Karmaz95 / crimsonView external linksLinks
Web Application Security Testing Tools
☆251Mar 13, 2024Updated last year
Alternatives and similar repositories for crimson
Users that are interested in crimson are comparing it to the libraries listed below
Sorting:
- Guide to SSRF☆74Oct 10, 2023Updated 2 years ago
- A tools for JavaScript Recon☆24Jul 25, 2020Updated 5 years ago
- ☆45Jun 5, 2021Updated 4 years ago
- Subdomain takeover scanner using Python asyncio☆18Oct 24, 2022Updated 3 years ago
- An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and…☆800Jul 4, 2023Updated 2 years ago
- Linux Post-Exploitation tools wrapper☆20Mar 21, 2023Updated 2 years ago
- Automated Web Recon Shell Scripts☆53Dec 6, 2021Updated 4 years ago
- WaybackURLS + OtxURLS + CommonCrawl = The Best Results☆22Dec 7, 2019Updated 6 years ago
- A Burp Suite extension for identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violati…☆394Feb 4, 2026Updated last week
- OpenBugBounty - https://www.openbugbounty.org/ programs list☆23Mar 15, 2021Updated 4 years ago
- Hidden parameters discovery suite☆2,015Sep 8, 2024Updated last year
- Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one pl…☆1,038Aug 23, 2025Updated 5 months ago
- ☆12Jan 4, 2022Updated 4 years ago
- Little Bug Bounty & Hacking Tools⚔️☆369Nov 10, 2024Updated last year
- Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for m…☆705Oct 29, 2021Updated 4 years ago
- An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects☆971Dec 8, 2021Updated 4 years ago
- Tips For Bug Bounty Hunters☆86Jul 16, 2022Updated 3 years ago
- MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilitie…☆1,022Jul 23, 2024Updated last year
- ☆15Mar 21, 2025Updated 10 months ago
- An SSRF detector tool written in golang. I have fixed some errors and added some more payloads to it. But the tool credits go to z0idsec.☆45Feb 10, 2021Updated 5 years ago
- declutters url lists for crawling/pentesting☆1,522Feb 23, 2025Updated 11 months ago
- A collection of custom built scripts to exploit known vulnerability chains☆25Jul 23, 2021Updated 4 years ago
- List of XSS Payloads☆15Jul 5, 2022Updated 3 years ago
- reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and findin…☆7,192Updated this week
- Modern real world bug bounty payloads and exploitation techniques with may earn you some $$$.☆29Nov 7, 2023Updated 2 years ago
- A Bash script and Docker image for Bug Bounty reconnaissance. Intended for headless use.☆919Nov 19, 2025Updated 2 months ago
- Automating XSS using Bash☆361Jan 27, 2026Updated 2 weeks ago
- R3C0Nizer is the first ever CLI based menu-driven web application B-Tier recon framework.☆152Apr 2, 2021Updated 4 years ago
- A tool to fastly get all javascript sources/files☆856Jul 4, 2025Updated 7 months ago
- A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.☆1,969Sep 5, 2021Updated 4 years ago
- Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration☆1,194Jan 9, 2026Updated last month
- Secret and/or credential patterns used for gf.☆243Feb 10, 2023Updated 3 years ago
- Automation Recon tool which works with Large & Medium scopes. It performs a lot of tasks and gets back all the results in separated files…☆685Jul 15, 2024Updated last year
- HostHunter a recon tool for discovering hostnames using OSINT techniques.☆1,155Mar 30, 2023Updated 2 years ago
- ⡷⠂𝚔𝚊𝚛𝚖𝚊 𝚟𝟸⠐⢾ is a Passive Open Source Intelligence (OSINT) Automated Reconnaissance (framework)☆935May 21, 2025Updated 8 months ago
- XSScope is one of the most powerful and advanced GUI Framework for Modern Browser exploitation via XSS.☆315Jun 1, 2022Updated 3 years ago
- Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hu…☆2,317Jun 27, 2024Updated last year
- A python script to scan for Apache Tomcat server vulnerabilities.☆888Jan 12, 2026Updated last month
- Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned ent…☆2,106Nov 18, 2024Updated last year