- Installing, configuring and using Burp-Suite 2 Free Community Edition and Pro editions - webpwnized
- Burp Suite Deep Dive for Application Security Professionals | Cristi Zot
- https://github.com/Ignitetechnologies/BurpSuite-For-Pentester
- https://github.com/everythingishacked/burpsuite-custom-extension
- https://blog.silentsignal.eu/2020/05/04/decrypting-and-analyzing-https-traffic-without-mitm + https://m1el.github.io/oculus-tls-extract
- https://github.com/wagiro/BurpBounty + https://twitter.com/egarme/status/1002078124014821377 + https://burpbounty.net/wp-content/uploads/2020/10/BurpBounty_Ekoparty_2020_ENG.pdf
- https://github.com/doyensec/burpdeveltraining
- an epic thread for AutoRepeater!
- Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
- https://github.com/snoopysecurity/awesome-burp-extensions
- https://github.com/clr2of8/GatherContacts
- https://medium.com/csg-govtech/proxy-agent-a-tool-for-mobile-penetration-testers-a9796e99f3ca
- https://github.com/six2dez/burp-bounty-profiles
- https://www.pentagrid.ch/en/blog/teaching_burp_a_new_http_transport_encoding
- Bypass 403 restricted directory
- https://github.com/Leoid/Burp2Slack
- Is it possible to somehow send request from Repeater to Target tab?
- Recursive passive detection of vulnerable paths
- Improve automated and semi-automated active scanning + https://youtu.be/aFMTzFfX1Z4
- Burp Extension for Broken Access Control
- View HTTP history exported from Burp Suite Community Edition(CE)
- I wish there was functionality via command line to search burp project/state files for certain phrases
- Burp Suite extension to track vulnerability assessment progress
- Google Protobuf Decoder
- https://github.com/1N3/IntruderPayloads
- Bypass 403 or 401 or 404
- https://github.com/bsysop/IpLogger
- https://github.com/vmware/burp-rest-api
- bypassing client-side encryption using custom logic for manual and automation testing with Python and NodeJS
- Request minimizer will hide cookies from HTTP requests
- https://github.com/honoki/burp-digitalocean-droplet-proxy
- https://www.crackcodes.in/2023/06/top-10-burpsuite-extensions-you-must.html
- https://danaepp.com/detecting-api-endpoints-and-source-code-with-js-miner
- takes a JSON object from a request and tries using a predefined set of gadgets to poison all possible fields
- Getting Started with Burp Suite & Webapp Pentesting | BB King
- BOUNTY THURSDAYS - BURP 1.7 or 2.0 + more sweet stuff!
- https://twitter.com/pentagridsec/status/1372112849661726720 + https://www.pentagrid.ch/en/blog/burp-suite-hackvertor-custom-tags-email-sms-tan-multi-factor-authentication
- https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters/blob/master/assets/setup.md#burp-suite
- Deploy a Private Burpsuite Collaborator using boto3
- https://www.agarri.fr/docs/nahamcon23-burp_automation.pdf
- https://defparam.medium.com/ios-app-testing-through-burp-on-corellium-fe59ed849516
- https://web.archive.org/web/20210704020737/https://blog.assetnote.io/2021/06/27/uber-account-takeover-voicemail
- An intercepting proxy for web application testing
- https://github.com/riddhi-shree/web-app-pentesting-using-burp-suite
- http://b1twis3.ca/burpsuite-30-pro-tips
- https://www.pentagrid.ch/en/blog/teaching_burp_a_new_http_transport_encoding
- Which tools would you consider competitors to Burp and ZAP?
- https://parsiya.net/blog/2019-10-13-quality-of-life-tips-and-tricks-burp-suite
- https://www.pethuraj.com/blog/use-burpsuite-like-a-pro-part-1
- https://blog.ropnop.com/configuring-burp-suite-with-android-nougat
- https://dustri.org/b/detecting-and-annoying-burp-users.html
- https://github.com/SummerSec/BurpBountyProfiles