This extension enhances Burp Suite by adding several UI and functional features, making it more user-friendly.

Burp Suite extension that enhances Burp Active Scan by adding template engine specific SSTI payloads.

BurpSuite Extension leveraging new Montoya API to automatically sets payload positions to your inruder tab saving you time during VAPT.

All-in-one Burp Suite attack framework — 16 active scanners, 4 passive analyzers, SQL exploitation engine (OmniMap), AI-powered fuzzing, prerequisite chain automation (Stepper), built-in OOB server (HTTP+DNS). Single JAR, Montoya API.

This extension integrates popular CAPTCHA solution services into BurpSuite to process different types of CAPTCHAs without manual intervention.

Enables transparent use of Excel files in Burp Suite

Autonomous AI penetration testing agent for Burp Suite. Agentic pentesting with local/cloud LLMs (Ollama, Gemini, DeepSeek, OpenRouter) via Montoya API.

This BurpSuite extension tests ESPv2 malicious X-HTTP-Method-Override header value to bypass JWT authentication in specific cases.

🛡️ Burp Suite extension for automated access control bypass, path traversal & Web Cache Deception testing. Header spoofing, URL encoding, cache deception pipelines – all in one tool.

This Burp Suite extension monitors a provided JWT token for its expiration and replaces any already present JWT token in outgoing requests with the provided one