rep+ 作者: Bour Abdelhadi
rep+ - Capture, modify, and replay HTTP requests in Firefox DevTools with AI-powered security analysis.
扩展元数据
屏幕截图
关于此扩展
rep+ is a powerful Chrome DevTools extension that brings Burp Suite Repeater functionality directly into your browser. Now enhanced with AI, it helps developers, security researchers, and bug bounty hunters test and analyze HTTP requests smarter and faster—no proxy setup required.
With rep+ you can:
- Capture and replay HTTP requests from any tab, without proxy setup
- Group, filter, block, and search requests using text or regex
- Convert data inline (Base64, URL encode/decode, JWT decode, Hex/UTF‑8)
- Inspect responses in multiple formats with syntax highlighting and line numbers
- Passively extract hidden endpoints from JavaScript
- Discover query, body, header, and path parameters with risk classification and confidence scoring
- Suppress false positives by ignoring common frameworks, libraries, telemetry, and generic fields
- Detect secrets in JavaScript using high‑coverage Kingfisher rules
- Export endpoints, parameters, and secrets to CSV or Postman
- Search deeply inside responses and JavaScript
- Run built‑in automated attacks (Sniper, Battering Ram, Pitchfork, Cluster Bomb)
- Use AI for request explanations and attack suggestions via API or local LLM (Ollama)
- AI‑powered request analysis, modification, and attack suggestions
- Per‑request isolated chat with cross‑request references
- One‑click AI‑driven request edits with visual feedback
- Local or API‑based LLM support with aggressive token optimization
- Automatically remove duplicate requests during capture to eliminate noise and keep only unique traffic
Why install it?
- Works natively inside your browser
- Designed for speed, clarity, and real pentesting workflows
- Helps you uncover security issues and understand application behaviour faster
- Ideal for bug bounty hunters, red teamers, AppSec, and curious devs
With rep+ you can:
- Capture and replay HTTP requests from any tab, without proxy setup
- Group, filter, block, and search requests using text or regex
- Convert data inline (Base64, URL encode/decode, JWT decode, Hex/UTF‑8)
- Inspect responses in multiple formats with syntax highlighting and line numbers
- Passively extract hidden endpoints from JavaScript
- Discover query, body, header, and path parameters with risk classification and confidence scoring
- Suppress false positives by ignoring common frameworks, libraries, telemetry, and generic fields
- Detect secrets in JavaScript using high‑coverage Kingfisher rules
- Export endpoints, parameters, and secrets to CSV or Postman
- Search deeply inside responses and JavaScript
- Run built‑in automated attacks (Sniper, Battering Ram, Pitchfork, Cluster Bomb)
- Use AI for request explanations and attack suggestions via API or local LLM (Ollama)
- AI‑powered request analysis, modification, and attack suggestions
- Per‑request isolated chat with cross‑request references
- One‑click AI‑driven request edits with visual feedback
- Local or API‑based LLM support with aggressive token optimization
- Automatically remove duplicate requests during capture to eliminate noise and keep only unique traffic
Why install it?
- Works natively inside your browser
- Designed for speed, clarity, and real pentesting workflows
- Helps you uncover security issues and understand application behaviour faster
- Ideal for bug bounty hunters, red teamers, AppSec, and curious devs
评分 5(1 位用户)
权限与数据
更多信息