Web Application Security Testing Tools
☆252Mar 13, 2024Updated 2 years ago
Alternatives and similar repositories for crimson
Users that are interested in crimson are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Linux Post-Exploitation tools wrapper☆20Mar 21, 2023Updated 3 years ago
- Guide to SSRF☆75Oct 10, 2023Updated 2 years ago
- ☆45Jun 5, 2021Updated 4 years ago
- Subdomain takeover scanner using Python asyncio☆18Oct 24, 2022Updated 3 years ago
- Automated Web Recon Shell Scripts☆53Dec 6, 2021Updated 4 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Hidden parameters discovery suite☆2,047Sep 8, 2024Updated last year
- ☆12Jan 4, 2022Updated 4 years ago
- An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and…☆807Jul 4, 2023Updated 2 years ago
- A tools for JavaScript Recon☆24Jul 25, 2020Updated 5 years ago
- OpenBugBounty - https://www.openbugbounty.org/ programs list☆23Mar 15, 2021Updated 5 years ago
- Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one pl…☆1,039Aug 23, 2025Updated 7 months ago
- Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for m…☆703Oct 29, 2021Updated 4 years ago
- Sweetuu is a Advance Shell which can be used to achieve RCE easily through LFI & RFI. For easy wins in bug bounty, upload sweetuu instead…☆10Dec 16, 2024Updated last year
- A Burp Suite extension for identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violati…☆398Mar 6, 2026Updated last month
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects☆973Dec 8, 2021Updated 4 years ago
- A tool to fastly get all javascript sources/files☆864Jul 4, 2025Updated 9 months ago
- ☆15Mar 21, 2025Updated last year
- Automating XSS using Bash☆363Jan 27, 2026Updated 2 months ago
- reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and findin…☆7,444Apr 10, 2026Updated last week
- declutters url lists for crawling/pentesting☆1,545Feb 23, 2025Updated last year
- Little Bug Bounty & Hacking Tools⚔️☆375Mar 30, 2026Updated 2 weeks ago
- WaybackURLS + OtxURLS + CommonCrawl = The Best Results☆21Dec 7, 2019Updated 6 years ago
- A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.☆1,997Sep 5, 2021Updated 4 years ago
- Serverless GPU API endpoints on Runpod - Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Windows Post-Exploitation tools wrapper☆12Jun 24, 2024Updated last year
- A python script to scan for Apache Tomcat server vulnerabilities.☆892Jan 12, 2026Updated 3 months ago
- MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilitie…☆1,036Jul 23, 2024Updated last year
- A collection of custom built scripts to exploit known vulnerability chains☆26Jul 23, 2021Updated 4 years ago
- Small wiki for Mobile Application Penetration Testing Tools☆12Apr 8, 2021Updated 5 years ago
- bypass-url-parser☆1,123Apr 4, 2026Updated 2 weeks ago
- The Swiss Army knife for automated Web Application Testing☆2,328May 8, 2024Updated last year
- Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hu…☆2,356Jun 27, 2024Updated last year
- An SSRF detector tool written in golang. I have fixed some errors and added some more payloads to it. But the tool credits go to z0idsec.☆45Feb 10, 2021Updated 5 years ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- All The Notes And Tips I FOund In Github And Twitter I Put Them Here☆35Aug 31, 2020Updated 5 years ago
- A training course on Web Security, Exploit Development and Source Code Auditing from 2009.☆12Feb 15, 2022Updated 4 years ago
- A collection of awesome one-liner scripts especially for bug bounty tips.☆3,104Jul 29, 2024Updated last year
- HostHunter a recon tool for discovering hostnames using OSINT techniques.☆1,157Mar 30, 2023Updated 3 years ago
- Tips For Bug Bounty Hunters☆86Jul 16, 2022Updated 3 years ago
- Contextual Content Discovery Tool☆3,145Apr 29, 2024Updated last year
- Awesome Bug bounty builder Project☆676Feb 15, 2023Updated 3 years ago