Ask HN: Anyone Interested in Burp Alternative?

2 points by fancythat 1 year ago | 2 comments
Hi all,

I have been heavily using Burp suite for my security domain research and have come to conclusion that it's professional version is too cost prohibitive for majority of users (I am aware of Zap and Caido) as well as that there are some interesting functionality missing from it.

My idea is to develop a Burp suite alternative, probably in Golang as desktop application, to address some of the issues. The plan would be to have free version that is on par with Burp Pro with paid version having ability to scale out.

For now, this would look like this:

Free version:

1. Interception of http, http/2, websocket traffic, with support for tcp and udp

2. Lua and/or JS scriptable

3. Linux, Windows, Mac support

4. Out-of-band exploitation support

5. Automation support

Paid version:

1. Mobile proxies on demand

2. Server instances on demand

3. Headless instance with exposed API

Do you think this might be an interesting addition to the market? Are there any functionalities not present in Burp, Caido or Zap that you would like to see in this new tool? Thanks!

  • rjes 1 year ago
    This is an awesome idea and project! Integration with nikto would be cool.

    Good luck and happy hacking

    • fancythat 1 year ago
      Thanks :)

      I will investigate nikto integration as well.