Web Application Security Testing Tools
☆251Mar 13, 2024Updated 2 years ago
Alternatives and similar repositories for crimson
Users that are interested in crimson are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Guide to SSRF☆74Oct 10, 2023Updated 2 years ago
- ☆45Jun 5, 2021Updated 4 years ago
- Subdomain takeover scanner using Python asyncio☆18Oct 24, 2022Updated 3 years ago
- Automated Web Recon Shell Scripts☆53Dec 6, 2021Updated 4 years ago
- Hidden parameters discovery suite☆2,038Sep 8, 2024Updated last year
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- ☆12Jan 4, 2022Updated 4 years ago
- An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and…☆804Jul 4, 2023Updated 2 years ago
- A tools for JavaScript Recon☆24Jul 25, 2020Updated 5 years ago
- OpenBugBounty - https://www.openbugbounty.org/ programs list☆23Mar 15, 2021Updated 5 years ago
- Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one pl…☆1,040Aug 23, 2025Updated 7 months ago
- Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for m…☆704Oct 29, 2021Updated 4 years ago
- Sweetuu is a Advance Shell which can be used to achieve RCE easily through LFI & RFI. For easy wins in bug bounty, upload sweetuu instead…☆10Dec 16, 2024Updated last year
- A Burp Suite extension for identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violati…☆398Mar 6, 2026Updated 3 weeks ago
- An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects☆973Dec 8, 2021Updated 4 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- A collection of custom built scripts to exploit known vulnerability chains☆25Jul 23, 2021Updated 4 years ago
- A tool to fastly get all javascript sources/files☆860Jul 4, 2025Updated 8 months ago
- ☆15Mar 21, 2025Updated last year
- reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and findin…☆7,371Mar 20, 2026Updated last week
- Automating XSS using Bash☆363Jan 27, 2026Updated 2 months ago
- declutters url lists for crawling/pentesting☆1,539Feb 23, 2025Updated last year
- Little Bug Bounty & Hacking Tools⚔️☆373Updated this week
- WaybackURLS + OtxURLS + CommonCrawl = The Best Results☆21Dec 7, 2019Updated 6 years ago
- A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.☆1,989Sep 5, 2021Updated 4 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- A python script to scan for Apache Tomcat server vulnerabilities.☆889Jan 12, 2026Updated 2 months ago
- MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilitie…☆1,035Jul 23, 2024Updated last year
- Small wiki for Mobile Application Penetration Testing Tools☆12Apr 8, 2021Updated 4 years ago
- bypass-url-parser☆1,122Updated this week
- The Swiss Army knife for automated Web Application Testing☆2,321May 8, 2024Updated last year
- Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hu…☆2,353Jun 27, 2024Updated last year
- An SSRF detector tool written in golang. I have fixed some errors and added some more payloads to it. But the tool credits go to z0idsec.☆45Feb 10, 2021Updated 5 years ago
- All The Notes And Tips I FOund In Github And Twitter I Put Them Here☆35Aug 31, 2020Updated 5 years ago
- A training course on Web Security, Exploit Development and Source Code Auditing from 2009.☆12Feb 15, 2022Updated 4 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- A collection of awesome one-liner scripts especially for bug bounty tips.☆3,088Jul 29, 2024Updated last year
- HostHunter a recon tool for discovering hostnames using OSINT techniques.☆1,158Mar 30, 2023Updated 3 years ago
- Tips For Bug Bounty Hunters☆86Jul 16, 2022Updated 3 years ago
- Contextual Content Discovery Tool☆3,128Apr 29, 2024Updated last year
- Awesome Bug bounty builder Project☆675Feb 15, 2023Updated 3 years ago
- Now, the Host is Mine! - Super Fast Sub-domain Takeover Detection!☆385Jun 7, 2023Updated 2 years ago
- Top 2025 Vulnerabilities You Shouldn’t Accept in a Pentest Report☆14Feb 6, 2025Updated last year