A curated collection of Burp Suite extensions for web application security testing. Each extension is designed to enhance your workflow and help identify security vulnerabilities more efficiently.
Automatically update cookies and authentication headers from Proxy history
GetNewCookies solves the common problem of expired cookies and tokens during testing. With a simple right-click in Burp Repeater, it finds the freshest cookies and auth headers from your Proxy history and merges them into your current request.
Key Features:
- Context menu integration for quick cookie updates
- Automatic extraction of cookies and auth headers
- Configurable host matching and merge strategies
- Time-based history search
Best For: Maintaining valid sessions during manual testing, refreshing expired tokens, working with frequently rotating credentials
Identify potentially vulnerable parameters in HTTP requests
HUNT-verbose is a passive scanner that automatically identifies parameters that may be vulnerable to common web vulnerabilities. It scans HTTP traffic and flags parameters associated with IDOR, SQL injection, SSRF, SSTI, and more.
Key Features:
- 7 built-in vulnerability categories (IDOR, SQLI, SSRF, SSTI, XSS, File Inclusion, etc.)
- Custom category creation with user-defined parameter lists
- Case-insensitive and wildcard parameter matching
- HTTP header scanning for non-standard headers
- Advanced filtering and duplicate detection
Best For: Initial reconnaissance, identifying potential attack surfaces, prioritizing testing efforts, discovering hidden parameters
Detect parameter reflection and XSS vulnerabilities with context analysis
Reflector goes beyond simple reflection detection by analyzing the context where parameters are reflected (HTML, JavaScript, attributes, etc.) and actively testing which special characters are allowed. It generates context-aware XSS payloads and detects client-side template injection.
Key Features:
- Passive reflection detection in responses
- Context analysis (HTML, JavaScript, attributes, CSS, URLs)
- Aggressive mode for testing special character filtering
- CSTI (Client-Side Template Injection) detection
- Automatic generation of context-aware XSS PoCs
- Smart caching to avoid redundant testing
Best For: XSS vulnerability discovery, reflection analysis, generating working PoC payloads, identifying template injection
Inject custom payloads with automatic Burp Collaborator integration
Anything Everywhere extends the Collaborator Everywhere concept by allowing you to define custom payload templates with flexible placeholders and targeting options. Perfect for discovering blind vulnerabilities including SSRF, blind XSS, XXE, command injection, Log4j, and more through out-of-band detection.
Key Features:
- Custom payload templates with 13+ placeholders (
$COLLAB$ ,$HOST$ , $BASE64(), etc.) - 6 target types (All/Specific Headers, All/Specific Params, Custom Regex)
- Background Collaborator polling with automatic issue creation
- Template import/export for team sharing
- Injection history tracking and own-IP detection
- Persistent storage of templates and settings
Best For: Detecting blind vulnerabilities through out-of-band callbacks, custom vulnerability testing workflows, Log4Shell scanning, blind XSS discovery
Each extension can be built and installed independently:
# Navigate to an extension directory
cd GetNewCookies/
# Build the JAR
./gradlew jar
# The JAR will be in build/libs/- Open Burp Suite
- Go to Extensions > Installed
- Click Add
- Select the built JAR file
- Click Next
- Burp Suite Professional or Community Edition
- Java 21 or higher
- Gradle (wrapper included in each project)
| Extension | Type | Traffic | Use Case |
|---|---|---|---|
| GetNewCookies | Context Menu | None | Session management during manual testing |
| HUNT-verbose | Passive Scanner | None | Identifying potentially vulnerable parameters |
| Reflector | Passive/Active Scanner | Low-High* | XSS and reflection detection |
| Anything Everywhere | Proxy Handler | Medium | Out-of-band vulnerability detection via Collaborator |
*Reflector's traffic depends on enabled modes: passive (low), aggressive (medium), CSTI (high)
All extensions are built using:
- Burp Montoya API - Modern Burp extension API
- Gradle - Build automation with Kotlin DSL
- Java 21 - Latest LTS Java version
# From the repository root
for dir in GetNewCookies HUNT-verbose reflector-remix AnythingEverywhere; do
cd $dir
./gradlew jar
cd ..
doneIssues and pull requests are welcome for any of the extensions! Each extension directory contains its own documentation and source code.
See individual extension directories for license information.
- GetNewCookies - Created using the Burp Extension Template by PortSwigger
- HUNT-verbose - Remixed by cinzinga, based on HUNT v2 Remix by Caleb Kinney, originally created by JP Villanueva, Jason Haddix, and the Bugcrowd team
- Reflector - Credit for the original extension and idea goes to elkokc
- Anything Everywhere - Inspired by Collaborator Everywhere by James 'albinowax' Kettle
Happy Hunting!
For questions, issues, or feature requests, please open an issue in the respective extension directory.