc.) to prevent media content from being downloaded. But Widevine’s least secure security level, L3, as used in most browsers and PCs, is implemented 100% in software (i.e no hardware TEEs), thereby making it reversible and bypassable. This ChromeRead More

Hack-Tools – The All-In-One Red Team Extension For Web Pentester

The all-in-one Red Team browser extension for Web PentestersHackTools, is a web extension facilitating your web application penetration tests, it includes cheat sheets as well as all the tools used during a test such as XSS payloads, Reverse shells and much more.With the extension you no longer need to search for payloads in different websitesRead More

AuthMatrix – A Burp Suite Extension That Provides A Simple Way To Test Authorization

AuthMatrix is an extension to Burp Suite that provides a simple way to test authorization in web applications and web services. With AuthMatrix, testers focus on thoroughly defining tables of users, roles, and requests for their specific target application upfront. These tables are structured in a similar format to that of an access control matrixRead More

Behave – A Monitoring Browser Extension For Pages Acting As Bad Boys

A (Still in Development) monitoring browser extension for pages acting as bad boys.NB: This is the code repository of the project, if you’re looking for the packed extensions:Firefox: https://addons.mozilla.org/en-US/firefox/addon/behave/Chrome: https://chrome.google.com/webstore/detail/mppjbkhgconmemoeagfbgilblohhcica/Introduction.Behave! monitors and warn if a web page performs any of following actions: Browser based Port Scan Access to Private IPs DNS Rebinding attacks to PrivateRead More

InQL – A Burp Extension For GraphQL Security Testing

A security testing tool to facilitate GraphQL technology security auditing efforts. InQL can be used as a stand-alone script or as a Burp Suite extension.InQL Stand-Alone CLIRunning inql from Python will issue an Introspection query to the target GraphQL endpoint in order fetch metadata information for: Queries, mutations, subscriptions Its fields and arguments Objects andRead More

TeaBreak – A Productivity Burp Extension Which Reminds To Take Break While You Are At Work!

TeaBreak is a simple burp extension for security researchers and bug bounty hunters for helping them to increase their work productivity. We know how much health is important. It is recommended to take break from your work to avoid burnout, reduce eye strain and other health problems.How? Set your break time before commencement of yourRead More

Generator-Burp-Extension – Everything You Need About Burp Extension Generation

Everything You Need About Burp Extension Generation InstallationFirst, install Yeoman and generator-burp-extension using npm (we assume you have pre-installed node.js). npm install -g yonpm install -g generator-burp-extension Then generate your new project: yo burp-extension Burp Extension featuresWhen you generate your plugin project, the generator will ask you what features should be included in your plugin.Read More

Burp Exporter – A Burp Suite Extension To Copy A Request To The Clipboard As Multiple Programming Languages Functions

Exporter is a Burp Suite extension to copy a request to the clipboard as multiple programming languages functions.You can export as: cURL Wget Python Request Perl LWP PHP HTTP_Request2 Go Native NodeJS Request jQuery AJAX PowerShell Requirements Jython >= 2.7.1 Burp Suite importIn Burp Suite, under the Extender/Extensions tab, click on the Add button, selectRead More

X