PhoenixBox door 0xR3Db0Mb

PhoenixBox helps security professionals isolate penetration testing and bug bounty sessions using color-coded containers. Full session isolation, per-container proxy routing, optional Burp Suite request highlighting, User-Agent spoofing, and endpoint extraction — all in one extension.

Session isolation
Run multiple browser identities side-by-side without session collisions. Each container has its own cookies, storage, and sessions. Assign sites to containers so targets always open in the right context.

Proxy and optional Burp integration
Route all traffic through a global proxy or set different proxies per container. Supports HTTP, HTTPS, SOCKS4, and SOCKS5. Save proxy presets and switch with one click.
Optionally enable "Paint the Burp" to color-tag requests in Burp Suite HTTP history by container. To use Burp highlighting, download PhoenixBoxHighlighter.jar from the GitHub (https://github.com/avihayf/PhoenixBox) release page and load it into Burp Suite Extensions.
The companion extension strips the color tag before forwarding requests to targets.

Endpoint extraction
Scan any page to extract API endpoints and URL paths from its HTML and inline scripts. Results are displayed in a dedicated view with search filtering, alphabetical or depth-based sorting, and one-click copy. Useful for quickly mapping an application's attack surface during reconnaissance.

User-Agent spoofing
Override the User-Agent globally or per container using real browser UA strings. Pick from a live top-100 list (desktop/mobile), paste a custom string, or save presets for quick switching. Useful for testing mobile paths, browser-specific logic, and fingerprint-based behavior.

Customizable UI
Dark/light themes and a fully adjustable accent color.

No telemetry. No data collection.

Open source — MPL-2.0 | GitHub: https://github.com/avihayf/PhoenixBox