diff --git a/Burp and ZAP Extensions/README.md b/Burp and ZAP Extensions/README.md index 865e7b1..0478166 100644 --- a/Burp and ZAP Extensions/README.md +++ b/Burp and ZAP Extensions/README.md @@ -43,6 +43,7 @@ This is Cool Extensions collection of Burp suite and ZAP | Burp/REPEAT | [IntruderPayloads](https://github.com/1N3/IntruderPayloads) | A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists. | ![](https://img.shields.io/github/stars/1N3/IntruderPayloads) | ![](https://img.shields.io/github/languages/top/1N3/IntruderPayloads) | | Burp/REPEAT | [Stepper](https://github.com/CoreyD97/Stepper) | A natural evolution of Burp Suite's Repeater tool | ![](https://img.shields.io/github/stars/CoreyD97/Stepper) | ![](https://img.shields.io/github/languages/top/CoreyD97/Stepper) | | Burp/SCAN | [BurpBounty](https://github.com/wagiro/BurpBounty) | Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface. | ![](https://img.shields.io/github/stars/wagiro/BurpBounty) | ![](https://img.shields.io/github/languages/top/wagiro/BurpBounty) | +| Burp/THEME | [BurpCustomizer](https://github.com/CoreyD97/BurpCustomizer) | Because just a dark theme wasn't enough! | ![](https://img.shields.io/github/stars/CoreyD97/BurpCustomizer) | ![](https://img.shields.io/github/languages/top/CoreyD97/BurpCustomizer) | | Burp/UTIL | [safecopy](https://github.com/yashrs/safecopy) | Burp Extension for copying requests safely. It redacts headers like Cookie, Authorization and X-CSRF-Token for now. More support can be added in the future. | ![](https://img.shields.io/github/stars/yashrs/safecopy) | ![](https://img.shields.io/github/languages/top/yashrs/safecopy) | | ZAP/INTERFACE | [zap-hud](https://github.com/zaproxy/zap-hud) | The OWASP ZAP Heads Up Display (HUD) | ![](https://img.shields.io/github/stars/zaproxy/zap-hud) | ![](https://img.shields.io/github/languages/top/zaproxy/zap-hud) | | ZAP/JWT | [owasp-zap-jwt-addon](https://github.com/SasanLabs/owasp-zap-jwt-addon) | OWASP ZAP addon for finding vulnerabilities in JWT Implementations | ![](https://img.shields.io/github/stars/SasanLabs/owasp-zap-jwt-addon) | ![](https://img.shields.io/github/languages/top/SasanLabs/owasp-zap-jwt-addon) | diff --git a/Burp and ZAP Extensions/data.json b/Burp and ZAP Extensions/data.json index 62fbb2e..06bb010 100644 --- a/Burp and ZAP Extensions/data.json +++ b/Burp and ZAP Extensions/data.json @@ -14,6 +14,22 @@ "Method": "SCAN", "Type": "Burp" }, + "BurpCustomizer": { + "Type": "Burp", + "Data": "| Burp/THEME | [BurpCustomizer](https://github.com/CoreyD97/BurpCustomizer) | Because just a dark theme wasn't enough! | ![](https://img.shields.io/github/stars/CoreyD97/BurpCustomizer) | ![](https://img.shields.io/github/languages/top/CoreyD97/BurpCustomizer) |", + "Method": "THEME", + "Description": "Because just a dark theme wasn't enough!", + "Install": { + "Linux": "", + "MacOS": "", + "Windows": "" + }, + "Update": { + "Linux": "", + "MacOS": "", + "Windows": "" + } + }, "BurpJSLinkFinder": { "Data": "| Burp/PASV | [BurpJSLinkFinder](https://github.com/InitRoot/BurpJSLinkFinder) | Burp Extension for a passive scanning JS files for endpoint links. | ![](https://img.shields.io/github/stars/InitRoot/BurpJSLinkFinder) | ![](https://img.shields.io/github/languages/top/InitRoot/BurpJSLinkFinder) |", "Method": "PASV", @@ -115,9 +131,9 @@ "Type": "Burp" }, "owasp-zap-jwt-addon": { - "Type": "ZAP", "Data": "| ZAP/JWT | [owasp-zap-jwt-addon](https://github.com/SasanLabs/owasp-zap-jwt-addon) | OWASP ZAP addon for finding vulnerabilities in JWT Implementations | ![](https://img.shields.io/github/stars/SasanLabs/owasp-zap-jwt-addon) | ![](https://img.shields.io/github/languages/top/SasanLabs/owasp-zap-jwt-addon) |", - "Method": "JWT" + "Method": "JWT", + "Type": "ZAP" }, "param-miner": { "Data": "| Burp/ACTIVE | [param-miner](https://github.com/PortSwigger/param-miner) | Parameter mining on Burpsuite | ![](https://img.shields.io/github/stars/PortSwigger/param-miner) | ![](https://img.shields.io/github/languages/top/PortSwigger/param-miner) |", diff --git a/README.md b/README.md index b96d22b..46b8b7b 100644 --- a/README.md +++ b/README.md @@ -85,6 +85,7 @@ A collection of cool tools used by Web hackers. Happy hacking , Happy bug-huntin | Discovery/GQL | [inql](https://github.com/doyensec/inql) | InQL - A Burp Extension for GraphQL Security Testing | ![](https://img.shields.io/github/stars/doyensec/inql) | ![](https://img.shields.io/github/languages/top/doyensec/inql) | | Discovery/HTTP | [Arjun](https://github.com/s0md3v/Arjun) | HTTP parameter discovery suite. | ![](https://img.shields.io/github/stars/s0md3v/Arjun) | ![](https://img.shields.io/github/languages/top/s0md3v/Arjun) | | Discovery/HTTP | [Aron](https://github.com/m4ll0k/Aron) | Aron is a GO script for finding hidden GET & POST parameters | ![](https://img.shields.io/github/stars/m4ll0k/Aron) | ![](https://img.shields.io/github/languages/top/m4ll0k/Aron) | +| Discovery/HTTP | [headi](https://github.com/mlcsec/headi) | Customisable and automated HTTP header injection | ![](https://img.shields.io/github/stars/mlcsec/headi) | ![](https://img.shields.io/github/languages/top/mlcsec/headi) | | Discovery/JS | [JSFScan.sh](https://github.com/KathanP19/JSFScan.sh) | Automation for javascript recon in bug bounty. | ![](https://img.shields.io/github/stars/KathanP19/JSFScan.sh) | ![](https://img.shields.io/github/languages/top/KathanP19/JSFScan.sh) | | Discovery/JS | [LinkFinder](https://github.com/GerbenJavado/LinkFinder) | A python script that finds endpoints in JavaScript files | ![](https://img.shields.io/github/stars/GerbenJavado/LinkFinder) | ![](https://img.shields.io/github/languages/top/GerbenJavado/LinkFinder) | | Discovery/JS | [SecretFinder](https://github.com/m4ll0k/SecretFinder) | SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files | ![](https://img.shields.io/github/stars/m4ll0k/SecretFinder) | ![](https://img.shields.io/github/languages/top/m4ll0k/SecretFinder) | diff --git a/data.json b/data.json index 1f47287..30e508f 100644 --- a/data.json +++ b/data.json @@ -1663,6 +1663,22 @@ "Windows": "" } }, + "headi": { + "Type": "Discovery", + "Data": "| Discovery/HTTP | [headi](https://github.com/mlcsec/headi) | Customisable and automated HTTP header injection | ![](https://img.shields.io/github/stars/mlcsec/headi) | ![](https://img.shields.io/github/languages/top/mlcsec/headi) |", + "Method": "HTTP", + "Description": "Customisable and automated HTTP header injection", + "Install": { + "Linux": "", + "MacOS": "", + "Windows": "" + }, + "Update": { + "Linux": "", + "MacOS": "", + "Windows": "" + } + }, "hetty": { "Data": "| Army-Knife/PROXY | [hetty](https://github.com/dstotijn/hetty) | Hetty is an HTTP toolkit for security research. It aims to become an open source alternative to commercial software like Burp Suite Pro, with powerful features tailored to the needs of the infosec and bug bounty community. | ![](https://img.shields.io/github/stars/dstotijn/hetty) | ![](https://img.shields.io/github/languages/top/dstotijn/hetty) |", "Description": "Hetty is an HTTP toolkit for security research. It aims to become an open source alternative to commercial software like Burp Suite Pro, with powerful features tailored to the needs of the infosec and bug bounty community.", @@ -1744,15 +1760,15 @@ } }, "httptoolkit": { - "Type": "Army-Knife", "Data": "| Army-Knife/PROXY | [httptoolkit](https://github.com/httptoolkit/httptoolkit) | HTTP Toolkit is a beautiful \u0026 open-source tool for debugging, testing and building with HTTP(S) on Windows, Linux \u0026 Mac | ![](https://img.shields.io/github/stars/httptoolkit/httptoolkit) | ![](https://img.shields.io/github/languages/top/httptoolkit/httptoolkit) |", - "Method": "PROXY", "Description": "HTTP Toolkit is a beautiful \u0026 open-source tool for debugging, testing and building with HTTP(S) on Windows, Linux \u0026 Mac", "Install": { "Linux": "", "MacOS": "", "Windows": "" }, + "Method": "PROXY", + "Type": "Army-Knife", "Update": { "Linux": "", "MacOS": "",