anpapjclbjicacakeoggghfldppbkepg
Improve your Burp Suite scan coverage by manually capturing how to perform complex actions on your website. Login Recorder for Burp Suite is a Chrome extension that enables you to record complex navigation sequences, such as SSO logins, using your browser. You can then import the recording into Burp Suite Professional and Burp Suite DAST so that any future scans of the website can replicate your recorded actions. This can improve your Burp Suite scan coverage by increasing the attack surface that the Scanner is able to audit effectively. To record an action sequence: 1. Click the Login Recorder for Burp Suite extension icon at the top right. 2. Click start recording. 3. Load the web page where you want to begin capturing and carry out the action sequence. 4. Click the extension icon to stop recording and click copy to clipboard to save the data from the recording to your clipboard in JSON format. 5. Paste the JSON from your clipboard into Burp Suite. Note that this extension works by recording clicks, pasted data, and keystrokes. To ensure that your action sequence is recorded properly, please avoid using any autocomplete functionality. The recorded data on your clipboard will be automatically cleared when you paste it into Burp Suite.
DotGit
An extension for checking if .git is exposed in visited websites An extension for checking if .git is exposed in visited websites - Check if a .git/.svn/.hg folder exists for each site you visit - Check if a .env file exists for each site you visit - Check if a .DS_Store file exists for each site you visit - Check if the site is open source (github/gitlab) - Check if the site has security.txt - You will be notified when a folder is found - List of exposed sites found - Download the entire .git folder in zip format, even if the files are not listed on the site - View .git/config with one click - Options for: colors, notifications and downloads Some checks are turned off by default, open the settings to turn them on Source code: https://github.com/davtur19/DotGit
FindSomething
Find interesting things in the webpage's source code or JavaScript This tool is used to quickly extract some interesting information from the HTML source code or JS code of the web page, including possible requested resources, interface URLs, possible requested IPs and domain names, leaked ID numbers, mobile phone numbers, email addresses, etc. Welcome to communicate with us, WeChat canxiao_xiao
Qualys Browser Recorder
Qualys Browser Recorder is a free browser extension to record & play back scripts of any web application. Qualys Browser Recorder is a free browser extension to record & play back scripts for web application automation testing. Qualys Browser Recorder includes the entire Selenium Core, allowing you to capture web elements and record actions in the browser to let you generate, edit, and play back automated test cases quickly and easily. The authors would like to thank contributors to SideeX, Selenium Core, and Selenium IDE. Qualys Browser Recorder would not have been possible without their valuable work, time, and effort. https://www.qualys.com/docs/qualys-browser-recorder-user-guide.pdf
Rapid7 AppSec Plugin
The Rapid7 AppSec plugin works with Rapid7 Application Security and AppSpider dynamic application security testing solutions to improve application scanning coverage and assist in validating vulnerabilities with these capabilities: Macro Recording - Use the plugin to record macros required by Application Security and AppSpider Enterprise when selecting the Macro Authentication scan configuration. Macro Authentication enables the crawling engine of Application Security and AppSpider to authenticate with complex login workflows. Vulnerability Validator - Use the vulnerability validator in conjunction with the Attack Replay feature in Application Security and AppSpider. This feature of the Chrome plugin enables users to replay and edit recorded traffic generated during an Application Security or AppSpider scan. Bootstrap Authentication - The Chrome plugin is required to use AppSpider Enterprise's Bootstrap Authentication feature, which gives the user the ability to interactively login to the target application during an active scan. Used for login workflows that require human interaction for example 2FA (Two-factor authentication). Traffic Recorder - Record the interactions (like HTTP GET and POST requests) between the front end application and the back end server in a Traffic File. Application Security can replay these interactions to authenticate into your application. For support related to this plugin, please contact chrome_plugin@rapid7.com
