OSINT scanning tool which discovers and maps directories found in javascript files hosted on a website.
☆228Feb 24, 2019Updated 7 years ago
Alternatives and similar repositories for dirscraper
Users that are interested in dirscraper are comparing it to the libraries listed below
Sorting:
- The Recon scanning tool scans websites for open files & directories specified in the custom config file. Default server configuration fil…☆15Apr 4, 2018Updated 7 years ago
- Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will m…☆99Dec 30, 2019Updated 6 years ago
- Extract (links/possible endpoints) from responses & filter them via decoding/sorting☆93Aug 27, 2019Updated 6 years ago
- gathers the XSS cheatsheet payloads and creates a usable wordlist☆74Jan 4, 2021Updated 5 years ago
- A bash script that fetches and maintains thousands of DNS resolvers☆65Aug 24, 2020Updated 5 years ago
- An hourly updated list of subdomains gathered from certificate transparency logs☆349Oct 13, 2021Updated 4 years ago
- Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.☆471Nov 14, 2019Updated 6 years ago
- Auto Recon Bash Script☆31Dec 31, 2024Updated last year
- Recursive DNS Subdomain Enumerator with dead-end avoidance system (BETA)☆146Apr 9, 2021Updated 4 years ago
- Multi Tool Subdomain Enumeration☆723Apr 11, 2021Updated 4 years ago
- A Burp Suite content discovery plugin that add the smart into the Buster!☆32Jan 22, 2018Updated 8 years ago
- stuff i'm willing to share with the world lol☆171Oct 17, 2022Updated 3 years ago
- Extracting URLs of a specific target based on the results of "commoncrawl.org"☆275Dec 4, 2025Updated 3 months ago
- A small tool that extracts relative URLs from a file.☆768Sep 23, 2020Updated 5 years ago
- Reconnaissance tool which scans javascript files for subdomains and then iterates over all javascript files hosted on subsequent subdomai…☆223Jul 10, 2020Updated 5 years ago
- Scan secrets from Continuous Integration Build Logs☆53Oct 14, 2019Updated 6 years ago
- A collection of scripts to extend Burp Suite☆142Apr 8, 2019Updated 6 years ago
- A Burp Extension designed to identify argument injection vulnerabilities.☆123Apr 16, 2019Updated 6 years ago
- Retrive the status codes from a list of URLs☆33May 18, 2020Updated 5 years ago
- AWS S3 Bucket Finder.☆14Oct 28, 2025Updated 4 months ago
- Toolkit to detect and keep track on Blind XSS, XXE & SSRF☆293Aug 23, 2019Updated 6 years ago
- ☆32Apr 6, 2021Updated 4 years ago
- jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints.☆154Feb 15, 2021Updated 5 years ago
- CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.☆534Mar 7, 2022Updated 4 years ago
- This tool can be used to brute discover GET and POST parameters☆1,395Aug 24, 2019Updated 6 years ago
- A place to store my own wordlists, and link to others that are useful☆108Nov 15, 2023Updated 2 years ago
- A highly configurable Framework for easy automated web scanning☆382Jul 13, 2020Updated 5 years ago
- A sub-domain enumeration tool☆20May 18, 2020Updated 5 years ago
- Multiprocessing(Parallel)Subdomain Detect Script☆329Jan 28, 2024Updated 2 years ago
- A scripted pipeline of tools to streamline the bug bounty/penetration test reconnaissance phase, so you can focus on chomping bugs.☆397Apr 17, 2020Updated 5 years ago
- ☆39Sep 23, 2019Updated 6 years ago
- Continuous monitoring for JavaScript files☆225Dec 29, 2019Updated 6 years ago
- CollabOzark is a simple tool which helps the researchers track SSRF, RCE, Blind XSS, XXE, External Resource Access payloads triggers.☆136Sep 25, 2019Updated 6 years ago
- Fetches javascript file from a list of URLS or subdomains.☆838Jul 22, 2025Updated 8 months ago
- Atlassian JIRA Template injection vulnerability RCE☆92Jul 22, 2019Updated 6 years ago
- Do some quick reconnaissance on a domain-based web-application☆13Jun 1, 2021Updated 4 years ago
- A python script that filters, checks the validity, generates clickable link(s) of subdomain(s), and reports their status☆89Oct 29, 2020Updated 5 years ago
- Hacked together script for feeding urls into Burp's Sitemap☆92Dec 7, 2025Updated 3 months ago
- Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (…☆316Apr 1, 2019Updated 6 years ago