Alternatives and similar repositories for xssmap

Users that are interested in xssmap are comparing it to the libraries listed below

• ThreatUnknown / jsubfinder
  jsubfinder searches webpages for javascript & analyzes them for hidden subdomains and secrets (wip).
  ☆276Updated 10 months ago
• ARPSyndicate / kenzer-templates
  essential templates for kenzer [DEPRECATED]
  ☆117Updated 2 years ago
• Y000o / Payloads_xss_sql_bypass
  ☆183Updated 2 years ago
• ryandamour / ssrfuzz
  SSRFuzz is a tool to find Server Side Request Forgery vulnerabilities, with CRLF chaining capabilities
  ☆185Updated 4 years ago
• Moaaz-0x / chaospy
  Small Tool written based on chaos from projectdiscovery.io
  ☆175Updated last year
• ethicalhackingplayground / ssrf-king
  SSRF plugin for burp Automates SSRF Detection in all of the Request
  ☆599Updated 4 years ago
• devploit / XORpass
  Encoder to bypass WAF filters using XOR operations.
  ☆254Updated 3 years ago
• PortSwigger / active-scan-plus-plus
  ActiveScan++ Burp Suite Plugin
  ☆235Updated this week
• vsec7 / BurpSuite-Xkeys
  A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.
  ☆306Updated last year
• PortSwigger / js-link-finder
  Burp Extension for a passive scanning JS files for endpoint links.
  ☆176Updated 6 years ago
• SpiderMate / B-XSSRF
  Toolkit to detect and keep track on Blind XSS, XXE & SSRF
  ☆292Updated 6 years ago
• PortSwigger / autorize
  Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease appli…
  ☆265Updated 11 months ago
• tombstoneghost / TIWAP
  Totally Insecure Web Application Project (TIWAP)
  ☆175Updated last year
• ARPSyndicate / cve-scores
  EPSS & VEDAS Score Aggregator for CVEs
  ☆253Updated this week
• lwzSoviet / NoXss
  Faster xss scanner,support reflected-xss and dom-xss
  ☆445Updated 2 years ago
• ARPSyndicate / bug-bounty-domains
  Domains belonging to the most reputed public bug bounty programs. [NOT FOR NON-MONETARY OR PRIVATE PROGRAMS]
  ☆224Updated last year
• volkandindar / agartha
  A Burp Suite extension for identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violati…
  ☆389Updated this week
• bl4de / dictionaries
  Misc dictionaries for directory/file enumeration, username enumeration, password dictionary/bruteforce attacks
  ☆247Updated 3 weeks ago
• cckuailong / pocsploit
  a lightweight, flexible and novel open source poc verification framework
  ☆237Updated 3 years ago
• pyn3rd / Spring-Boot-Vulnerability
  ☆415Updated 3 years ago
• 0xDexter0us / Log4J-Scanner
  Burp extension to scan Log4Shell (CVE-2021-44228) vulnerability pre and post auth.
  ☆101Updated 3 years ago
• Fadavvi / Sub-Drill
  A very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.
  ☆115Updated last year
• tismayil / ohmybackup
  Scan Victim Backup Directories & Backup Files
  ☆181Updated 2 years ago
• anshumanpattnaik / http-request-smuggling
  HTTP Request Smuggling Detection Tool
  ☆532Updated last year
• geeknik / the-nuclei-templates
  Nuclei templates written by geeknik. Claude is my co-pilot. 🤖
  ☆284Updated 3 months ago
• shadowsock5 / Poc
  PoC collection of Atlassian(Jira, Confluence, Bitbucket) products and Jenkins, Solr, Nexus
  ☆180Updated 2 months ago
• moeinfatehi / xss_vulnerability_challenges
  this repository is a docker containing some "XSS vulnerability" challenges and bypass examples.
  ☆117Updated 3 years ago
• Damian89 / extended-ssrf-search
  Smart ssrf scanner using different methods like parameter brute forcing in post and get...
  ☆278Updated 4 years ago
• profmoriarity / rexsser
  This is a burp plugin that extracts keywords from response using regexes and test for reflected XSS on the target scope.
  ☆75Updated 5 years ago
• tyki6 / MyJWT
  A cli for cracking, testing vulnerabilities on Json Web Token(JWT)
  ☆136Updated last month