Web Application Security Testing Tools
☆252Mar 13, 2024Updated 2 years ago
Alternatives and similar repositories for crimson
Users that are interested in crimson are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Guide to SSRF☆80Oct 10, 2023Updated 2 years ago
- ☆45Jun 5, 2021Updated 5 years ago
- Subdomain takeover scanner using Python asyncio☆18Oct 24, 2022Updated 3 years ago
- Automated Web Recon Shell Scripts☆54Dec 6, 2021Updated 4 years ago
- Hidden parameters discovery suite☆2,064Sep 8, 2024Updated last year
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- ☆12Jan 4, 2022Updated 4 years ago
- An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and…☆809May 11, 2026Updated last month
- A tools for JavaScript Recon☆24Jul 25, 2020Updated 5 years ago
- OpenBugBounty - https://www.openbugbounty.org/ programs list☆23Mar 15, 2021Updated 5 years ago
- Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one pl…☆1,044Jun 6, 2026Updated last week
- Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for m…☆702Oct 29, 2021Updated 4 years ago
- Sweetuu is a Advance Shell which can be used to achieve RCE easily through LFI & RFI. For easy wins in bug bounty, upload sweetuu instead…☆10Dec 16, 2024Updated last year
- A Burp Suite extension for identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violati…☆399May 28, 2026Updated 2 weeks ago
- An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects☆971Dec 8, 2021Updated 4 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- A tool to fastly get all javascript sources/files☆883Jul 4, 2025Updated 11 months ago
- ☆15Mar 21, 2025Updated last year
- Automating XSS using Bash☆364Jan 27, 2026Updated 4 months ago
- reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and findin…☆7,687May 15, 2026Updated last month
- declutters url lists for crawling/pentesting☆1,560Feb 23, 2025Updated last year
- Little Bug Bounty & Hacking Tools⚔️☆380Mar 30, 2026Updated 2 months ago
- WaybackURLS + OtxURLS + CommonCrawl = The Best Results☆21Dec 7, 2019Updated 6 years ago
- A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.☆2,012Sep 5, 2021Updated 4 years ago
- A python script to scan for Apache Tomcat server vulnerabilities.☆895Jan 12, 2026Updated 5 months ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilitie…☆1,037Jul 23, 2024Updated last year
- Small wiki for Mobile Application Penetration Testing Tools☆12Apr 8, 2021Updated 5 years ago
- A collection of custom built scripts to exploit known vulnerability chains☆27Jul 23, 2021Updated 4 years ago
- bypass-url-parser☆1,134Updated this week
- The Swiss Army knife for automated Web Application Testing☆2,346May 8, 2024Updated 2 years ago
- Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hu…☆2,398Jun 27, 2024Updated last year
- All The Notes And Tips I FOund In Github And Twitter I Put Them Here☆35Aug 31, 2020Updated 5 years ago
- A training course on Web Security, Exploit Development and Source Code Auditing from 2009.☆12Feb 15, 2022Updated 4 years ago
- A collection of awesome one-liner scripts especially for bug bounty tips.☆3,154Jul 29, 2024Updated last year
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- HostHunter a recon tool for discovering hostnames using OSINT techniques.☆1,161Mar 30, 2023Updated 3 years ago
- Tips For Bug Bounty Hunters☆86Jul 16, 2022Updated 3 years ago
- Awesome Bug bounty builder Project☆675Feb 15, 2023Updated 3 years ago
- Contextual Content Discovery Tool☆3,194Apr 29, 2024Updated 2 years ago
- Now, the Host is Mine! - Super Fast Sub-domain Takeover Detection!☆386Jun 7, 2023Updated 3 years ago
- XSScope is one of the most powerful and advanced GUI Framework for Modern Browser exploitation via XSS.☆314Jun 1, 2022Updated 4 years ago
- Top 2025 Vulnerabilities You Shouldn’t Accept in a Pentest Report☆14Feb 6, 2025Updated last year