Web Application Security Testing Tools
☆252Mar 13, 2024Updated 2 years ago
Alternatives and similar repositories for crimson
Users that are interested in crimson are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Guide to SSRF☆79Oct 10, 2023Updated 2 years ago
- ☆45Jun 5, 2021Updated 4 years ago
- Subdomain takeover scanner using Python asyncio☆18Oct 24, 2022Updated 3 years ago
- Automated Web Recon Shell Scripts☆54Dec 6, 2021Updated 4 years ago
- Hidden parameters discovery suite☆2,059Sep 8, 2024Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- ☆12Jan 4, 2022Updated 4 years ago
- An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and…☆809May 11, 2026Updated 2 weeks ago
- A tools for JavaScript Recon☆24Jul 25, 2020Updated 5 years ago
- OpenBugBounty - https://www.openbugbounty.org/ programs list☆23Mar 15, 2021Updated 5 years ago
- Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one pl…☆1,043Aug 23, 2025Updated 9 months ago
- Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for m…☆701Oct 29, 2021Updated 4 years ago
- Sweetuu is a Advance Shell which can be used to achieve RCE easily through LFI & RFI. For easy wins in bug bounty, upload sweetuu instead…☆10Dec 16, 2024Updated last year
- A Burp Suite extension for identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violati…☆397Updated this week
- An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects☆972Dec 8, 2021Updated 4 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- A tool to fastly get all javascript sources/files☆877Jul 4, 2025Updated 10 months ago
- ☆15Mar 21, 2025Updated last year
- Automating XSS using Bash☆364Jan 27, 2026Updated 3 months ago
- reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and findin…☆7,561May 15, 2026Updated last week
- declutters url lists for crawling/pentesting☆1,557Feb 23, 2025Updated last year
- Little Bug Bounty & Hacking Tools⚔️☆379Mar 30, 2026Updated last month
- WaybackURLS + OtxURLS + CommonCrawl = The Best Results☆21Dec 7, 2019Updated 6 years ago
- A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.☆2,007Sep 5, 2021Updated 4 years ago
- A python script to scan for Apache Tomcat server vulnerabilities.☆894Jan 12, 2026Updated 4 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilitie…☆1,034Jul 23, 2024Updated last year
- A collection of custom built scripts to exploit known vulnerability chains☆27Jul 23, 2021Updated 4 years ago
- Small wiki for Mobile Application Penetration Testing Tools☆12Apr 8, 2021Updated 5 years ago
- bypass-url-parser☆1,130May 16, 2026Updated last week
- The Swiss Army knife for automated Web Application Testing☆2,343May 8, 2024Updated 2 years ago
- Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hu…☆2,375Jun 27, 2024Updated last year
- An SSRF detector tool written in golang. I have fixed some errors and added some more payloads to it. But the tool credits go to z0idsec.☆44Feb 10, 2021Updated 5 years ago
- All The Notes And Tips I FOund In Github And Twitter I Put Them Here☆35Aug 31, 2020Updated 5 years ago
- A training course on Web Security, Exploit Development and Source Code Auditing from 2009.☆12Feb 15, 2022Updated 4 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A collection of awesome one-liner scripts especially for bug bounty tips.☆3,120Jul 29, 2024Updated last year
- HostHunter a recon tool for discovering hostnames using OSINT techniques.☆1,159Mar 30, 2023Updated 3 years ago
- Tips For Bug Bounty Hunters☆86Jul 16, 2022Updated 3 years ago
- Awesome Bug bounty builder Project☆677Feb 15, 2023Updated 3 years ago
- Contextual Content Discovery Tool☆3,180Apr 29, 2024Updated 2 years ago
- Now, the Host is Mine! - Super Fast Sub-domain Takeover Detection!☆386Jun 7, 2023Updated 2 years ago
- XSScope is one of the most powerful and advanced GUI Framework for Modern Browser exploitation via XSS.☆314Jun 1, 2022Updated 3 years ago