A place to store my own wordlists, and link to others that are useful
☆108Nov 15, 2023Updated 2 years ago
Alternatives and similar repositories for wordlists
Users that are interested in wordlists are comparing it to the libraries listed below
Sorting:
- An hourly updated list of subdomains gathered from certificate transparency logs☆349Oct 13, 2021Updated 4 years ago
- ☆44Apr 30, 2021Updated 4 years ago
- Easy Fast recon script☆30Sep 15, 2019Updated 6 years ago
- CollabOzark is a simple tool which helps the researchers track SSRF, RCE, Blind XSS, XXE, External Resource Access payloads triggers.☆135Sep 25, 2019Updated 6 years ago
- SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibil…☆155Aug 21, 2020Updated 5 years ago
- Auto Recon Bash Script☆31Dec 31, 2024Updated last year
- Extract SSL certificate data (Subject Name, Subject Alt Names, Organisation)☆42Nov 10, 2025Updated 3 months ago
- A tool which scrapes public github repositories for common naming conventions in variables, folders and files☆296Jun 3, 2024Updated last year
- A Burp Suite content discovery plugin that add the smart into the Buster!☆32Jan 22, 2018Updated 8 years ago
- Tool for checking reflecting Parameters in a URL.☆10Aug 31, 2020Updated 5 years ago
- ☆38Aug 12, 2020Updated 5 years ago
- AWS S3 Bucket Finder.☆14Oct 28, 2025Updated 3 months ago
- Extract relative urls from a heap snapshot☆87May 30, 2021Updated 4 years ago
- Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load☆297Sep 22, 2024Updated last year
- Various Payload wordlists☆240Apr 26, 2025Updated 10 months ago
- VyAPI - A cloud based vulnerable hybrid Android App☆86Feb 21, 2020Updated 6 years ago
- A highly configurable Framework for easy automated web scanning☆381Jul 13, 2020Updated 5 years ago
- OSINT scanning tool which discovers and maps directories found in javascript files hosted on a website.☆229Feb 24, 2019Updated 7 years ago
- ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight☆220Apr 10, 2022Updated 3 years ago
- Generate wordlists for fuzzing API method names☆55Oct 16, 2020Updated 5 years ago
- A simple tool that aims to efficiently and quickly parse the outputs of web scraping tools like gau☆12Jun 28, 2021Updated 4 years ago
- ☆105Oct 18, 2020Updated 5 years ago
- Fuzzing Payloads to Assist in Web Application Testing.☆166Jun 6, 2019Updated 6 years ago
- Burp Suite extension to discover assets from HTTP response.☆232Jan 22, 2025Updated last year
- Burp extension that checks application requests and responses for indicators of vulnerability or targets for attack☆41Dec 23, 2022Updated 3 years ago
- ☆24Jan 26, 2021Updated 5 years ago
- Hidden parameters discovery suite☆224Nov 14, 2022Updated 3 years ago
- Bucky (An automatic S3 bucket discovery tool)☆198Jan 6, 2022Updated 4 years ago
- HTTP parameter discovery suite.☆93Apr 16, 2020Updated 5 years ago
- DupeKeyInjector☆134Apr 16, 2022Updated 3 years ago
- ☆73Nov 5, 2018Updated 7 years ago
- eternalrelayx☆36Jul 10, 2019Updated 6 years ago
- A server vulnerable to XXE that can be used to test payloads using the xxer tool.☆26Mar 29, 2018Updated 7 years ago
- PwnFox is a Firefox/Burp extension that provide usefull tools for your security audit.☆1,291Aug 7, 2024Updated last year
- A script to automatically list visually indistinguishable permutations of domain names using IDN and punycode.☆21May 29, 2017Updated 8 years ago
- secretz, minimizing the large attack surface of Travis CI☆324May 30, 2022Updated 3 years ago
- Tool to find JavaScript files on Websites☆526Nov 2, 2023Updated 2 years ago
- Tool for making it easy to collect dns results from the CLI☆40Aug 14, 2024Updated last year
- It contain google dork to find the wsdl file.☆13May 27, 2020Updated 5 years ago