Burp extension to create target specific and tailored wordlist from burp history.
☆256Dec 8, 2021Updated 4 years ago
Alternatives and similar repositories for Scavenger
Users that are interested in Scavenger are comparing it to the libraries listed below
Sorting:
- Quickly generate context-specific wordlists for content discovery from lists of URLs or paths☆238May 4, 2022Updated 3 years ago
- ☆66Nov 29, 2022Updated 3 years ago
- A python tool used to discover endpoints, potential parameters, a target specific wordlist for a given target and secrets☆1,529Jan 15, 2026Updated last month
- Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist☆1,500Jan 8, 2026Updated last month
- A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.☆184Nov 22, 2021Updated 4 years ago
- Extract JavaScript files from burp suite project with ease.☆98Feb 19, 2022Updated 4 years ago
- BugBounty , sort and delete duplicates param value without missing original value☆22Jul 31, 2021Updated 4 years ago
- Hidden parameters discovery suite☆224Nov 14, 2022Updated 3 years ago
- IIS shortname scanner + bruteforce☆55Feb 18, 2024Updated 2 years ago
- Rust-based high performance domain permutation generator.☆299Dec 2, 2023Updated 2 years ago
- a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …☆49Apr 25, 2022Updated 3 years ago
- Generate tens of thousands of subdomain combinations in a matter of seconds☆273Sep 25, 2023Updated 2 years ago
- Unofficial documentation for the great tool Param Miner☆183Aug 21, 2022Updated 3 years ago
- GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep☆1,401Sep 13, 2024Updated last year
- A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..e…☆1,024Feb 22, 2026Updated last week
- ☆148Dec 23, 2022Updated 3 years ago
- Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one pl…☆1,039Aug 23, 2025Updated 6 months ago
- Burp Scanner extension to fingerprint and actively scan instances of the Adobe Experience Manager CMS. It checks the website for common m…☆75Mar 22, 2024Updated last year
- Parse source code directories and output list of URLs that are then sent through a proxy.☆157Apr 30, 2022Updated 3 years ago
- bypass-url-parser☆1,115Updated this week
- Burp Suite Extension useful to verify OAUTHv2 and OpenID security☆176Oct 26, 2024Updated last year
- A Burp Suite extension to extract datas from source code while browsing.☆160Mar 20, 2024Updated last year
- ☆436Jun 1, 2021Updated 4 years ago
- Burp Extension for easily creating Wordlists☆215Oct 5, 2021Updated 4 years ago
- Gotator is a tool to generate DNS wordlists through permutations.☆506Jul 17, 2022Updated 3 years ago
- Secret and/or credential patterns used for gf.☆243Feb 10, 2023Updated 3 years ago
- Easily schedule commands to run multiple times at set intervals (like a cronjob, but with one command)☆84Apr 5, 2021Updated 4 years ago
- Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan, VirusTotal, GhostArchive & Intelligence X!☆2,552Updated this week
- gup aka Get All Urls parameters to create wordlists for brute forcing parameters.☆18Dec 4, 2021Updated 4 years ago
- Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!☆978Jan 12, 2024Updated 2 years ago
- This is a Burp Suite extension that allows users to easily add web addresses to the Burp Suite scope.☆97Jan 2, 2025Updated last year
- Feed it a list of subdomains, it will resolve them and tell you which ones are internal☆93Nov 21, 2021Updated 4 years ago
- ☆380May 17, 2023Updated 2 years ago
- A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.☆519Jun 22, 2022Updated 3 years ago
- ☆756Jun 26, 2024Updated last year
- declutters url lists for crawling/pentesting☆1,531Feb 23, 2025Updated last year
- Magic Header Blind Xss tool (deliver blind xss payloads in request headers).☆25May 30, 2021Updated 4 years ago
- WILSON Cloud Respwnder is a Web Interaction Logger Sending Out Notifications with the ability to serve custom content in order to appropr…☆50Feb 27, 2026Updated last week
- Useful "Match and Replace" burpsuite rules☆365Sep 26, 2023Updated 2 years ago