This is your work, valued
Brida. The new bridge between Burp Suite and Frida!
1.9kJava-Deserialization-Scanner. All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities
801ghidra2frida. The new bridge between Ghidra and Frida!
132HandyCollaborator. Burp Suite plugin created for using Collaborator tool during manual testing in a comfortable way!
103ghidra-scripts. A collection of my Ghidra scripts
102semgrep-rules. A collection of my Semgrep rules
54LetMeHID. LetMeHID is a tool that generates Windows HID payloads to obtain bind or reverse access using Raspberry PI0 and P4wnP1 A.L.O.A.
54Burp-Suite-Extender-Montoya-Course. This repository contains all the examples related to a series of tutorials that demonstrate how to use the new Montoya API of Burp Suite to create extensions that will greatly simplify our pentester lives.
51ysoserial. A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
46protobuf-decoder. A simple Google Protobuf Decoder for Burp
43BurpJDSer-ng-edited. Burp Suite plugin that allow to deserialize Java objects and convert them in an XML format. Unpack also gzip responses. Based on BurpJDSer-ng of omercnet.
20proxmark3. Proxmark 3 - HID Corporate 1000 bruteforce
10Exploit. A collection of exploits created or modified by me
5AI-Reporter. A Burp Suite extension that uses Burp AI or local LLMs to automatically generate vulnerability reports from HTTP request/response pairs
2RestoringTestability. Stuff of my talk "Restoring Testability - Handling complex scenarios in Burp Suite with a custom extension"
2