A smarter web fuzzing tool that combines local LLM models and ffuf to optimize directory and file discovery
☆387Nov 26, 2024Updated last year
Alternatives and similar repositories for brainstorm
Users that are interested in brainstorm are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- AI-powered ffuf wrapper☆776Dec 4, 2025Updated 5 months ago
- A research project to add some brrrrrr to Burp☆210Feb 16, 2026Updated 3 months ago
- A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.☆845May 13, 2026Updated last week
- A high-speed tool for passively gathering URLs, optimized for efficient and comprehensive web asset discovery without active scanning.☆869Jan 5, 2026Updated 4 months ago
- A lightweight GPT model, trained to discover subdomains.☆365Dec 18, 2025Updated 5 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- An IIS short filename enumeration tool☆1,160Nov 25, 2024Updated last year
- Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.☆561Mar 8, 2025Updated last year
- ☆144Mar 10, 2026Updated 2 months ago
- Advanced Client-Side Prototype Pollution Scanner☆247May 11, 2026Updated last week
- Gotta go fast☆152Dec 5, 2025Updated 5 months ago
- A rapid HTTP downgrade smuggling scanner written in Go.☆314May 16, 2024Updated 2 years ago
- SAPLAR - LFI & Path Traversal Scanner☆15Mar 11, 2025Updated last year
- Extract URLs, paths, secrets, and other interesting bits from JavaScript☆1,829May 22, 2024Updated 2 years ago
- Hunt every Endpoint in your code, expose Shadow APIs, map the Attack Surface.☆1,194Updated this week
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Bounty Prompt is an Open-Source Burp Suite extension by Bounty Security that leverages advanced AI via Burp AI and Groq AI. It enables us�…☆123Feb 23, 2025Updated last year
- Advanced Time-based Blind SQL Injection fuzzer for HTTP Headers☆313Mar 31, 2024Updated 2 years ago
- Looks for parameters in urls☆34Oct 14, 2024Updated last year
- A fast WordPress plugin enumeration tool☆841Apr 13, 2026Updated last month
- Tool to fuzz for interesting vhost.☆23Jan 8, 2025Updated last year
- A python tool used to discover endpoints, potential parameters, a target specific wordlist for a given target and secrets☆1,554Mar 8, 2026Updated 2 months ago
- ai-based domain name generation☆140May 7, 2026Updated 2 weeks ago
- The Distributed Scanning Framework for Everybody! Control Your Infrastructure, Scale Your Scanning-On Your Terms. Easily distribute arbit…☆751Dec 26, 2025Updated 4 months ago
- Hidden parameters discovery suite☆2,059Sep 8, 2024Updated last year
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications☆1,341Aug 7, 2025Updated 9 months ago
- ☆424May 4, 2026Updated 2 weeks ago
- De-clutter a list of URLs☆390Mar 8, 2026Updated 2 months ago
- jsluice++ is a Burp Suite extension designed for passive and active scanning of JavaScript traffic using the CLI tool jsluice☆294Apr 9, 2024Updated 2 years ago
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …☆758Dec 19, 2023Updated 2 years ago
- IDOR Scanner is a Burp Suite extension that automates the detection and enumeration of potentially vulnerable numeric fields to identify …☆45Feb 24, 2025Updated last year
- Header Exploitation HTTP☆742May 8, 2026Updated last week
- ☆42Nov 15, 2025Updated 6 months ago
- Misconfig Mapper is a fast tool to help you uncover security misconfigurations on popular third-party services used by your company and/o…☆901May 12, 2026Updated last week
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- PoC☆12Apr 7, 2025Updated last year
- Abuse trust-boundaries to bypass firewalls and network controls☆420Jul 24, 2025Updated 9 months ago
- Community curated list of nuclei templates for finding "unknown" security vulnerabilities.☆93May 2, 2024Updated 2 years ago
- ☆45Mar 5, 2025Updated last year
- Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration test…☆433May 11, 2026Updated last week
- .NET post-exploitation toolkit for Active Directory reconnaissance and exploitation☆401Jul 23, 2025Updated 9 months ago
- A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing☆143Jun 27, 2023Updated 2 years ago