"Data":"| Burp/PASV | [Autorize](https://github.com/Quitten/Autorize) | Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests | ![](https://img.shields.io/github/stars/Quitten/Autorize) | ![](https://img.shields.io/github/languages/top/Quitten/Autorize) |",
"Method":"PASV",
"Type":"Burp"
},
"BurpJSLinkFinder":{
"Data":"| Burp/PASV | [BurpJSLinkFinder](https://github.com/InitRoot/BurpJSLinkFinder) | Burp Extension for a passive scanning JS files for endpoint links. | ![](https://img.shields.io/github/stars/InitRoot/BurpJSLinkFinder) | ![](https://img.shields.io/github/languages/top/InitRoot/BurpJSLinkFinder) |",
"Data":"| Burp/PASV | [BurpSuite-Secret_Finder](https://github.com/m4ll0k/BurpSuite-Secret_Finder) | Burp Suite extension to discover apikeys/accesstokens and sensitive data from HTTP response. | ![](https://img.shields.io/github/stars/m4ll0k/BurpSuite-Secret_Finder) | ![](https://img.shields.io/github/languages/top/m4ll0k/BurpSuite-Secret_Finder) |",
"Data":"| Burp/BYPASS | [BurpSuiteHTTPSmuggler](https://github.com/nccgroup/BurpSuiteHTTPSmuggler) | A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques | ![](https://img.shields.io/github/stars/nccgroup/BurpSuiteHTTPSmuggler) | ![](https://img.shields.io/github/languages/top/nccgroup/BurpSuiteHTTPSmuggler) |",
"Data":"| Burp/CODE | [burp-exporter](https://github.com/artssec/burp-exporter) | Exporter is a Burp Suite extension to copy a request to the clipboard as multiple programming languages functions. | ![](https://img.shields.io/github/stars/artssec/burp-exporter) | ![](https://img.shields.io/github/languages/top/artssec/burp-exporter) |",
"Data":"| Burp/PASV | [collaborator-everywhere](https://github.com/PortSwigger/collaborator-everywhere) | A Burp Suite Pro extension which augments your proxy traffic by injecting non-invasive headers designed to reveal backend systems by causing pingbacks to Burp Collaborator | ![](https://img.shields.io/github/stars/PortSwigger/collaborator-everywhere) | ![](https://img.shields.io/github/languages/top/PortSwigger/collaborator-everywhere) |",
"Data":"| ZAP/SCRIPT | [community-scripts](https://github.com/zaproxy/community-scripts) | A collection of ZAP scripts provided by the community - pull requests very welcome! | ![](https://img.shields.io/github/stars/zaproxy/community-scripts) | ![](https://img.shields.io/github/languages/top/zaproxy/community-scripts) |",
"Data":"| All/CODE | [http-script-generator](https://github.com/h3xstream/http-script-generator) | ZAP/Burp plugin that generate script to reproduce a specific HTTP request (Intended for fuzzing or scripted attacks) | ![](https://img.shields.io/github/stars/h3xstream/http-script-generator) | ![](https://img.shields.io/github/languages/top/h3xstream/http-script-generator) |",
"Data":"| Burp/UTIL | [safecopy](https://github.com/yashrs/safecopy) | Burp Extension for copying requests safely. It redacts headers like Cookie, Authorization and X-CSRF-Token for now. More support can be added in the future. | ![](https://img.shields.io/github/stars/yashrs/safecopy) | ![](https://img.shields.io/github/languages/top/yashrs/safecopy) |",
"Data":"| Burp/CALLBACK | [taborator](https://github.com/hackvertor/taborator) | A Burp extension to show the Collaborator client in a tab | ![](https://img.shields.io/github/stars/hackvertor/taborator) | ![](https://img.shields.io/github/languages/top/hackvertor/taborator) |",
"Data":"| Burp/ACTIVE | [turbo-intruder](https://github.com/PortSwigger/turbo-intruder) | Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results. | ![](https://img.shields.io/github/stars/PortSwigger/turbo-intruder) | ![](https://img.shields.io/github/languages/top/PortSwigger/turbo-intruder) |",