Alternatives and similar repositories for TukTuk

Users that are interested in TukTuk are comparing it to the libraries listed below

• defparam / h1passets

  View on GitHub
  List HackerOne private program assets
  ☆154Jun 24, 2021Updated 4 years ago
• nikitastupin / param-miner-doc

  View on GitHub
  Unofficial documentation for the great tool Param Miner
  ☆184Aug 21, 2022Updated 3 years ago
• ameenmaali / qsfuzz

  View on GitHub
  qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.
  ☆303Feb 12, 2023Updated 3 years ago
• RandomRobbieBF / grafana-ssrf

  View on GitHub
  Authenticated SSRF in Grafana
  ☆84Jun 24, 2024Updated last year
• 0xdekster / ReconNote

  View on GitHub
  Web Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security prof…
  ☆416Nov 24, 2020Updated 5 years ago
• Raywando / vaxser

  View on GitHub
  ☆11Aug 27, 2020Updated 5 years ago
• honoki / wilson-cloud-respwnder

  View on GitHub
  WILSON Cloud Respwnder is a Web Interaction Logger Sending Out Notifications with the ability to serve custom content in order to appropr…
  ☆50Sep 5, 2024Updated last year
• honoki / bbrf-client

  View on GitHub
  The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices
  ☆642Jul 7, 2025Updated 7 months ago
• allyomalley / dnsobserver

  View on GitHub
  A handy DNS service written in Go to aid in the detection of several types of blind vulnerabilities. It monitors a pentester's server for…
  ☆192Sep 6, 2020Updated 5 years ago
• Static-Flow / ParameterMiner

  View on GitHub
  Built on a lazy Sunday after seeing this tweet (https://twitter.com/intigriti/status/1272145863868104705?s=20) I present to you, Paramete…
  ☆51Jun 14, 2020Updated 5 years ago
• neex / gifoeb

  View on GitHub
  exploit for ImageMagick's uninitialized memory disclosure in gif coder
  ☆284Jul 22, 2017Updated 8 years ago
• airman604 / cms2cmd

  View on GitHub
  ☆10Nov 24, 2018Updated 7 years ago
• defparam / h1stats

  View on GitHub
  a tool that compiles a csv of all h1 program stats
  ☆49Jul 2, 2023Updated 2 years ago
• msrkp / PPScan

  View on GitHub
  Client Side Prototype Pollution Scanner
  ☆524Sep 17, 2022Updated 3 years ago
• JesseClarkND / abnormalizer

  View on GitHub
  unicode abnormalizer to takes a unicode string and abnormalizes it by character replacment
  ☆26Jun 27, 2020Updated 5 years ago
• ethicalhackingplayground / Zin

  View on GitHub
  A Payload Injector for bugbounties written in go
  ☆70Jul 18, 2020Updated 5 years ago
• ethicalhackingplayground / linkJS

  View on GitHub
  ☆57Sep 2, 2020Updated 5 years ago
• neex / http2smugl

  View on GitHub
  ☆561Mar 27, 2025Updated 10 months ago
• lkorba / enumsh

  View on GitHub
  ☆10Oct 30, 2019Updated 6 years ago
• cablej / FileChangeMonitor

  View on GitHub
  Continuous monitoring for JavaScript files
  ☆225Dec 29, 2019Updated 6 years ago
• IAmStoxe / urlgrab

  View on GitHub
  A golang utility to spider through a website searching for additional links.
  ☆343Nov 7, 2020Updated 5 years ago
• serain / bbrecon

  View on GitHub
  Python library and CLI for the Bug Bounty Recon API
  ☆230Jun 5, 2021Updated 4 years ago
• bp0lr / dmut

  View on GitHub
  A tool to perform permutations, mutations and alteration of subdomains in golang.
  ☆155Nov 24, 2023Updated 2 years ago
• jaeles-project / jaeles-signatures

  View on GitHub
  Default signature for Jaeles Scanner
  ☆327Apr 9, 2022Updated 3 years ago
• devanshbatham / FavFreak

  View on GitHub
  Making Favicon.ico based Recon Great again !
  ☆1,261Aug 29, 2023Updated 2 years ago
• Edu4rdSHL / rusolver

  View on GitHub
  A fast and accurate DNS resolver written in Rust.
  ☆168Aug 2, 2025Updated 6 months ago
• filedescriptor / untrusted-types

  View on GitHub
  ☆695Jul 4, 2022Updated 3 years ago
• Cgboal / exclude-cdn

  View on GitHub
  Wraps projectdiscovery's cdncheck library to exclude CDN hosts from input passed over stdin
  ☆45Mar 13, 2023Updated 2 years ago
• dwisiswant0 / wadl-dumper

  View on GitHub
  Dump all available paths and/or endpoints on WADL file.
  ☆98Nov 24, 2025Updated 2 months ago
• ameenmaali / wordlistgen

  View on GitHub
  Quickly generate context-specific wordlists for content discovery from lists of URLs or paths
  ☆239May 4, 2022Updated 3 years ago
• emadshanab / subs_all

  View on GitHub
  Subdomain Enumeration Wordlist. 8956437 unique words. Updated.
  ☆75May 23, 2020Updated 5 years ago
• defparam / smuggler

  View on GitHub
  Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3
  ☆2,059Jan 2, 2024Updated 2 years ago
• tomnomnom / hacks

  View on GitHub
  A collection of hacks and one-off scripts
  ☆2,418Mar 13, 2025Updated 11 months ago
• Cgboal / SonarSearch

  View on GitHub
  A rapid API for the Project Sonar dataset
  ☆658May 5, 2023Updated 2 years ago
• wagiro / BurpBounty

  View on GitHub
  Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…
  ☆1,770Apr 26, 2024Updated last year
• ni8walk3r / JWT-Exploitation

  View on GitHub
  Collection of different exploitation scenarios of JWT.
  ☆21Jul 23, 2021Updated 4 years ago
• benso-io / posta

  View on GitHub
  🐙 Cross-document messaging security research tool powered by https://enso.security
  ☆301May 22, 2023Updated 2 years ago
• sw33tLie / bcscope

  View on GitHub
  Get the scope of your bugcrowd programs
  ☆67Dec 4, 2020Updated 5 years ago
• doyensec / inql

  View on GitHub
  InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable…
  ☆1,731Updated this week