0xKayala/ParamSpider

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/0xKayala/ParamSpider)

0xKayala / ParamSpider

Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing

☆161

Alternatives and similar repositories for ParamSpider

Users that are interested in ParamSpider are comparing it to the libraries listed below

Sorting:

0xKayala / NucleiFuzzer
View on GitHub
NucleiFuzzer is a robust automation tool that efficiently detects web application vulnerabilities, including XSS, SQLi, SSRF, and Open Re…
☆1,823Aug 20, 2025Updated 6 months ago
0xKayala / OpenRedirector
View on GitHub
OpenRedirector is a powerful automation tool for detecting Open Redirect vulnerabilities in web applications
☆17Oct 30, 2025Updated 4 months ago
rootbakar / XSS-Payload
View on GitHub
XSS Payload Cheat Sheet
☆11Sep 1, 2024Updated last year
projectdiscovery / fuzzing-templates
View on GitHub
Community curated list of nuclei templates for finding "unknown" security vulnerabilities.
☆89May 2, 2024Updated last year
0xKayala / NucleiScanner
View on GitHub
NucleiScanner is a Powerful Automation tool for detecting Unknown Vulnerabilities in the Web Applications
☆341Mar 26, 2025Updated 11 months ago
Emoe / kxss
View on GitHub
This a adaption of tomnomnom's kxss tool with a different output format
☆516Sep 27, 2023Updated 2 years ago
hktalent / bug-bounty
View on GitHub
bounty collection
☆41Sep 1, 2024Updated last year
0xKayala / fuzzing-templates
View on GitHub
Community curated list of nuclei templates for finding "unknown" security vulnerabilities.
☆37Jul 27, 2025Updated 7 months ago
burgerhalva / All-in-Fuzzer
View on GitHub
All-in Fuzzer. Burp suite extension for auto fuzzing params, headers, body
☆36Dec 13, 2025Updated 2 months ago
devanshbatham / ParamSpider
View on GitHub
Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
☆3,010Jun 24, 2024Updated last year
JoshMorrison99 / isXSS-Burp
View on GitHub
Passively check for XSS character encodings
☆18Feb 7, 2026Updated 3 weeks ago
itsmenaga / Nuclei-Templates-All
View on GitHub
☆29May 22, 2024Updated last year
PortSwigger / encode-ip
View on GitHub
Burp Suite extension to encode an IP address focused to bypass application IP / domain blacklist.
☆11Sep 22, 2023Updated 2 years ago
RikunjSindhwad / Task-Ninja-Workflows
View on GitHub
This repository has workflows created for https://github.com/RikunjSindhwad/Task-Ninja
☆24Aug 14, 2025Updated 6 months ago
ifconfig-me / JScripter
View on GitHub
JScripter is a Python script designed to scrape and save unique JavaScript files from a list of URLs or a single URL.
☆29Nov 26, 2024Updated last year
emadshanab / Bug-Bounty-Tips-Collection
View on GitHub
A collection of Bug Bounty Tips collected from GitHub to all bug bounty hunters
☆29Dec 12, 2023Updated 2 years ago
h1pmnh / h1reports
View on GitHub
A tool which allows HackerOne researchers to download their reports into a local, indexed, and searchable repository
☆19Sep 29, 2022Updated 3 years ago
kh4sh3i / Bug-Hunting-Handbook
View on GitHub
Bug Hunting Handbook
☆11Aug 11, 2022Updated 3 years ago
TheKingOfDuck / RCEFuzzer
View on GitHub
一个以fuzz为中心思想的被动扫描工具
☆161Dec 26, 2023Updated 2 years ago
HernanRodriguez1 / ScanReflectedSSTI
View on GitHub
Template Nuclei SSTI
☆34Nov 18, 2025Updated 3 months ago
projectdiscovery / alterx
View on GitHub
Fast and customizable subdomain wordlist generator using DSL
☆928Feb 5, 2026Updated 3 weeks ago
lc / gau
View on GitHub
Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
☆4,837Jan 1, 2025Updated last year
PushkraJ99 / ParamSpider
View on GitHub
Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
☆34Aug 21, 2024Updated last year
BishopFox / jsluice
View on GitHub
Extract URLs, paths, secrets, and other interesting bits from JavaScript
☆1,771May 22, 2024Updated last year
tomnomnom / gf
View on GitHub
A wrapper around grep, to help you grep for things
☆2,078Jun 8, 2024Updated last year
danialhalo / SqliSniper
View on GitHub
Advanced Time-based Blind SQL Injection fuzzer for HTTP Headers
☆311Mar 31, 2024Updated last year
ImAyrix / fallparams
View on GitHub
Find All Parameters - Tool to crawl pages, find potential parameters and generate a custom target parameter wordlist
☆416Aug 25, 2024Updated last year
darkfiv / QaFuzz
View on GitHub
☆44Jun 28, 2025Updated 8 months ago
ViktorMares / ultimate_discovery
View on GitHub
Ultimate Wordlist for Web Content Discovery
☆68Apr 28, 2025Updated 10 months ago
bitquark / shortscan
View on GitHub
An IIS short filename enumeration tool
☆1,123Nov 25, 2024Updated last year
ifacker / WIHscan
View on GitHub
ARL 灯塔的 WIH 利用
☆32Jul 2, 2024Updated last year
xnl-h4ck3r / knoxnl
View on GitHub
This is a python wrapper around the amazing KNOXSS API by Brute Logic
☆280Jan 12, 2026Updated last month
Anof-cyber / ParaForge
View on GitHub
A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing
☆142Jun 27, 2023Updated 2 years ago
khyatiparekh / API-Fuzzer
View on GitHub
☆12Jan 30, 2025Updated last year
yhy0 / Jie
View on GitHub
Jie stands out as a comprehensive security assessment and exploitation tool meticulously crafted for web applications. Its robust suite o…
☆614Jul 5, 2024Updated last year
Ciyfly / sucker
View on GitHub
对任意http网站添加指定漏洞目前实现部分漏洞的追加支持本身http服务支持反向代理追加
☆28Oct 8, 2022Updated 3 years ago
r0oth3x49 / ghauri
View on GitHub
An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws
☆3,925Oct 4, 2025Updated 4 months ago
ameenmaali / urldedupe
View on GitHub
Pass in a list of URLs with query strings, get back a unique list of URLs and query string combinations
☆394Jun 17, 2020Updated 5 years ago
s0md3v / uro
View on GitHub
declutters url lists for crawling/pentesting
☆1,531Feb 23, 2025Updated last year