JFOZ1010

JFOZ1010 / repshot

Public

RepShot ยท Generate professional security finding cards directly from Burp Suite Repeater.

31
3
100% credibility
Found May 30, 2026 at 32 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Java
AI Summary

RepShot is a tool that works inside Burp Suite, the popular software that security researchers use to test web applications. When you find a security issue like SQL injection or cross-site scripting, instead of manually taking screenshots, drawing boxes around evidence, and writing the same business impact descriptions over and over, RepShot handles all of that for you. You pick your vulnerability type, scroll to the exact part of the request or response you want to show, capture it, add red annotation boxes if needed, and export a polished, professional-looking card that's ready to paste into reports or share on social media. It saves penetration testers and bug bounty hunters hours of repetitive documentation work.

How It Works

1
๐Ÿ” You find a vulnerability

While testing a web application, you discover something like SQL injection or XSS that needs to be documented.

2
๐Ÿ“ธ Send it to RepShot

You right-click on the request and choose 'Send to RepShot' to open the documentation panel.

3
โœ๏ธ Fill in the details

You pick the vulnerability type from a dropdown and the business impact fills in automatically, saving you from repetitive writing.

4
๐ŸŽฏ Capture exactly what matters

You scroll to the exact line showing the vulnerability, then click Capture to grab that viewport โ€” no more messy screenshots.

5
๐Ÿ”ด Draw attention to key evidence

You optionally draw red boxes around the critical parts like the payload or the error response to make it crystal clear.

6
๐Ÿ‘€ Preview before saving

You click Preview to see how your card will look, making sure everything looks professional before exporting.

๐ŸŽ‰ Your finding card is ready

You export a beautiful HD card that looks great in reports, on LinkedIn, or wherever you need to share your finding.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 32 to 31 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is repshot?

RepShot is a Burp Suite extension written in Java that transforms your security findings into polished, shareable PNG cards directly from the Repeater tab. Instead of screenshots, Flameshot annotations, and copy-pasting impact descriptions, you right-click a request, fill in a few fields, and export a 2400px HD card ready for reports or LinkedIn. The extension captures exactly what you see on screen, lets you draw red annotation boxes over payloads, and auto-fills business impact descriptions for 30 vulnerability types including SQL injection, XSS, SSRF, and IDOR. It renders HTTP, JSON, and XML with syntax highlighting and includes a search function for digging through large responses.

Why is it gaining traction?

Pentesters and bug bounty hunters spend hours doing documentation work that has nothing to do with hacking. RepShot eliminates that friction entirely by keeping everything inside Burp Suite. The auto-populated impact templates are written in plain business language rather than jargon, so you get consistent, professional-sounding descriptions without repeatedly typing "An attacker could exploit this to..." The dark-themed cards look good in technical reports and social posts alike, solving the problem of raw terminal dumps that plague security content.

Who should use this?

Penetration testers documenting findings for client reports will save the most time, especially those running engagements with 10-20 vulnerabilities. Bug bounty hunters who share findings publicly or on social platforms will appreciate the quick path from confirmed finding to shareable card. Application security engineers doing assessments can use it to maintain a consistent output format across engagements.

Verdict

RepShot solves a genuine problem with a clean implementation, but with only 31 stars and a 1.0% credibility score, it is very early-stage software with limited community validation. The documentation is solid and the feature set is complete for its stated purpose, but there is no visible test coverage and the project has not yet proven itself under heavy use across diverse environments. Try it if you want to streamline your finding workflow, but treat it as an emerging tool rather than a mature utility.

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.