🕵️ Python project to crawl for JavaScript files and search for secrets like API keys, authorization tokens, hardcoded credentials, etc.
☆428May 15, 2025Updated 9 months ago
Alternatives and similar repositories for Pinkerton
Users that are interested in Pinkerton are comparing it to the libraries listed below
Sorting:
- 😹 Python project to bruteforce Apache Tomcat manager login with known-default credentials☆99Mar 12, 2024Updated last year
- Jeeves SQLI Finder☆215May 13, 2022Updated 3 years ago
- A Powerful Sensor Tool to discover login panels, and POST Form SQLi Scanning☆523Jul 5, 2023Updated 2 years ago
- 📲 Apepe is a project developed to help to capture informations from a Android app through his APK file. It can be used to extract the co…☆140Oct 15, 2025Updated 4 months ago
- A python tool used to discover endpoints, potential parameters, a target specific wordlist for a given target and secrets☆1,529Jan 15, 2026Updated last month
- User-Agent , X-Forwarded-For and Referer SQLI Fuzzer☆382May 19, 2023Updated 2 years ago
- declutters url lists for crawling/pentesting☆1,531Feb 23, 2025Updated last year
- 🦁 Python project to identify and scan for vulnerabilities related to the Joomla CMS project. It scans for common misconfigurations and p…☆172May 2, 2024Updated last year
- Find subdomains on GitLab.☆107Apr 28, 2024Updated last year
- bypass-url-parser☆1,115Updated this week
- 「🔑」A tool used to hunt down API key leaks in JS files and pages☆853Sep 4, 2025Updated 5 months ago
- Filter and enrich a list of subdomains by level☆210Sep 25, 2023Updated 2 years ago
- Made your bugbounty subdomains reconnaissance easier with Hunt3r the web application reconnaissance framework☆169Feb 4, 2023Updated 3 years ago
- Automated Tool for Testing Header Based Blind SQL Injection☆323Jul 23, 2023Updated 2 years ago
- Prototype pollution scanner using headless chrome☆218Jul 27, 2022Updated 3 years ago
- Advanced Time-based Blind SQL Injection fuzzer for HTTP Headers☆311Mar 31, 2024Updated last year
- A lightweight tool for orchestrating and organizing your bug hunting recon / pentesting command-line workflows☆300Sep 8, 2023Updated 2 years ago
- A replacement of "qsreplace", accepts URLs as standard input, replaces all query string values with user-supplied values and stdout.☆109Mar 1, 2022Updated 4 years ago
- Finding XSS during recon☆273Sep 13, 2022Updated 3 years ago
- Collect XSS vulnerable parameters from entire domain.☆155Jul 29, 2022Updated 3 years ago
- This is a python wrapper around the amazing KNOXSS API by Brute Logic☆280Jan 12, 2026Updated last month
- A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues☆374Jul 25, 2023Updated 2 years ago
- Find endpoints on GitHub.☆214Mar 28, 2023Updated 2 years ago
- Subdomains analysis and generation tool. Reveal the hidden!☆244Jun 8, 2025Updated 8 months ago
- Make URL path combinations using a wordlist☆169Sep 25, 2023Updated 2 years ago
- moniorg is a tool that leverages crt.sh website to monitor domains of a target☆47Apr 1, 2023Updated 2 years ago
- Fast and customizable vulnerability scanner For JIRA written in Python☆344Dec 31, 2024Updated last year
- Simple python script supported with BurpBouty profile that helps you to detect SQL injection "Error based" by sending multiple requests w…☆632Feb 22, 2026Updated last week
- BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for c…☆438Dec 30, 2025Updated 2 months ago
- Generate tens of thousands of subdomain combinations in a matter of seconds☆273Sep 25, 2023Updated 2 years ago
- Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan, VirusTotal, GhostArchive & Intelligence X!☆2,543Feb 7, 2026Updated 3 weeks ago
- An XSS exploitation command-line interface and payload generator.☆1,414Jan 19, 2025Updated last year
- Discover hidden debugging parameters and uncover web application secrets☆247Feb 4, 2026Updated 3 weeks ago
- Find authentication (authn) and authorization (authz) security bugs in web application routes.☆281Sep 11, 2025Updated 5 months ago
- Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist☆1,497Jan 8, 2026Updated last month
- A repository that includes all the important wordlists used while bug hunting.☆1,379Mar 11, 2023Updated 2 years ago
- 🏴☠️ Find dead-links (broken links)☆167Updated this week
- De-clutter a list of URLs☆386Feb 3, 2026Updated last month
- Community curated list of nuclei templates for finding "unknown" security vulnerabilities.☆89May 2, 2024Updated last year