The hacker's choice: 10 favorite Burp Suite plugins Nixuans recommend

Anne Oikarinen

Anne Oikarinen

Senior Security Consultant

February 25, 2020 at 09:11

Nixuans do hundreds of web application and mobile application security assessments each year. For these assessments, bug bounties, and security testing training we give, Burp Suite Professional is typically the tool of choice. Burp is extendable with plugins that can automate part of the testing, identify more vulnerabilities, or make generating testing payloads easier. For all you white hat hackers out there, we wanted to give some tips on how we use Burp: here's our top 10 list of best Burp Suite plugins. There are many more we use based on the type of application we test, but in this list, we went for general-purpose plugins and coverage.

 

10 Burp Suite plugins that Nixu's security testing experts recommend: Active Scan++; Additional Scanners Checks; Logger++; Software Vulnerability Scanner; Retire.js; SAML Raider; Collaborator Everywhere; EsPReSSO; Error Message Checks; Bradamsa.

 

Would you like to stay up to date with the new cybersecurity trends? Subscribe to the Nixu newsletter.