Made your bugbounty subdomains reconnaissance easier with Hunt3r the web application reconnaissance framework
☆169Feb 4, 2023Updated 3 years ago
Alternatives and similar repositories for Hunt3r
Users that are interested in Hunt3r are comparing it to the libraries listed below
Sorting:
- Probe: This is a special tool for bug hunter for automated recon process smoothly.☆24Jan 29, 2024Updated 2 years ago
- ☆46Nov 5, 2025Updated 3 months ago
- WARF is a Web Application Reconnaissance Framework that helps to gather information about the target.☆193Dec 27, 2022Updated 3 years ago
- JS Finding can be used to extract JavaScript (JS) files from either a single domain URL or a list of domains. The tool supports various e…☆48Apr 29, 2024Updated last year
- Burp Scanner extension to fingerprint and actively scan instances of the Adobe Experience Manager CMS. It checks the website for common m…☆75Mar 22, 2024Updated last year
- ☆96May 15, 2020Updated 5 years ago
- Little Bug Bounty & Hacking Tools⚔️☆370Nov 10, 2024Updated last year
- web application pentesting tools for docker☆17Aug 9, 2022Updated 3 years ago
- Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load☆297Sep 22, 2024Updated last year
- Find related domains of a given domain.☆104Aug 5, 2023Updated 2 years ago
- Find subdomains on GitLab.☆107Apr 28, 2024Updated last year
- Talosplus is a fast and robust template based Intelligent automation framework primarily developed for Bug Bounty Automation☆92Mar 7, 2023Updated 2 years ago
- Nuclei Templates - Here you will find the templates I use while hunting☆120Sep 27, 2021Updated 4 years ago
- Hidden input parameters finder☆19Jul 10, 2023Updated 2 years ago
- Hidden parameters discovery suite☆224Nov 14, 2022Updated 3 years ago
- This includes all the templates of nuclei collected from different sources☆18Dec 30, 2022Updated 3 years ago
- An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and…☆802Jul 4, 2023Updated 2 years ago
- 🕵️ Python project to crawl for JavaScript files and search for secrets like API keys, authorization tokens, hardcoded credentials, etc.☆428May 15, 2025Updated 9 months ago
- A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.☆184Nov 22, 2021Updated 4 years ago
- Bugbounty scope tool☆332Mar 5, 2025Updated 11 months ago
- a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …☆49Apr 25, 2022Updated 3 years ago
- Your subdomains are free for the taking - no API key, no mistaking! 🕺☆37Feb 27, 2023Updated 3 years ago
- Declutters URLs in a fast and flexible way, for improving input for web hacking automations such as crawlers and vulnerability scans.☆59Jan 22, 2023Updated 3 years ago
- Discover new target domains using Content Security Policy☆503Feb 7, 2026Updated 3 weeks ago
- The purpose of this project is to demonstrate the Log4Shell exploit with Log4J vulnerabilities using PDF as delivery channel☆206Dec 15, 2021Updated 4 years ago
- GG Dorking is a tool to generate GitHub and Google dorking for pentesters and bug bounty hunters.☆102Jul 12, 2025Updated 7 months ago
- Check AWS S3 instances for read/write/delete access☆121Feb 8, 2022Updated 4 years ago
- Automating XSS using Bash☆362Jan 27, 2026Updated last month
- ShoLister is a tool that collects all available subdomains for specific hostname or organization from Shodan. The tool is designed to be …☆60May 10, 2022Updated 3 years ago
- Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration test…☆427Feb 23, 2026Updated last week
- Hidden parameters discovery suite☆2,027Sep 8, 2024Updated last year
- Gotator is a tool to generate DNS wordlists through permutations.☆506Jul 17, 2022Updated 3 years ago
- Generate tens of thousands of subdomain combinations in a matter of seconds☆273Sep 25, 2023Updated 2 years ago
- declutters url lists for crawling/pentesting☆1,531Feb 23, 2025Updated last year
- Looks for parameters in urls☆34Oct 14, 2024Updated last year
- all manner of wordlists☆24Jan 19, 2022Updated 4 years ago
- Command-line tool to enumerate top-level domains, check response codes and find potential vulnerabilities for bug bounty hunters and secu…☆26Mar 6, 2023Updated 2 years ago
- A python tool used to discover endpoints, potential parameters, a target specific wordlist for a given target and secrets☆1,524Jan 15, 2026Updated last month
- Simple python script supported with BurpBouty profile that helps you to detect SQL injection "Error based" by sending multiple requests w…☆632Feb 22, 2026Updated last week