Zzl is a reconnaissance tool that collects subdomains from SSL certificates in IP ranges
☆44Oct 27, 2024Updated last year
Alternatives and similar repositories for zzl
Users that are interested in zzl are comparing it to the libraries listed below
Sorting:
- Passive Web Vulnerability Detection Tool☆37May 5, 2025Updated 9 months ago
- ☆14Nov 8, 2024Updated last year
- Argus is used to test for Blind XSS and SSRF vulnerbilities or any sort of OOB detection☆13Nov 1, 2024Updated last year
- 🔍 SubWatch – Automated Subdomain Monitoring Script☆40Jun 13, 2025Updated 8 months ago
- ex-param is an automated tool designed for finding reflected parameters for XSS vulnerabilities. It crawls a target website, extracts GET…☆63Feb 22, 2025Updated last year
- Find subdomains on GitLab.☆106Apr 28, 2024Updated last year
- Automated GitHub secret scanning with smart alerting & monitoring.☆30Jan 15, 2026Updated last month
- Automated tool for domains & Subdomains Gathering☆14Feb 25, 2024Updated 2 years ago
- Unauthorized Access to Metadata and User Data like CTF☆28Nov 30, 2024Updated last year
- This script is used to search for cloud certificate entities such as Amazon, Azure, and others that have been extracted by the kaeferjaeg…☆55Nov 21, 2025Updated 3 months ago
- N0aziXss Origin Recon 🍓☆23Dec 16, 2025Updated 2 months ago
- Contains nuclei templates for security testing and POCs.☆17Oct 19, 2024Updated last year
- A complete security assessment tool that supports common web security issues scanning and custom POC | Be sure to read the document befor…☆20Sep 27, 2024Updated last year
- Collection of templates from various resources☆42Dec 5, 2025Updated 2 months ago
- SubOwner - A Simple tool check for subdomain takeovers.☆116Oct 18, 2024Updated last year
- A high-performance Go-based tool for checking the availability and responsiveness of domains, utilizing both HTTP requests and browser au…☆92Nov 26, 2024Updated last year
- Curated UTF-8 URL-encoded character dictionary for injection testing, fuzzing, and bypass techniques against web applications and APIs, f…☆13Sep 20, 2021Updated 4 years ago
- To run Burpsuite from launcher, You may run it in terminal by script, But by this tool you will able to run it from Launcher with a Burp …☆11Sep 24, 2023Updated 2 years ago
- Methodoloy for pentesting web applications.☆10Aug 18, 2022Updated 3 years ago
- BlitzSSH is a multi-threaded SSH brute-force tool with Telegram integration for real-time notifications.☆13Nov 20, 2025Updated 3 months ago
- A CLI utility to scan S3 buckets permissions☆14May 14, 2023Updated 2 years ago
- A lightweight version of my bug bounty hunting framework designed to be run on Synack's LP+ machines.☆12Jul 11, 2023Updated 2 years ago
- Enter Morpheus, your advanced IOC detection tool. Powered by expert YARA rules and integrated with VirusTotal, it scans and identifies In…☆54Feb 12, 2025Updated last year
- collectvars collects JavaScript variables, highlights risky ones, and helps you understand code structure, while you casually browse.☆33Aug 28, 2024Updated last year
- Automated Subdomain Enumeration and Scanning Tool☆116Oct 5, 2023Updated 2 years ago
- Robofinder retrieves historical #robots.txt files from #Archive.org, allowing you to collect old directories and paths for any domain whi…☆231Nov 21, 2025Updated 3 months ago
- Python3 Reverse Shell☆13May 24, 2019Updated 6 years ago
- SNMP Bash Script to discover valid community strings, dump basic information, check for write permission and check for RCE.☆11Apr 27, 2024Updated last year
- Pentest automation resources for Burp☆15Mar 10, 2024Updated last year
- NetScan CLI is a command-line tool for retrieving and analyzing IP address information. It provides detailed subnet and organization data…☆62Sep 4, 2024Updated last year
- This tool will check for Sensitive Data Leakage with some useful patterns/RegEx. The patterns are mostly targeted on waybackdata and filt…☆229May 20, 2025Updated 9 months ago
- jshunter is a command-line tool designed for analyzing JavaScript files and extracting endpoints. This tool specializes in identifying se…☆489Jan 22, 2026Updated last month
- Threat Hunt Investigation Methodology and Procedure☆15Jul 11, 2022Updated 3 years ago
- ParamScan is a chrome extension for finding reflected parameters in a webpage.☆92Jan 11, 2025Updated last year
- Advanced Time-based Blind SQL Injection fuzzer for HTTP Headers☆309Mar 31, 2024Updated last year
- POC for CVE-2024-40348. Will attempt to read /etc/passwd from target☆32Jul 21, 2024Updated last year
- Identify virtual hosts by similarity comparison☆137Aug 12, 2024Updated last year
- A quick and dirty (and a little shitty) burp extension that uses cheap deepseek api to send request and response and maybe found somethin…☆34Jan 26, 2025Updated last year
- AI-powered ffuf wrapper☆646Dec 4, 2025Updated 2 months ago