111

插件名称 url 描述
JS Link Finder BApp Store 被动扫描js文件内的url
Turbo Intruder BApp Store 用于发送大量HTTP请求并分析结果(爆破)
HAE https://github.com/gh0stkey/HaE 请求高亮标记与信息提取
CO2 BApp Store 加了一些工具
BurpShiroPassiveScan https://github.com/pmiaowu/BurpShiroPassiveScan 基于BurpSuite的被动式shiro检测插件
APIKit https://github.com/API-Security/APIKit 主动/被动扫描发现应用泄露的API文档
xia SQL https://github.com/smxiazi/xia_sql 简单的判断注入
BurpFastJsonScan https://github.com/pmiaowu/BurpFastJsonScan 被动式FastJson检测
Log4j2Scan https://github.com/whwlsfb/Log4j2Scan Log4j2被动扫描
log4j2burpscanner https://github.com/f0ng/log4j2burpscanner Log4j2被动扫描
Flow BApp Store 筛选来自Burp工具的所有完整和不完整请求
Autorize BApp Store 授权检测插件
shiro scan https://github.com/pmiaowu/BurpShiroPassiveScan 被动式shiro检测
FastjsonScan https://github.com/Maskhe/FastjsonScan Fastjson反序列化检测
HackTools https://github.com/Vicl1fe/HackTools 一些小工具
knife https://github.com/bit4woo/knife 添加一些右键菜单
captcha-killer-modified https://github.com/f0ng/captcha-killer-modified 验证码爆破
upload scanner https://github.com/portswigger/upload-scanner 上传模块扫描
Auth Analyzer https://github.com/portswigger/auth-analyzer 授权检测插件
HTTP Request Smuggler https://github.com/portswigger/http-request-smuggler http请求走私协议
TsojanScan https://github.com/Tsojan/TsojanScan 集成的BurpSuite漏洞探测插件