Alternatives and similar repositories for httpfuzz

Users that are interested in httpfuzz are comparing it to the libraries listed below

• ariary / HTTPCustomHouse
  HTTP request smuggling attack helper/CLI tools to manipulate HTTP packets
  ☆36Updated 2 years ago
• detectify / Varnish-H2-Request-Smuggling
  ☆56Updated 3 years ago
• cramppet / dank
  a deterministic finite automata ranker
  ☆71Updated 3 years ago
• ariary / cfuzz
  Command line fuzzer and bruteforcer 🌪 wfuzz for command
  ☆86Updated 2 years ago
• mattiasgrenfeldt / bachelors-thesis-http-request-smuggling
  ☆72Updated 3 years ago
• neex / ghostinthepdf
  ☆166Updated 3 years ago
• CoreyD97 / Burp-Montoya-Utilities
  A collection of utilities for building extensions using Burp's Montoya API
  ☆50Updated last year
• vp777 / surferFTP
  SSRF to TCP Port Scanning, Banner and Private IP Disclosure by abusing the FTP protocol/clients
  ☆70Updated 3 years ago
• elttam / rsu-cracker
  ☆33Updated 2 years ago
• cybervelia / graphicator
  A GraphQL enumeration and extraction tool
  ☆131Updated 2 years ago
• bahruzjabiyev / gudifu-fuzzer
  Guided Differential Fuzzing for HTTP Request Parsing Discrepancies
  ☆17Updated last year
• raesene / k8s_ssrf_portscanner
  ☆31Updated 2 years ago
• joanbono / gap
  Google Maps API checker
  ☆75Updated last year
• assetnote / exploits
  Repository to store exploits created by Assetnotes Security Research team
  ☆179Updated last year
• defparam / haptyc
  ☆94Updated 3 years ago
• dillonfranke / protoburp
  Encode and Fuzz Custom Protobuf Messages in Burp Suite
  ☆32Updated 4 months ago
• osmedeus / osmedeus-workflow
  Community Workflow for the Osmedeus Engine that describes basic reconnaissance methodology for you to build your own
  ☆74Updated last year
• dsecuredcom / yataf
  yataf extracts secrets and paths from files or urls - its best used against javascript files
  ☆52Updated 10 months ago
• Paradoxis / Flask-Unsign-Wordlist
  The following package is the standalone wordlist-only component to flask-unsign.
  ☆39Updated last year
• dwisiswant0 / look4jar
  Looking for JAR files that are vulnerable to Log4j RCE (CVE‐2021‐44228)?
  ☆45Updated 3 years ago
• pentagridsec / PentagridScanController
  Improve automated and semi-automated active scanning in Burp Pro
  ☆61Updated last month
• Kibouo / rustpad
  Multi-threaded Padding Oracle attacks against any service. Written in Rust.
  ☆98Updated 2 years ago
• hakluke / hakq
  A basic golang server/client for distributing tasks over multiple systems.
  ☆38Updated 4 years ago
• roughiz / lfito_rce
  LFI to RCE via phpinfo() assistance or via controlled log file
  ☆69Updated 2 years ago
• Philesiv / XSLeaker
  Searcher for cross-site leaks (XS-Leaks)
  ☆82Updated 2 years ago
• owasp-amass / resolve
  DNS resolver pools written in Go
  ☆46Updated 3 months ago
• thelicato / fire
  Take domains on stdin and output them on stdout if they get resolved
  ☆33Updated 3 years ago
• projectdiscovery / ipranger
  IP/FQDN data structure helper with randomization of hosts and ports based on masscan internal logic
  ☆67Updated last year
• p4k03n4t0r / http-request-smuggling
  Blog about HTTP Request Smuggling, including a demo application.
  ☆28Updated 3 years ago
• bytehope / wwe
  ☆19Updated 4 months ago