Burp Suite Certified Practitioner Exam Study

HTTP Request Smuggling Detection Tool

Roadmap for Web Application Penetration Testing | FREE Resources (Not Pirated)

Writeups for PortSwigger WebSecurity Academy

Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.

A burp suite extension that reviews backup, old, temporary and unreferenced files on web server for sensitive information (OWASP WSTG-CONF-04, OTG-CONFIG-004)

A collection of solutions for every PortSwigger Academy Lab (in progress)

Scripts for solving WebSecurity Academy labs of PortSwigger using Python

A cheatsheet for common JavaScript sources and sinks that lead to potential vulnerabilities.

Scripts for solving WebSecurity Academy labs of PortSwigger using Rust

My notes/solutions to the problems in "The Web Application Hacker's Handbook" (https://portswigger.net/web-security/web-application-hackers-handbook)

Writeups & Walkthroughs of various CTF challenges and boxes

Solutions from @PortSwigger labs

🎓 Roadmap to conquer PortSwigger Web Security Academy labs — SQLi, XSS, CSRF & more 🛡️🕵️‍♂️

Writeups by zer00d4y

It is a burpsuite introduction and these are 5 lab I performed in Burpsuite.

Writeups for Portswigger penetration testing labs

This is my space for practicing portswigger labs and web vulnerabilities

This repository contains a python package named 'burplabs' which is an PortSwigger's Web Security Academy labs soluction in the form of python script. Each script includes the lab's name, proxy settings, and step-by-step solution, as well as any additional notes.

A BurpSuite extention to upload the sitemap to a notion database to organize which endpoint need to be tested.

Burp Suite Certified Practitioner - Portswigger - My notes - Guide

A blind SQL injection script that uses binary search aka bisection method to dump datas from database.

This extension allows you to detect implementations of postMessage function, addEventListener("message",function) event handler and onMessage function.

Optimize your web vulnerability assessments with PassiveDigger, a comprehensive Burp Suite extension that specializes in passive traffic analysis. Detect potential vulnerabilities, get actionable insights, and supercharge your security audits.

Burp bridge to FFUF

Self-learn Web Security with PortSwigger

Automation scripts for PortSwigger labs

Notes+ is a Burp Suite extension designed to provide a seamless note-taking experience directly within Burp Suite. It allows security testers and developers to efficiently create, manage, and organize their findings, observations, and thoughts using Markdown, with a live HTML preview.

Repositorio exclusivo para alojar toda la serie de payloads y soluciones a los Laboratorios ofrecidos por Portswigger Web Academy sobre Hacking Web con el fin de optimizar mi tiempo para la preparación del BSCP.

Scripts to help with solving labs on PortSwigger Web Security Academy