LogoAISecKit
  • Search
  • Collection
  • Category
  • Tag
  • Blog
  • Pricing
  • Submit
LogoAISecKit

Newsletter

Join the Community

Subscribe to our newsletter for the latest news and updates

LogoAISecKit

Curated directory of 1700+ AI tools, models, frameworks, MCP servers, and cybersecurity resources

GitHub
Product
  • Search
  • Collection
  • Category
  • Tag
Resources
  • Blog
  • Pricing
  • Submit
Company
  • About Us
  • Privacy Policy
  • Terms of Service
  • Sitemap
Copyright © 2026 All Rights Reserved.
Sponsored Resources
  1. Home
  3. Category
  7. BurpAPIFinder

BurpAPIFinder

A Burp Suite plugin for discovering unauthorized and sensitive information during security assessments.

Visit Website
Visit Website

Introduction

BurpAPIFinder

BurpAPIFinder is a powerful plugin designed for security professionals to uncover unauthorized and sensitive information during penetration testing. It helps identify hidden vulnerabilities in web applications by analyzing HTML and JavaScript files accessed through the browser.

Key Features:
  • Unauthorized Access Detection: Discover endpoints that allow unauthorized access to sensitive data such as passwords and API keys.
  • User Enumeration: Identify interfaces that can enumerate user information and perform actions like password resets.
  • Sensitive Data Leakage: Automatically extract URLs and sensitive information from HTML and JS files.
  • Customizable Scanning: Users can define sensitive keywords and URLs for tailored scanning.
  • Integration with Fingerprint Libraries: Includes various fingerprint libraries for identifying sensitive information leaks.
Benefits:
  • Enhanced Security Assessments: Streamline the process of identifying vulnerabilities in web applications.
  • User-Friendly Interface: Easy to configure and use within Burp Suite without extensive setup.
  • Community Support: Actively maintained with feedback channels for suggestions and improvements.
Highlights:
  • Open-source and free to use.
  • Regular updates and community contributions.
  • Disclaimer against illegal use, emphasizing ethical security research.
Back

Information

  • Publisher
    AISecKit
  • Websitegithub.com
  • Published date2025/04/28

Categories

  • Penetration Testing
  • Vulnerability Scanners
  • Security Research

Tags

  • Open Source
  • API Security
  • Penetration Testing

More Products

image of Phantom
DevSecOps ToolsPenetration TestingVulnerability Scanners
Visit Website
icon of Phantom

Phantom

A browser extension for SRC vulnerability mining, collecting sensitive information and suspicious clues from web pages.

Security AuditingOpen SourceIncident ResponseVulnerability ScanningAPI Security+1
E
Penetration TestingSecurity Training PlatformsAI Security Monitoring
Visit Website
icon of Exploiting AI

Exploiting AI

An introductory class on understanding AI security risks and mitigation strategies.

Prompt InjectionGenerative AIRed Team TestingData Poisoning
P
Input Validation & FilteringSecurity ResearchPrompt Injection Defense
Visit Website
icon of PINT Benchmark

PINT Benchmark

A benchmark for prompt injection detection systems, providing a neutral way to evaluate their performance.

Prompt InjectionModel RobustnessSecurity Auditing