Alternatives and similar repositories for firepwn-tool

Users that are interested in firepwn-tool are comparing it to the libraries listed below

• denandz / sourcemapper
  Extract JavaScript source trees from Sourcemap files
  ☆1,273Updated last year
• nikitastupin / clairvoyance
  Obtain GraphQL API schema even if the introspection is disabled
  ☆1,370Updated last month
• indianajson / can-i-take-over-dns
  "Can I take over DNS?" — a list of DNS providers and how to claim vulnerable domains.
  ☆1,080Updated 10 months ago
• iosiro / baserunner
  A tool for exploring Firebase datastores.
  ☆237Updated 6 months ago
• kevin-mizu / domloggerpp
  A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.
  ☆746Updated last month
• vmfunc / sif
  the blazing-fast pentesting suite.
  ☆311Updated 2 weeks ago
• narfindustries / http-garden
  Differential testing framework for HTTP implementations
  ☆919Updated last week
• iangcarroll / cookiemonster
  🍪 CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.
  ☆961Updated last year
• trufflesecurity / xsshunter
  ☆536Updated 2 months ago
• trufflesecurity / Trufflehog-Chrome-Extension
  ☆419Updated 4 years ago
• Escape-Technologies / graphql-wordlist
  The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.
  ☆458Updated 2 years ago
• s0md3v / wappalyzer-next
  wappalyzer alternative based on wappalyzer browser extension
  ☆305Updated last month
• c3l3si4n / pugdns
  An experimental high-performance DNS query bruteforce tool built with AF_XDP for extremely fast and accurate bulk DNS lookups.
  ☆246Updated 6 months ago
• francisconeves97 / jxscout
  jxscout superpowers JavaScript analysis for security researchers
  ☆355Updated 4 months ago
• google / protobuf-extensibility-for-burp
  ☆88Updated last year
• swoops / eval_villain
  A Firefox Web Extension to improve the discovery of DOM XSS.
  ☆286Updated last year
• davtur19 / DotGit
  An extension for checking if .git is exposed in visited websites
  ☆468Updated 5 months ago
• ddd / req2proto
  Tool for reversing Google internal protobuf definitions
  ☆164Updated 8 months ago
• renniepak / CSPBypass
  CSPBypass.com, a tool designed to help ethical hackers bypass restrictive Content Security Policies (CSP) and exploit XSS (Cross-Site Scr…
  ☆543Updated 2 weeks ago
• BishopFox / jsluice
  Extract URLs, paths, secrets, and other interesting bits from JavaScript
  ☆1,716Updated last year
• dolevf / graphw00f
  graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology…
  ☆796Updated 7 months ago
• iustin24 / chameleon
  ☆383Updated 2 years ago
• hackvertor / blind-css-exfiltration
  ☆123Updated 2 years ago
• g0ldencybersec / gungnir
  CT Log Scanner
  ☆509Updated last month
• kevin-mizu / GMSGadget
  This repository is a collection of JavaScript gadgets that can be used to bypass XSS mitigations such as Content Security Policy (CSP) an…
  ☆126Updated 3 months ago
• google / bughunters
  ☆155Updated 2 weeks ago
• lachlan2k / React2Shell-CVE-2025-55182-original-poc
  Original Proof-of-Concepts for React2Shell CVE-2025-55182
  ☆1,008Updated last month
• intruder-io / guidtool
  A tool to inspect and attack version 1 GUIDs
  ☆239Updated 3 years ago
• resyncgg / ripgen
  Rust-based high performance domain permutation generator.
  ☆296Updated 2 years ago
• ozguralp / gmapsapiscanner
  ☆1,110Updated 3 weeks ago