BishopFox / jsluiceLinks
Extract URLs, paths, secrets, and other interesting bits from JavaScript
β1,703Updated last year
Alternatives and similar repositories for jsluice
Users that are interested in jsluice are comparing it to the libraries listed below
Sorting:
- REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applicationsβ1,267Updated 4 months ago
- π« Advanced tool for security researchers to bypass 403/40X restrictions through smart techniques and adaptive request manipulation. Fastβ¦β1,387Updated 5 months ago
- Burp Plugin to Bypass WAFs through the insertion of Junk Dataβ1,370Updated 4 months ago
- A python tool used to discover endpoints, potential parameters, and a target specific wordlist for a given targetβ1,434Updated last month
- declutters url lists for crawling/pentestingβ1,487Updated 9 months ago
- bypass-url-parserβ1,104Updated last week
- Fast and customizable subdomain wordlist generator using DSLβ889Updated 2 weeks ago
- Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!β968Updated last year
- An IIS short filename enumeration toolβ1,033Updated last year
- Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one plβ¦β1,027Updated 3 months ago
- ProjectDiscovery's Open Source Tool Managerβ1,002Updated 2 weeks ago
- Burp Extension to find potential endpoints, parameters, and generate a custom target wordlistβ1,470Updated 2 months ago
- Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan, VirusTotal & Intelligence X!β2,346Updated 3 weeks ago
- Scope aggregation tool for HackerOne, Bugcrowd, Intigriti, YesWeHack, and Immunefi!β1,228Updated last week
- Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entβ¦β2,050Updated last year
- A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..eβ¦β1,001Updated last year
- An extremely effective subdomain enumeration wordlist of 3,000,000 lines, crafted by harvesting SSL certs from the entire IPv4 space.β729Updated 2 years ago
- Asset inventory of over 800 public bug bounty programs.β1,492Updated 9 months ago
- Go client to communicate with Chaos DB API.β799Updated last week
- Community curated list of nuclei templates for finding "unknown" security vulnerabilities.β82Updated last year
- Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hacβ¦β1,052Updated 3 months ago
- Real-world infosec wordlists, updated regularlyβ1,595Updated this week
- πͺ CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.β953Updated 10 months ago
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable β¦β693Updated last year
- Subdomain takeover vulnerability checkerβ1,445Updated last year
- The most exhaustive list of reliable DNS resolvers.β908Updated this week
- Notify is a Go-based assistance package that enables you to stream the output of several tools (or read from a file) and publish it to a β¦β1,522Updated this week
- A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.β713Updated last week
- A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.β739Updated 3 weeks ago
- Hidden parameters discovery suiteβ1,949Updated last year