Skip to content

Navigation Menu

PortSwigger

Explore
By company size
By use case
By industry
View all solutions
Topics
- AI
- DevOps
- Security
- Software Development
- View all
Explore
- GitHub Sponsors
  Fund open source developers
- The ReadME Project
  GitHub community articles
Repositories
- Enterprise platform
  AI-powered developer platform
Available add-ons
Pricing

Search code, repositories, users, issues, pull requests...

Search

Clear

Search syntax tips

Provide feedback

We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Saved searches

Use saved searches to filter your results more quickly

Name

Query

To see all available qualifiers, see our documentation.

You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

PortSwigger

Verified
We've verified that the organization PortSwigger controls the domain:
- portswigger.net
Learn more about verified organizations

1.2k followers
United Kingdom
https://portswigger.net/
hello@portswigger.net

Overview
Repositories 454
Packages
People

More

Overview
Repositories
Packages
People

Pinned Loading

backslash-powered-scanner Public

Finds unknown classes of injection vulnerabilities

Java 655 95
httpoxy-scanner Public

A Burp Suite extension that checks for the HTTPoxy vulnerability.

Java 92 22
distribute-damage Public

Evenly distributes scanner load across targets

Java 85 9

Repositories

Loading

Type

Select type

All Public Sources Forks Archived Mirrors Templates

Language

Select language

All BlitzBasic C++ Dockerfile Go HTML Java JavaScript Kotlin Perl PHP Python Ruby Smarty TypeScript

Sort

Select order

Last updated Name Stars

Showing 10 of 454 repositories

backslash-powered-scanner Public
Finds unknown classes of injection vulnerabilities

Java 655 95 3 0 Updated Mar 25, 2025
cstc Public Forked from usdAG/cstc
CSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef

Java 8 GPL-3.0 31 0 0 Updated Mar 25, 2025
json-web-tokens Public Forked from ozzi-/JWT4B
JWT Support for Burp

Java 114 GPL-3.0 48 0 0 Updated Mar 25, 2025
host-header-inchecktion Public Forked from fabianbinna/host_header_inchecktion
A burp extention to find host header injection vulnerabilities

Java 4 4 0 0 Updated Mar 25, 2025
certsquirt Public
A golang PKI in less than 1000 lines of code.

Go 7 BSD-3-Clause 2 0 0 Updated Mar 24, 2025
429-bypasser Public Forked from iliyaafifi/429-bypasser

Python 0 2 0 0 Updated Mar 18, 2025
ai-prompt-fuzzer Public Forked from moha99sa/AI_Prompt_Fuzzer
Burp extension to fuzz/brute force GenAI/LLM prompts using a list of various payloads.

Java 2 GPL-3.0 1 0 0 Updated Mar 18, 2025
turbo-intruder Public
Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.

Kotlin 1,580 Apache-2.0 222 14 1 Updated Mar 18, 2025
json-unicode-escaper Public Forked from Bort-Millipede/Burp_JSON_Unicode-Escaper
Burp Extender providing JSON Unicode-escaping/unescaping capabilities

Java 0 GPL-3.0 1 0 0 Updated Mar 17, 2025
bypass-bot-detection Public
Burp Suite extension that mutates ciphers to bypass TLS-fingerprint based bot detection

Java 310 Apache-2.0 12 0 0 Updated Mar 14, 2025

View all repositories

People

This organization has no public members. You must be a member to see who’s a part of this organization.

Top languages

Java Python Kotlin JavaScript Ruby

Footer

© 2025 GitHub, Inc.

Footer navigation

Terms
Privacy
Security
Status
Docs
Contact

You can’t perform that action at this time.