D4Vinci / CWFF
Create your Custom Wordlist For Fuzzing
☆189Updated last month
Related projects ⓘ
Alternatives and complementary repositories for CWFF
- Bug Bounty stuffs, payloads, scripts, profiles, tips and tricks, ...☆145Updated 4 years ago
- Burp Extension for easily creating Wordlists☆210Updated 3 years ago
- golang tool to scan domains or single domains with know security issues against xmlrpc☆59Updated last year
- You can read the writeup on this script here☆191Updated 3 years ago
- Random utilities from my security projects that might be useful to others☆175Updated 3 years ago
- Python library and CLI for the Bug Bounty Recon API☆220Updated 3 years ago
- A combined wordlists for files and directory discovery☆117Updated 3 years ago
- The tools I have programmed to help me with bugbounty's☆115Updated 5 years ago
- ☆57Updated last year
- A collection of tools I wrote for bug bounty or hacking and don't mind publishing it☆113Updated last month
- Urls de-duplication tool for better recon.☆136Updated 4 months ago
- Customisable and automated HTTP header injection☆236Updated 4 months ago
- Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl and Filter Urls With OpenRedirection or SS…☆166Updated 4 years ago
- A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…☆130Updated 3 years ago
- 📚 An ultimate collection wordlists of the best-known CMS☆84Updated 5 months ago
- CRLF and open redirect fuzzer☆109Updated 3 years ago
- ☆185Updated 5 years ago
- Tool to find the real IP behind CDNs/WAFs like cloudflare using passive recon by retrieving the favicon hash. For the same hash value, al…☆175Updated 3 years ago
- Fast tool to extract all subdomains from crt.sh website. Output will be up to sub.sub.sub.subdomain.com with standard and advanced search…☆111Updated 3 years ago
- A reverse whois tool based on Whoxy API.☆158Updated 7 months ago
- Secret and/or credential patterns used for gf.☆235Updated last year
- Pass in a list of URLs with query strings, get back a unique list of URLs and query string combinations☆339Updated 4 years ago
- XSS Payload without Anything.☆102Updated 5 years ago
- ASN reconnaissance script☆124Updated 9 months ago
- Signatures for jaeles scanner by @j3ssie☆116Updated 7 months ago
- ☆224Updated 5 months ago
- Match and Replace script used to automatically generate JSON option file to BurpSuite☆213Updated 5 years ago
- A list of useful payloads and Bypass for Web Application Security and Bug Bounty/CTF☆162Updated 4 years ago