A place to store my own wordlists, and link to others that are useful
☆108Nov 15, 2023Updated 2 years ago
Alternatives and similar repositories for wordlists
Users that are interested in wordlists are comparing it to the libraries listed below
Sorting:
- ☆44Apr 30, 2021Updated 4 years ago
- Easy Fast recon script☆30Sep 15, 2019Updated 6 years ago
- CollabOzark is a simple tool which helps the researchers track SSRF, RCE, Blind XSS, XXE, External Resource Access payloads triggers.☆136Sep 25, 2019Updated 6 years ago
- An hourly updated list of subdomains gathered from certificate transparency logs☆349Oct 13, 2021Updated 4 years ago
- Auto Recon Bash Script☆31Dec 31, 2024Updated last year
- Tool for checking reflecting Parameters in a URL.☆10Aug 31, 2020Updated 5 years ago
- Cobalt Strike Aggressor script menu for Powerview/SharpView☆28May 8, 2019Updated 6 years ago
- Feed it a list of subdomains, it will resolve them and tell you which ones are internal☆93Nov 21, 2021Updated 4 years ago
- AWS S3 Bucket Finder.☆14Oct 28, 2025Updated 4 months ago
- eternalrelayx☆36Jul 10, 2019Updated 6 years ago
- A Burp Suite content discovery plugin that add the smart into the Buster!☆32Jan 22, 2018Updated 8 years ago
- A tool which scrapes public github repositories for common naming conventions in variables, folders and files☆296Jun 3, 2024Updated last year
- A simple tool that aims to efficiently and quickly parse the outputs of web scraping tools like gau☆12Jun 28, 2021Updated 4 years ago
- Extract SSL certificate data (Subject Name, Subject Alt Names, Organisation)☆42Nov 10, 2025Updated 4 months ago
- Generate wordlists for fuzzing API method names☆55Oct 16, 2020Updated 5 years ago
- OSINT scanning tool which discovers and maps directories found in javascript files hosted on a website.☆228Feb 24, 2019Updated 7 years ago
- Extract relative urls from a heap snapshot☆87May 30, 2021Updated 4 years ago
- SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibil…☆156Aug 21, 2020Updated 5 years ago
- Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load☆296Sep 22, 2024Updated last year
- A server vulnerable to XXE that can be used to test payloads using the xxer tool.☆26Mar 29, 2018Updated 7 years ago
- Various Payload wordlists☆240Apr 26, 2025Updated 10 months ago
- Burp Suite extension to discover assets from HTTP response.☆232Jan 22, 2025Updated last year
- Hidden parameters discovery suite☆224Nov 14, 2022Updated 3 years ago
- Burp Suite plugin to copy regex matches from selected requests and/or responses to the clipboard.☆34Feb 12, 2022Updated 4 years ago
- Saves pages to Wayback machine☆12Dec 2, 2024Updated last year
- A highly configurable Framework for easy automated web scanning☆382Jul 13, 2020Updated 5 years ago
- Tool for making it easy to collect dns results from the CLI☆40Aug 14, 2024Updated last year
- XSS Hunter Burp Plugin☆151Aug 31, 2018Updated 7 years ago
- A tool to bruteforce nameservers when working with subdomain delegations to AWS.☆58Aug 22, 2019Updated 6 years ago
- Fuzzing Payloads to Assist in Web Application Testing.☆166Jun 6, 2019Updated 6 years ago
- ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight☆220Apr 10, 2022Updated 3 years ago
- Bucky (An automatic S3 bucket discovery tool)☆198Jan 6, 2022Updated 4 years ago
- secretz, minimizing the large attack surface of Travis CI☆324May 30, 2022Updated 3 years ago
- DupeKeyInjector☆134Apr 16, 2022Updated 3 years ago
- Simple XXE test suite generated specifically for SAML interfaces☆23May 18, 2018Updated 7 years ago
- ☆38Aug 12, 2020Updated 5 years ago
- HTTP parameter discovery suite.☆93Apr 16, 2020Updated 5 years ago
- ☆131Dec 15, 2020Updated 5 years ago
- A tool for append URLs, skipping duplicates/paths & combine parameters.☆128Mar 2, 2022Updated 4 years ago