Burpsuite 资料整理

Burpsuite 资料整理, 整到一起比较方便。

大家有更多关于Burpsuite的Tip请一起增量。谢谢！

 

 

插件

序号	名称	功能	参考文档
1	Turbo intruder	并发	https://www.freebuf.com/sectool/243953.html https://blog.csdn.net/qq_28205153/article/details/113832488
2	ddddocr	验证码爆破	https://www.t00ls.com/thread-64254-1-2.html
3	xp_CAPTCHA	burp 插件 验证码识别	https://www.t00ls.com/thread-66205-1-2.html
4	RouteVulScan	一个用来挖掘路径相关漏洞burp插件	https://www.t00ls.com/thread-66114-1-2.html https://github.com/F6JO/RouteVulScan
5	xia SQL (瞎注)	每个参数后面填加一个单引号，两个单引号，一个简单的判断注入小插件	https://github.com/smxiazi/xia_sql
6	HaE	信息高亮与提取者	https://www.t00ls.com/thread-58253-1-2.html https://github.com/gh0stkey/HaE
7	BurpCrypto	BurpCrypto加解密	https://www.t00ls.com/thread-65078-1-2.html https://github.com/whwlsfb/BurpCrypto
8	BurpBountyPlus	BurpBounty 魔改版本	https://github.com/ggg4566/BurpBountyPlus https://www.t00ls.com/thread-65127-1-2.html
9	CaA	CaA -  BurpSuite流量收集和分析插件	https://github.com/gh0stkey/CaA https://www.t00ls.com/thread-63366-1-2.html
10	copy-go	burp插件-copy-go	https://www.t00ls.com/thread-62891-1-2.html
11	HopLa	burpsuie的payload自动补全工具	https://www.t00ls.com/thread-61497-1-2.html https://github.com/synacktiv/HopLa
12	burp插件	burp插件	https://www.t00ls.com/thread-58240-1-2.html https://www.t00ls.com/redirect.php?goto=findpost&;ptid=58240&pid=961604
13	BurpShiroPassiveScan插件	BurpShiroPassiveScan插件较为完整key版本	https://www.t00ls.com/thread-61066-1-2.html https://github.com/pmiaowu/BurpShiroPassiveScan
14	Charset_encoding-Burp	利用字符集编码绕过waf	https://github.com/GuoKerS/Charset_encoding-Burp https://www.t00ls.com/thread-60120-1-2.html
15	BurpFakeIP	Burpsuit  伪造ip爆破脚本BurpFakeIP	https://www.t00ls.com/thread-57080-1-2.html https://github.com/TheKingOfDuck/burpFakeIP
16	burpsuite_jsapi	一个用于查找JS文件中API接口的BurpSuite插件(Python)	https://www.t00ls.com/thread-54286-1-2.html https://github.com/0x-zmz/burpsuite_jsapi
17	BurpSuite - Authz	基于BurpSuite快速探测越权-Authz插件	https://mp.weixin.qq.com/s/pxkM7wwGLNexA1RZhtes9A https://www.t00ls.com/thread-53394-1-2.html (关于burp内容自动替换的问题)
18	chunked-coding-converter	Burp suite分块传输插件	https://github.com/c0ny1/chunked-coding-converter https://www.t00ls.com/thread-50275-1-2.html
19	NoPE Proxy	Burp Suite 的非 HTTP  协议扩展 (NoPE) 代理和 DNS	https://github.com/summitt/Burp-Non-HTTP-Extension https://www.t00ls.com/thread-42857-1-2.html
20	HTTPHeadModifer	HTTPHeadModifer:一款快速修改HTTP数据包头的Burp  Suite插件	https://www.t00ls.com/thread-47371-1-2.html https://github.com/c0ny1/HTTPHeadModifer/
21	HackBar	Burpsuite 的 HackBar  插件	https://github.com/d3vilbug/HackBar https://www.t00ls.com/thread-47851-1-2.html
22	Unicode To Chinese	Unicode转中文的burpsuite插件	https://www.t00ls.com/thread-46957-1-2.html https://github.com/bit4woo/u2c/releases
23	knife	添加一些右键菜单让burp用起来更顺畅	https://github.com/bit4woo/knife https://www.t00ls.com/thread-46344-1-2.html
24	shiro被动检测	8楼liuxiu添加 burp的shiro被动检测插件	https://github.com/pmiaowu/BurpShiroPassiveScan
25	Fastjson	8楼liuxiu添加 Fastjson检测	https://github.com/pmiaowu/BurpFastJsonScan
26	log4j2	9楼BlackHorse添加 log4j2 监测插件	https://www.t00ls.com/thread-64121-1-2.html
27	xia Liao (瞎料) 1.0	burp插件 xia Liao (瞎料) 快速生成注册需要的资料	https://www.t00ls.com/thread-66987-1-2.html https://github.com/smxiazi/xia_Liao
28	Spring Core RCE 漏洞检测工具	Spring Core RCE 漏洞检测工具	https://www.t00ls.com/viewthread.php?tid=65348
29	burp联动sqlmapapi	burp联动sqlmapapi	https://www.t00ls.com/viewthread.php?tid=67711

插件编写

序号	标题	链接
1	从验证码爆破开始的burp插件学习	https://www.t00ls.com/thread-64264-1-2.html
2	Python编写Burpsuite插件(1)	https://www.t00ls.com/thread-65589-1-2.html
3	编写简单burp插件	https://www.t00ls.com/thread-61654-1-2.html https://github.com/S9MF/sql-sup
4	BurpSuite插件-HAE修改、测试、规则分享	https://www.t00ls.com/thread-60400-1-2.html
5	怎么高效开发burp插件	https://www.t00ls.com/thread-51859-1-2.html
6	使用Python编写burpsuite插件	https://www.t00ls.com/thread-49796-1-2.html https://portswigger.net/burp/extender/writing-your-first-burp-suite-extension
7	burpsuite插件开发之检测越权访问漏洞	https://www.t00ls.com/thread-45788-1-2.html

Burpsuite 文章

序号	标题	链接
1	win下微信小程序一键抓包教程，非proxifler+burp方案	https://www.t00ls.com/thread-65726-1-2.html
2	最新版本 破解教程	https://github.com/x-Ai/BurpSuite
3	Proxifier+Burpsuite  联动抓取PC端微信小程序http(s)数据包	https://www.t00ls.com/thread-65591-1-2.html
4	sqlmap+burp组合fuzzy并绕过过滤	https://www.t00ls.com/thread-35855-1-2.html
5	武装你的BurpSuite	https://www.t00ls.com/thread-65095-1-2.html
6	sql注入扫描工具/burpsuite	https://www.t00ls.com/thread-64455-1-2.html
7	burpsuite怎么设置延迟爆破	https://www.t00ls.com/thread-51342-1-2.html
8	Burp  Suite使用的几个小技巧【更新】	https://www.t00ls.com/thread-49051-1-2.html
9	使用burp绕过token验证爆破后台（以fastadmin为例）	https://www.t00ls.com/thread-57373-1-2.html
10	关于burpsuite 扩展插件websocket模块不可用问题	https://www.t00ls.com/thread-62615-1-2.html https://www.freebuf.com/articles/web/189994.html https://xz.aliyun.com/t/2572
11	burp光标错位解决方法	https://www.t00ls.com/thread-61131-1-2.html
12	burp新版默认使用HTTP/2	https://www.t00ls.com/thread-60691-1-2.html https://www.t00ls.com/redirect.php?goto=findpost&;ptid=61254&pid=1008428
13	burp 中宏功能的实用技巧	https://www.t00ls.com/thread-61056-1-2.html
14	BURP 商店插件目录及功能介绍	https://www.t00ls.com/thread-58902-1-2.html
15	使用xray被动式扫描增强awvs  burp扫描能力	https://www.t00ls.com/thread-54456-1-2.html
16	一款相当于TCP协议版的BURP抓包工具	https://www.t00ls.com/thread-51069-1-2.html
17	Burpsuite如何抓取Tor  Browser的数据包	https://www.t00ls.com/thread-50564-1-2.html
18	burpsuite实战指南	https://t0data.gitbooks.io/burpsuite/content/chapter1.html https://github.com/xl7dev/Burpsuite
19	Burp如何重复发送上传文件的包	https://www.t00ls.com/thread-44663-1-2.html
20	Burpsuite自带小功能分享	https://www.t00ls.com/thread-44422-1-2.html
21	新版本保存httplog 选项在哪	https://www.t00ls.com/thread-44634-1-2.html
22	利用burp的扩展插件秒破一句话密码	https://www.t00ls.com/thread-40724-1-2.html