Alternatives and similar repositories for jwtXploiter

Users that are interested in jwtXploiter are comparing it to the libraries listed below

• samirettali / dumpcn

  View on GitHub
  Get all the CNs from a list of domains
  ☆45Aug 17, 2021Updated 4 years ago
• j3ssie / goverview

  View on GitHub
  goverview - Get an overview of the list of URLs
  ☆143Dec 5, 2025Updated 2 months ago
• Abss0x7tbh / massNS

  View on GitHub
  A tool that turns the authoritative nameservers of DNS providers to resolvers and resolves the target domain list. Please think of this a…
  ☆25Sep 19, 2019Updated 6 years ago
• codingo / microsubs

  View on GitHub
  A collection of code for interacting with API sources directly to improve your understanding of those services.
  ☆66Dec 11, 2020Updated 5 years ago
• Shivangx01b / CorsMe

  View on GitHub
  Cross Origin Resource Sharing MisConfiguration Scanner
  ☆173Nov 17, 2021Updated 4 years ago
• mhaskar / Bughound

  View on GitHub
  Static code analysis tool based on Elasticsearch
  ☆129Jan 23, 2021Updated 5 years ago
• raverrr / plution

  View on GitHub
  Prototype pollution scanner using headless chrome
  ☆219Jul 27, 2022Updated 3 years ago
• anshumanpattnaik / http-request-smuggling

  View on GitHub
  HTTP Request Smuggling Detection Tool
  ☆535Dec 21, 2023Updated 2 years ago
• hahwul / jwt-hack

  View on GitHub
  JSON Web Token Hack Toolkit
  ☆972Updated this week
• Damian89 / extended-ssrf-search

  View on GitHub
  Smart ssrf scanner using different methods like parameter brute forcing in post and get...
  ☆280Feb 11, 2021Updated 5 years ago
• visma-prodsec / confused

  View on GitHub
  Tool to check for dependency confusion vulnerabilities in multiple package management systems
  ☆775Aug 19, 2024Updated last year
• mazen160 / jwt-pwn

  View on GitHub
  Security Testing Scripts for JWT
  ☆327Jun 30, 2022Updated 3 years ago
• glebarez / cero

  View on GitHub
  Scrape domain names from SSL certificates of arbitrary hosts
  ☆689Mar 31, 2024Updated last year
• ethicalhackingplayground / ssrf-king

  View on GitHub
  SSRF plugin for burp Automates SSRF Detection in all of the Request
  ☆610Jan 20, 2021Updated 5 years ago
• Sh1Yo / x8

  View on GitHub
  Hidden parameters discovery suite
  ☆2,015Sep 8, 2024Updated last year
• mhmdiaa / second-order

  View on GitHub
  Second-order subdomain takeover scanner
  ☆406Aug 28, 2025Updated 5 months ago
• KathanP19 / JSFScan.sh

  View on GitHub
  Automation for javascript recon in bug bounty.
  ☆1,067Sep 9, 2023Updated 2 years ago
• MichaelStott / CRLF-Injection-Scanner

  View on GitHub
  Command line tool for testing CRLF injection on a list of domains.
  ☆166Apr 14, 2024Updated last year
• redcode-labs / UnChain

  View on GitHub
  A tool to find redirection chains in multiple URLs
  ☆78Jan 1, 2025Updated last year
• devanshbatham / FavFreak

  View on GitHub
  Making Favicon.ico based Recon Great again !
  ☆1,261Aug 29, 2023Updated 2 years ago
• robre / jsmon

  View on GitHub
  a javascript change monitoring tool for bugbounties
  ☆710Jul 31, 2024Updated last year
• ticarpi / jwt_tool

  View on GitHub
  A toolkit for testing, tweaking and cracking JSON Web Tokens
  ☆6,357May 1, 2025Updated 9 months ago
• kleiton0x00 / ppmap

  View on GitHub
  A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.
  ☆519Jun 22, 2022Updated 3 years ago
• byt3hx / gup

  View on GitHub
  gup aka Get All Urls parameters to create wordlists for brute forcing parameters.
  ☆18Dec 4, 2021Updated 4 years ago
• In3tinct / Taken

  View on GitHub
  Takeover subdomains using AWS dangling elastic ips and have a working POC for Subdomain Takeover.
  ☆93Jul 9, 2025Updated 7 months ago
• mlcsec / headi

  View on GitHub
  Customisable and automated HTTP header injection
  ☆270Jun 27, 2024Updated last year
• Healdb / Elevate

  View on GitHub
  Horizontal Domain Discovery
  ☆77May 22, 2023Updated 2 years ago
• r0075h3ll / Oralyzer

  View on GitHub
  Open Redirection Analyzer
  ☆811Mar 5, 2023Updated 2 years ago
• 003random / getJS

  View on GitHub
  A tool to fastly get all javascript sources/files
  ☆856Jul 4, 2025Updated 7 months ago
• vp777 / metahttp

  View on GitHub
  A bash script that automates the scanning of a target network for HTTP resources through XXE
  ☆37Dec 2, 2020Updated 5 years ago
• laluka / bypass-url-parser

  View on GitHub
  bypass-url-parser
  ☆1,111Feb 7, 2026Updated last week
• dwisiswant0 / gf-secrets

  View on GitHub
  Secret and/or credential patterns used for gf.
  ☆243Feb 10, 2023Updated 3 years ago
• hussein98d / LFI-files

  View on GitHub
  Wordlist to bruteforce for LFI
  ☆128Oct 6, 2019Updated 6 years ago
• ayoubfathi / leaky-paths

  View on GitHub
  A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..e…
  ☆1,021Jun 24, 2024Updated last year
• lobuhi / byp4xx

  View on GitHub
  40X/HTTP bypasser in Go. Features: Verb tampering, headers, #bugbountytips, User-Agents, extensions, default credentials...
  ☆1,807Jul 3, 2023Updated 2 years ago
• 0xsapra / fuzzparam

  View on GitHub
  ☆59Apr 8, 2021Updated 4 years ago
• dwisiswant0 / galer

  View on GitHub
  A fast tool to fetch URLs from HTML attributes by crawl-in.
  ☆261Jan 23, 2025Updated last year
• m4ll0k / SecretFinder

  View on GitHub
  SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files
  ☆2,376May 26, 2024Updated last year
• 1ndianl33t / urlprobe

  View on GitHub
  Urls status code & content length checker
  ☆146Oct 1, 2020Updated 5 years ago