Made your bugbounty subdomains reconnaissance easier with Hunt3r the web application reconnaissance framework
☆171Feb 4, 2023Updated 3 years ago
Alternatives and similar repositories for Hunt3r
Users that are interested in Hunt3r are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Probe: This is a special tool for bug hunter for automated recon process smoothly.☆24Jan 29, 2024Updated 2 years ago
- web application pentesting tools for docker☆18Aug 9, 2022Updated 3 years ago
- ☆97May 15, 2020Updated 6 years ago
- ☆44Nov 5, 2025Updated 7 months ago
- Burp Scanner extension to fingerprint and actively scan instances of the Adobe Experience Manager CMS. It checks the website for common m…☆77Mar 22, 2024Updated 2 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- JS Finding can be used to extract JavaScript (JS) files from either a single domain URL or a list of domains. The tool supports various e…☆49Apr 29, 2024Updated 2 years ago
- WARF is a Web Application Reconnaissance Framework that helps to gather information about the target.☆194Dec 27, 2022Updated 3 years ago
- Little Bug Bounty & Hacking Tools⚔️☆380Mar 30, 2026Updated 2 months ago
- Find subdomains on GitLab.☆106Apr 28, 2024Updated 2 years ago
- Find related domains of a given domain.☆105Jun 5, 2026Updated last week
- 🕵️ Python project to crawl for JavaScript files and search for secrets like API keys, authorization tokens, hardcoded credentials, etc.☆434Apr 10, 2026Updated 2 months ago
- Talosplus is a fast and robust template based Intelligent automation framework primarily developed for Bug Bounty Automation☆91Mar 7, 2023Updated 3 years ago
- Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load☆296Sep 22, 2024Updated last year
- ShoLister is a tool that collects all available subdomains for specific hostname or organization from Shodan. The tool is designed to be …☆60May 10, 2022Updated 4 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Hidden parameters discovery suite☆2,064Sep 8, 2024Updated last year
- a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …☆49Apr 25, 2022Updated 4 years ago
- A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.☆184Nov 22, 2021Updated 4 years ago
- Nuclei Templates - Here you will find the templates I use while hunting☆122Sep 27, 2021Updated 4 years ago
- Discover new target domains using Content Security Policy☆514Jun 5, 2026Updated last week
- Hidden input parameters finder☆19Jul 10, 2023Updated 2 years ago
- Hidden parameters discovery suite☆224Nov 14, 2022Updated 3 years ago
- Bug Bounty Recon wordlist Generator☆21Jul 17, 2020Updated 5 years ago
- ☆331Jul 20, 2025Updated 10 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Check AWS S3 instances for read/write/delete access☆121Feb 8, 2022Updated 4 years ago
- This includes all the templates of nuclei collected from different sources☆18Dec 30, 2022Updated 3 years ago
- Bugbounty scope tool☆330Mar 5, 2025Updated last year
- An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and…☆809May 11, 2026Updated last month
- Fetch Javascript sourcemaps, bounty hunter style☆46May 21, 2023Updated 3 years ago
- Your subdomains are free for the taking - no API key, no mistaking! 🕺☆37Feb 27, 2023Updated 3 years ago
- GG Dorking is a tool to generate GitHub and Google dorking for pentesters and bug bounty hunters.☆103Jul 12, 2025Updated 11 months ago
- Windows Reverse TCP Shell for Hacking and Pentesting☆24Aug 13, 2024Updated last year
- simple program for joomla CVE-2023-23752 scanner for pentesting and educational purpose☆17Feb 24, 2023Updated 3 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Automating XSS using Bash☆364Jan 27, 2026Updated 4 months ago
- URL scanner for recon, vulnerabilities, secrets and more!☆12Sep 27, 2021Updated 4 years ago
- A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..e…☆1,178Apr 3, 2026Updated 2 months ago
- Generate tens of thousands of subdomain combinations in a matter of seconds☆276Sep 25, 2023Updated 2 years ago
- Gotator is a tool to generate DNS wordlists through permutations.☆525Jul 17, 2022Updated 3 years ago
- A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bul…☆98Jul 10, 2021Updated 4 years ago
- Feed it a list of subdomains, it will resolve them and tell you which ones are internal☆91Nov 21, 2021Updated 4 years ago