Open Source Burp Suite AlternativesTop Vulnerability Scanners and other similar apps like Burp Suite

The best open source alternative to Burp Suite is mitmproxy. If that doesn't suit you, our users have ranked more than 25 alternatives to Burp Suite and seven of them is open source so hopefully you can find a suitable replacement. Other interesting open source alternatives to Burp Suite are OWASP Zed Attack Proxy (ZAP), SiteOne Crawler, HTTP Toolkit and w3af.

filter to find the best alternatives

Burp Suite alternatives are mainly Web Debuggers, but if you're looking for Vulnerability Scanners or HTTP(S) Debuggers you can filter on that. These are just examples - use the filter bar below to find more specific alternatives to Burp Suite.
  • ...

Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an...

More about Burp Suite
Burp Suite alternatives page was last updated Aug 19, 2024
Copy a direct link to this comment to your clipboard
  1. mitmproxy icon
     69 likes
    Copy a direct link to this comment to your clipboard

    mitmproxy is an SSL-capable man-in-the-middle proxy for HTTP. It provides a console interface that allows traffic flows to be inspected and edited on the fly. It also features mitmdump, a commandline tool that provides a tcpdump-like interface for saving, viewing and...

    17 mitmproxy alternatives

    License model

    • FreeOpen Source

    Platforms

    • Mac
    • Windows
    • Linux
    • Flathub
    • Flatpak

    mitmproxy Features

    1.  Web page Debugging
    2.  HTTP(S) Debugging
    3.  SSL
    4.  Debugging
    5.  Support for scripting
    6.  Intercepting HTTP calls

    mitmproxy VS Burp Suite

     
    • Almost everyone thinks mitmproxy is a great Burp Suite alternative.

    • mitmproxy is the most popular Windows, Mac & Linux alternative to Burp Suite.

    • mitmproxy is the most popular Open Source & free alternative to Burp Suite.

    • mitmproxy is Free and Open SourceBurp Suite is Freemium and Proprietary
  2. Copy a direct link to this comment to your clipboard

    The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.

    30 OWASP Zed Attack Proxy (ZAP) alternatives

    License model

    • FreeOpen Source

    Platforms

    • Mac
    • Windows
    • Linux

    OWASP Zed Attack Proxy (ZAP) Features

    1.  Proxy support

    OWASP Zed Attack Proxy (ZAP) VS Burp Suite

     
  3. SiteOne Crawler icon
     16 likes
    Copy a direct link to this comment to your clipboard

    A free in-depth website analyzer providing audits of security, performance, SEO, accessibility and other technical aspects. Available as a desktop application for Windows/macOS/Linux and as a CLI tool for advanced users and CI/CD processes. It also includes an offline web page exporter.

    26 SiteOne Crawler alternatives

    License model

    • FreeOpen Source

    Country of Origin

    • CZ flagCzechia
    • European Union flagEU

    Platforms

    • Mac
    • Windows
    • Linux

    Top SiteOne Crawler Features

    1.  Performance analysis
    2.  Graphical User Interface
    3.  Save web page for offline use
    4.  Daily Website Analysis
    5.  Ad-free
    6.  Command line interface
    7.  No Coding Required
    8.  Dark Mode
    9.  Multiplatform
    10.  Accessibility Testing
    11.  Security Testing
    12.  Electron based

    SiteOne Crawler VS Burp Suite

     
  4. HTTP Toolkit icon
     46 likes
    Copy a direct link to this comment to your clipboard

    HTTP Toolkit is a beautiful, cross-platform & open-source HTTP(S) debugging proxy, analyzer & client, with built-in support for modern tools and automatic interception for clients from Docker to Android to iOS.

    48 HTTP Toolkit alternatives

    License model

    • FreemiumOpen Source

    Application types

    Country of Origin

    • ES flagSpain
    • European Union flagEU

    Platforms

    • Mac
    • Windows
    • Linux
    • Android
    • iPhone
    • Docker

    Properties

    1.  Lightweight

    Features

    1.  HTTP(S) Debugging
    2.  One click interception
    3.  Debugging
    4.  HTTP mocking
    5.  Ad-free
    6.  Requests monitoring
    7.  Penetration Testing
    8.  Performance analysis
    9.  Built in docs
    10.  HTTPS Support
    11.  OpenAPI integration
    12.  No registration required

    HTTP Toolkit VS Burp Suite

     
    • HTTP Toolkit is the most popular Android & iPhone alternative to Burp Suite.

    • HTTP Toolkit is Freemium and Open SourceBurp Suite is Freemium and Proprietary
    • HTTP Toolkit is LightweightBurp Suite is not according to our users
  5. w3af icon
     15 likes
    Copy a direct link to this comment to your clipboard

    w3af is a Web Application Attack and Audit Framework.

    License model

    • FreeOpen Source

    Country of Origin

    • US flagUnited States

    Platforms

    • Windows
    • Linux

    w3af VS Burp Suite

     
  6. nuclei icon
     1 like
    Copy a direct link to this comment to your clipboard

    Nuclei is used to send requests across targets based on a template, leading to zero false positives and providing fast scanning on a large number of hosts. Nuclei offers scanning for a variety of protocols, including TCP, DNS, HTTP, SSL, File, Whois, Websocket, Headless etc.

    21 nuclei alternatives

    License model

    • FreeOpen Source

    Application type

    Country of Origin

    • US flagUnited States

    Platforms

    • Mac
    • Windows
    • Linux

    nuclei Features

    1.  Vulnerability Assessment

    nuclei VS Burp Suite

     
  7. Tamper Data icon
     4 likes
    Copy a direct link to this comment to your clipboard

    Firefox add-on that lets you change headers and request parameters before they're sent to the server. Unlike proxy request modifiers, it's integrated into the browser, so it has no problem with HTTPS connections, client authentication certificates, or other features that...

    8 Tamper Data alternatives

    License model

    • FreeOpen Source

    Application type

    Country of Origin

    • GB flagUnited Kingdom

    Platforms

    • Mac
    • Windows
    • Linux
    • Firefox
    Discontinued

    The extension is no longer developed since 2010 and it's not compatible with Firefox 57 and later. It still works on XUL-based Firefox forks like Waterfox icon Waterfox and Pale Moon icon Pale Moon

    Tamper Data Features

    1.  Legacy Firefox Addon

    Tamper Data VS Burp Suite

     
7 of 7 Burp Suite alternatives