Searches Burp Suite .burp project files for security analysis by extracting audit items, proxy history, response headers, or response bodies matching a given pattern.
How this command is triggered — by the user, by Claude, or both
Slash command
/burpsuite-project-parser:burp-search <burp-file> [operation]This command is limited to the following tools:
The summary Claude sees in its command listing — used to decide when to auto-load this command
# Search Burp Suite Project Files **Arguments:** $ARGUMENTS Parse arguments: 1. **Burp file** (required): Path to .burp project file 2. **Operation** (optional): `auditItems`, `proxyHistory.*`, `responseHeader='...'`, `responseBody='...'` Invoke the `burpsuite-project-parser` skill with these arguments for the full workflow.
Arguments: $ARGUMENTS
Parse arguments:
auditItems, proxyHistory.*, responseHeader='...', responseBody='...'Invoke the burpsuite-project-parser skill with these arguments for the full workflow.
npx claudepluginhub michelabboud/trailofbits-skills --plugin burpsuite-project-parser12plugins reuse this command
First indexed Jan 29, 2026
Showing the 6 earliest of 12 plugins
/burp-searchSearches Burp Suite .burp project files for security analysis by extracting audit items, proxy history, response headers, or response bodies matching a given pattern.
/security-scanRuns a full static security audit on a file or directory, reporting exploitable vulnerabilities with severity, CWE, and remediation snippets.
/pickupResumes a previous bug bounty hunt on a target — shows hunt history, untested endpoints, and memory-informed technique suggestions.
/scanPerforms a comprehensive security audit — detects vulnerabilities, scans dependencies, checks OWASP Top 10, and generates a structured severity report. Also supports targeted scans (deps, headers, auth).
/scan-privacyScans project files for privacy-related issues, detecting hardcoded secrets, PII exposure, and tracking code. Produces a privacy risk report with severity levels.
/kasi-securityRuns security audit on project codebase: detects stack (PHP/Node/Python/etc.), loads checklist, scans files for SQLi/XSS/CSRF/auth bypass/etc., outputs prioritized findings with confidence labels.