Random utilities from my security projects that might be useful to others
☆183Jan 26, 2025Updated last year
Alternatives and similar repositories for SecUtils
Users that are interested in SecUtils are comparing it to the libraries listed below
Sorting:
- Signatures for jaeles scanner by @j3ssie☆117Apr 20, 2024Updated last year
- ☆12Jun 16, 2021Updated 4 years ago
- all manner of wordlists☆24Jan 19, 2022Updated 4 years ago
- commonspeak2 subdomains wordlist generated daily **DEPRECATED** The author(s) of commonspeak2 maintain an official repo with more lists. …☆40May 21, 2021Updated 4 years ago
- Tool to find JavaScript files on Websites☆526Nov 2, 2023Updated 2 years ago
- Sometimes we want to fuzz a set of sub-domain URLs with a common wordlist. Fuzzing them one by one is a tedious task, not to mention the …☆52Jul 14, 2021Updated 4 years ago
- Burp Extension for easily creating Wordlists☆215Oct 5, 2021Updated 4 years ago
- ☆145Jul 25, 2022Updated 3 years ago
- 40X/HTTP bypasser in Go. Features: Verb tampering, headers, #bugbountytips, User-Agents, extensions, default credentials...☆1,807Jul 3, 2023Updated 2 years ago
- BBT - Bug Bounty Tools (examples💡)☆1,883Apr 5, 2024Updated last year
- Simple command shell collections☆35Mar 7, 2021Updated 4 years ago
- a tool that compiles a csv of all h1 program stats☆49Jul 2, 2023Updated 2 years ago
- Tool for checking reflecting Parameters in a URL.☆10Aug 31, 2020Updated 5 years ago
- Common Web Managers Fuzz Wordlists☆175Jan 2, 2026Updated last month
- NodeJS script to extract assets for the Apple bug bounty program from their security acknowledgments page for bug bounty recon.☆78Nov 5, 2022Updated 3 years ago
- ☆755Jun 26, 2024Updated last year
- GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep☆1,401Sep 13, 2024Updated last year
- This extension replaces the default repeater tab name with the URL path of the repeater request.☆24Sep 3, 2021Updated 4 years ago
- A DNS Bruteforcing Wordlist Generator☆362Feb 22, 2023Updated 3 years ago
- The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices☆642Jul 7, 2025Updated 7 months ago
- Tool to find the real IP behind CDNs/WAFs like cloudflare using passive recon by retrieving the favicon hash. For the same hash value, al…☆184Jan 6, 2021Updated 5 years ago
- You can read the writeup on this script here☆192Sep 30, 2021Updated 4 years ago
- ☆436Jun 1, 2021Updated 4 years ago
- Automation for javascript recon in bug bounty.☆1,069Sep 9, 2023Updated 2 years ago
- ☆105Oct 18, 2020Updated 5 years ago
- Quickly generate context-specific wordlists for content discovery from lists of URLs or paths☆238May 4, 2022Updated 3 years ago
- Built on a lazy Sunday after seeing this tweet (https://twitter.com/intigriti/status/1272145863868104705?s=20) I present to you, Paramete…☆51Jun 14, 2020Updated 5 years ago
- A Repository dedicated to creating modular and automated penetration testing frameworks utilizing Jupyter Notebooks☆148Nov 23, 2020Updated 5 years ago
- Match and Replace script used to automatically generate JSON option file to BurpSuite☆215May 13, 2019Updated 6 years ago
- A collection of hacks and one-off scripts☆2,424Mar 13, 2025Updated 11 months ago
- It contain google dork to find the wsdl file.☆13May 27, 2020Updated 5 years ago
- information gathering☆282Jul 12, 2025Updated 7 months ago
- Burp extension to create target specific and tailored wordlist from burp history.☆255Dec 8, 2021Updated 4 years ago
- Various Payload wordlists☆240Apr 26, 2025Updated 10 months ago
- Python script to launch burp scans automatically☆32Jul 18, 2021Updated 4 years ago
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆303Feb 12, 2023Updated 3 years ago
- A reverse whois tool based on Whoxy API.☆170Mar 31, 2024Updated last year
- This includes all the templates of nuclei collected from different sources☆18Dec 30, 2022Updated 3 years ago
- A Tool to find subdomains from hackerone reports.☆17Jun 23, 2021Updated 4 years ago