Category: Burp


Black Window 10 v2

  Black Window Enterprise 10 Codename : Polemos Black Window 10 Enterprise is the first windows based penetration testing distribution with Linux integrated ! The system comes activated with a digital license for Windows enterprise! It supports windows apps and Linux apps, GUI and terminal apps! It comes with a tone off hacking tools plus all the tools that are included with the latest release of Cerberus Linux! It has managed to implement Cerberus os within windows. Offers the stability of a windows system…

BurpBurp ExtensionBurp SuiteBurp Suite ExtensionMacNEW TOOLSZipZIP File Raider

ZIP File Raider – Burp Extension For ZIP File Payload Testing

ZIP File Raider is a Burp Suite extension for attacking web application with ZIP file upload functionality. You can easily inject Burp Scanner/Repeater payloads in ZIP content of the HTTP requests which is not feasible by default. This extension helps to automate the extraction and compression steps.This software was created by Natsasit Jirathammanuwat during a cooperative education course at King Mongkut's University of Technology Thonburi (KMUTT).InstallationSet up Jython standalone Jar in Extender > Options > Python Environment > "Select file...".Add ZIP File Raider extension…

AES DecryptionAES EncryptionBurpBurp AES-KillerBurp ExtensionsBurp PluginBurpsuite ExtenderBurpsuite ToolsDecryptorMacNEW TOOLS

AES-Killer v3.0 – Burp Plugin To Decrypt AES Encrypted Traffic Of Mobile Apps On The Fly

Burpsuite Plugin to decrypt AES Encrypted traffic on the fly.RequirementsBurpsuiteJavaTested onBurpsuite 1.7.36Windows 10xubuntu 18.04Kali Linux 2018What it doesThe IProxyListener decrypt requests and encrypt responses, and an IHttpListener than encrypt requests and decrypt responses.Burp sees the decrypted traffic, including Repeater, Intruder and Scanner, but the client/mobile app and server see the encrypted version.NOTE: Currently support AES/CBC/PKCS5Padding encryption/decryption.How it worksRequire AES Encryption Key (Can be obtained by using frida script or reversing mobile app)Require AES Encryption Initialize Vector (Can be obtained by using frida script or…

AES DecryptionAES EncryptionAES-KillerBurpBurp ExtensionsBurp PluginBurpsuite ExtenderBurpsuite ToolsDecryptorNEW TOOLSParameter

AES-Killer – Burp Plugin To Decrypt AES Encrypted Traffic Of Mobile Apps

Burpsuite Plugin to decrypt AES Encrypted mobile app traffic.RequirementsBurpsuiteJavaTested onBurpsuite 1.7.36Windows 10xubuntu 18.04Kali Linux 2018What it doesDecrypt AES Encrypted traffic on proxy tabDecrypt AES Encrypted traffic on proxy, scanner, repeater and intruderHow it worksRequire AES Encryption Key (Can be obtained by reversing mobile app)Require AES Encryption Initialize Vector (Can be obtained by reversing mobile app)Request Parameter (Leave blank in case of whole request body)Response Parameter (Leave blank in case of whole response body)Character Separated with space for obfuscation on request/responseURL/Host of target to filter…

BurpBurp APIBurp SuiteGurpNEW TOOLS

Gurp – Golang command-line interface to Burp Suite’s REST API

RequirementsBurpSuite Professional v2.0.0beta or greater from PortSwiggerDependenciesgo get -u -v get -u -v get -u -v get -u -v version available here.Building# macOS binarymake darwin# Linux binarymake linux# Windows binarymake windows# Build releasesmake allUsage$ go run Gurp.go -hGurp - Interact with Burp API Flags: -h --help Displays help with available flag, subcommand, and positional value parameters. -t --target Burp Address. Default -p --port Burp API Port. Default 1337 -U --username Username for an authenticated scan -P --password Password for…

BurpBurpcommanderCommand InjectionNEW TOOLSScan

Burpcommander – Ruby Command-Line Interface To Burp Suite’s REST API

Ruby command-line interface to Burp Suite's REST APIUsageburpcommander VERSION: 1.0.1 - UPDATED: 08/29/2018 -t, --target [IP Address] Defaults to -p, --port [Port Number] Defaults to 1337 -k, --key [API Key] If you require an API key specify it here -i, --issue-type-id [String] String to search for. Example: "1048832" -n, --issue-name [String] String to search for. Example: "Command Injection" -D, --DESCRIPTION Returns the description of a requested issue -M, --METRICS Returns the scan_metrics for a given task_id -I, --ISSUES [Optional Number] Returns the issue_events…

AWSBurpCobalt StrikeEC2hideNsneakNEW TOOLS

hideNsneak – A CLI For Ephemeral Penetration Testing

This application assists in managing attack infrastructure for penetration testers by providing an interface to rapidly deploy, manage, and take down various cloud services. These include VMs, domain fronting, Cobalt Strike servers, API gateways, and firewalls.Black Hat Arsenal Video Demo Video - provides a simple interface that allows penetration testers to build ephemeral infrastructure -- one that requires minimal overhead. hideNsneak can: deploy, destroy, and list Cloud instances via EC2 and Digital Ocean (Google Cloud, Azure, and Alibaba Cloud coming soon)API Gateway (AWS)Domain…

BurpBurp ExtensionDiscoverMacNEW TOOLSTelewreckWeb

Telewreck – A Burp Extension To Detect And Exploit Versions Of Telerik Web UI Vulnerable To CVE-2017-9248

A Burp extension to detect and exploit versions of Telerik Web UI vulnerable to CVE-2017-9248. This extension is based on the original exploit tool written by Paul Taylor (@bao7uo) which is available at . Credits and big thanks to him.A related blog post on how to exploit web applications via Telerik Web UI can also be found here.FeaturesDetect vulnerable versions of Telerik Web UI during passive scans.Bruteforce the key and discover the "Document Manager" link just like the original exploit tool.ScreenshotsInstallationDownload to your…

BurpBurp SuiteCloudFlareDiscoverDiscoveryMacNEW TOOLSPython3RhinoSleuthQLSQLsql injection

SleuthQL – Burp History Parsing Tool To Discover Potential SQL Injection Points

SleuthQL is a python3 script to identify parameters and values that contain SQL-like syntax. Once identified, SleuthQL will then insert SQLMap identifiers (*) into each parameter where the SQL-esque variables were identified.Supported Request TypesSleuthQL requires an export of Burp's Proxy History. To gain this export, simply navigate to your proxy history tab, highlight every item and click "Save Items". Ensure that each request is saved using base64 encoding. When SleuthQL scans the proxy history file, outside of the regular URL parameters, it will be…

BurpBurp SuiteBurpBountyGREPMacNEW TOOLS

BurpBounty – A Extension Of Burp Suite That Improve An Active And Passive Scanner

This extension allows you, in a quick and simple way, to improve the active and passive burpsuite scanner by means of personalized rules through a very intuitive graphical interface. Through an advanced search of patterns and an improvement of the payload to send, we can create our own issue profiles both in the active scanner and in the passive. This Extension Requires Burp Suite Pro.- Usage:1. Config sectionProfile Manager: you can manage the profiles, enable, disable o remove any of them.Select Profile: you can choose…