Search
Collection
Category
Tag
Blog
Pricing
Submit

Newsletter

Join the Community

Subscribe to our newsletter for the latest news and updates

Email

AISecKit

Curated AI security tools & LLM safety resources for cybersecurity professionals

Product

Search
Collection
Category
Tag

Resources

Blog
Pricing
Submit

Tools

🔥Marathons Tools

Company

About Us
Privacy Policy
Terms of Service
Sitemap

Copyright © 2025 All Rights Reserved.

Home
Category
BurpAPIFinder

BurpAPIFinder

A Burp Suite plugin for discovering unauthorized and sensitive information during security assessments.

Introduction

Information

Publisher
AISecKit
Websitegithub.com
Published date2025/04/28

Categories

Penetration Testing
Vulnerability Scanners
Security Research

Tags

Open Source
API Security
Penetration Testing

More Products

Exploiting AI

An introductory class on understanding AI security risks and mitigation strategies.

Prompt Injection Generative AI Red Team Testing Data Poisoning

PINT Benchmark

A benchmark for prompt injection detection systems, providing a neutral way to evaluate their performance.

Prompt Injection Model Robustness Security Auditing

Folly

Open-source LLM Prompt-Injection and Jailbreaking Playground for testing LLM security vulnerabilities.

Prompt Injection Open Source API Security Security Testing LLM Security+1

BurpAPIFinder

BurpAPIFinder is a powerful plugin designed for security professionals to uncover unauthorized and sensitive information during penetration testing. It helps identify hidden vulnerabilities in web applications by analyzing HTML and JavaScript files accessed through the browser.

Key Features:

Unauthorized Access Detection: Discover endpoints that allow unauthorized access to sensitive data such as passwords and API keys.
User Enumeration: Identify interfaces that can enumerate user information and perform actions like password resets.
Sensitive Data Leakage: Automatically extract URLs and sensitive information from HTML and JS files.
Customizable Scanning: Users can define sensitive keywords and URLs for tailored scanning.
Integration with Fingerprint Libraries: Includes various fingerprint libraries for identifying sensitive information leaks.

Benefits:

Enhanced Security Assessments: Streamline the process of identifying vulnerabilities in web applications.
User-Friendly Interface: Easy to configure and use within Burp Suite without extensive setup.
Community Support: Actively maintained with feedback channels for suggestions and improvements.

Highlights:

Open-source and free to use.
Regular updates and community contributions.
Disclaimer against illegal use, emphasizing ethical security research.