Alternatives and similar repositories for sub-domain-takeover

Users that are interested in sub-domain-takeover are comparing it to the libraries listed below

• roottusk / xforwardy
  Host Header Injection Scanner
  ☆46Updated 4 years ago
• kleiton0x00 / CRLF-one-liner
  A simple Bash one liner with aim to automate CRLF vulnerability scanning.
  ☆69Updated 5 years ago
• dwisiswant0 / nuclei-templates-dir
  Nuclei Templates Directory
  ☆52Updated 2 weeks ago
• mzfr / takeover
  A tool for testing subdomain takeover possibilities at a mass scale.
  ☆49Updated 4 years ago
• Dheerajmadhukar / subzzZ
  SubzzZ to find possible subdomains using passive recon. Tool also support Permutations, Mutations, Alterations.
  ☆38Updated 4 years ago
• Dheerajmadhukar / karma_v1
  KARMA is a simple bash script automation that can hit Shodan Premium API and find active IPs, ASN, Common Vulnerabilities, CVEs & Open Po…
  ☆59Updated 3 years ago
• xElkomy / Workflow-Bug-Bounty
  My Tools For Bug Bounty
  ☆66Updated 11 months ago
• duckstroms / xss-reflector
  XSS reflector vulnerabilities exploitation extended.
  ☆27Updated 4 years ago
• SaadAhmedx / Subdomain-Takeover
  ☆59Updated 2 years ago
• KingOfBugbounty / SecretFinder
  SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files
  ☆35Updated 4 years ago
• hahwul / gitls
  🖇 Enumerate git repository URL from list of URL / User / Org. Friendly to pipeline
  ☆59Updated 9 months ago
• Josue87 / roboxtractor
  Extract endpoints marked as disallow in robots files to generate wordlists.
  ☆59Updated 3 years ago
• yehgdotnet / data-payloads
  Some useful test data or payloads
  ☆22Updated 3 years ago
• emadshanab / 971-MB-content_discovery_wordlist
  Collection of content discovery wordlists in one wordlist.
  ☆38Updated 3 years ago
• dwisiswant0 / bounty-targets-alert
  It's an watcher for new scopes added to bounty-targets-data and send you alert to Slack.
  ☆59Updated 3 years ago
• AdmiralGaust / bountyReconV2
  Framework to automate Bug Bounty Reconnaissance
  ☆44Updated 4 years ago
• six2dez / degoogle_hunter
  Simple fork from degoogle original project with bug hunting purposes
  ☆89Updated 3 years ago
• Mad-robot / wordpress-exploits
  All known and unknown public POC's for wordpress themes and plugins
  ☆78Updated 4 years ago
• InitRoot / BurpSQLTruncSanner
  Messy BurpSuite plugin for SQL Truncation vulnerabilities.
  ☆63Updated 5 years ago
• System00-Security / findbbprograms
  Check if domain has bug bounty program or not
  ☆28Updated 2 years ago
• gwen001 / bxss
  Alternative to XSS Hunter for blind XSS.
  ☆51Updated 2 years ago
• OdinF13 / Bug-Bounty-Scripts
  Script for Bug Bounty
  ☆29Updated 3 years ago
• devpwn / xmlrpc-scan
  golang tool to scan domains or single domains with know security issues against xmlrpc
  ☆62Updated last year
• z3dc0ps / 0x0p1n3r
  0x0p1n3r is set of combination of other tools and one line scripts to find subdomains easily and to check subdomain takeover
  ☆57Updated 4 years ago
• ryandamour / crlfmap
  CRLFMap is a tool to find HTTP Splitting vulnerabilities
  ☆33Updated 4 years ago
• hakluke / hakfindinternaldomains
  Feed it a list of subdomains, it will resolve them and tell you which ones are internal
  ☆91Updated 3 years ago
• 0xsapra / fuzzparam
  ☆62Updated 4 years ago
• geeknik / nuclei-template-generator
  A simple tool which makes creating nuclei templates even easier.
  ☆37Updated last year
• R0X4R / ssrf-tool
  An SSRF detector tool written in golang. I have fixed some errors and added some more payloads to it. But the tool credits go to z0idsec.
  ☆45Updated 4 years ago
• Elsfa7-110 / top-burpsuite-plugins-extensions
  ☆19Updated last year