Burp’s intruder is great. But you know what is better? The Turbo intruder. If: you would like to send more requests in the same time than with the built-in intruder you are annoyed by the throttling of the community version or you simply prefer to have more control...
Burp
Burp plugin for scanning SSO authentication
OAUTHScan is a Burp extension to verify the security of OAUTHv2 and OpenID flows. It has checks for the following scenarios: Open Redirect issues on Redirect_Uri parameter Authorization Code Replay issues Leakage of secrets (i.e. Tokens, Codes) PKCE misconfigurations...
Nuclei Burp Plugin
I know a lot of hackers use nuclei. If you are using it, too, definitely check out the Nuclei Burp plugin that allows generating nuclei templates straight from Burp Suite. It’s not on the BApp store so you have to install it manually from .jar file....