Web Application Tools

462 tools
burp-ai-agent
burp-ai-agent
Open Source Web Application

Burp Suite extension that adds built-in MCP tooling, AI-assisted analysis, privacy controls, passive and active scanning and more
burp-awesome-tls
burp-awesome-tls
Open Source Web Application

Burp extension to evade TLS fingerprinting. Bypass WAF, spoof any browser.
Burp-Suite-Certified-Practitioner-Exam-Study
Burp-Suite-Certified-Practitioner-Exam-Study
Free Exploitation Web Application

Burp Suite Certified Practitioner Exam Study
BurpAPISecuritySuite
BurpAPISecuritySuite
Open Source Exploitation Scanning & Enumeration

Burp Suite extension for API security testing with 15 attack types, 108+ payloads, intelligent fuzzing, BOLA/IDOR detection, AI integration,…
BurpBounty
BurpBounty
Open Source Scanning & Enumeration Web Application

Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the activ…
BurpsuitePro
BurpsuitePro
Free Kali Web Application

Latest BurpSuitePro is a script for installing and updating Burp Suite Professional on Linux and Windows, ensuring Java compatibility for sm…
caddy-defender
caddy-defender
Open Source Web Application

Caddy module to block or manipulate requests originating from AIs or cloud services trying to train on your websites
caddy-waf
caddy-waf
Open Source Web Application

Caddy WAF (Regex Rules, IP and DNS filtering, Rate Limiting, GeoIP, Tor, Anomaly Detection)
caido
caido
Freemium Web Application

🚀 Caido releases, wiki and roadmap Modern web security auditing tool built as a Rust-based alternative to Burp Suite. Features a clean UI…
cazador_unr
cazador_unr
Free Exploitation Reconnaissance

[scanner] [TcpListener] [FileMiner] [Subscrabber]…
cherrybomb
cherrybomb
Open Source Web Application

Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating …
chomtesh
chomtesh
Open Source Reconnaissance Scanning & Enumeration

CHOMTE.SH is a powerful shell script designed to automate reconnaissance tasks during penetration testing. It utilizes various Go-based tool…
Chromium-based-XSS-Taint-Tracking
Chromium-based-XSS-Taint-Tracking
Open Source Exploitation Web Application

The Cyclops's binary code can be directly downloaded here; It's source code is not provided now.
chronos
chronos
Open Source Password Attacks Reconnaissance

Wayback Machine OSINT Framework
ChYing
ChYing
Free Scanning & Enumeration Web Application

承影,愿你在光影之间,找到属于自己的锋芒。开源的类 BurpSuite 应用 ChYing — may you find your own edge between light and shadow. An open-source, BurpSuite-like applicat…
CIS-Ubuntu-20.04-Ansible
CIS-Ubuntu-20.04-Ansible
Open Source Web Application

Ansible Role to Automate CIS v1.1.0 Ubuntu Linux 18.04 LTS, 20.04 LTS Remediation
clairvoyance
clairvoyance
Open Source Web Application

Obtain GraphQL API schema even if the introspection is disabled
claude-bug-bounty
claude-bug-bounty
Open Source Reconnaissance Scanning & Enumeration

AI-powered bug bounty hunting from your terminal - recon, 20 vuln classes, autonomous hunting, and report generation. All inside Claude Co…
claude-cybersecurity
claude-cybersecurity
Open Source Scanning & Enumeration Web Application

AI-powered cybersecurity code review skill for Claude Code. 8 specialist agents, OWASP 2025, CWE Top 25, MITRE ATT&CK, 11 languages, zero co…
cli
cli
Open Source Web Application

🧰 A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc.
cloud
cloud
Open Source Exploitation Reconnaissance

Monitoring the Cloud Landscape
cloud_osint
cloud_osint
Open Source Exploitation Reconnaissance

☁️ Curated Cloud OSINT resources — dorks, tools, and techniques for AWS, Azure, GCP, Oracle Cloud, and other major providers reconnaissance
Cloudflare-Cookie-Analysis
Cloudflare-Cookie-Analysis
Open Source Web Application

Analysis of Cloudflare anti-bot cookie flow (cf_bm / cf_clearance) from a defensive perspective.
collection-document
collection-document
Free Exploitation Reconnaissance

Collection of quality safety articles. Awesome articles.