Alternatives and similar repositories for co2:

Users that are interested in co2 are comparing it to the libraries listed below

• PortSwigger / bypass-waf
  Add headers to all Burp requests to bypass some WAF products
  ☆38Updated last year
• osamahamad / CVE-2020-9484-Mass-Scan
  CVE-2020-9484 Mass Scanner, Scan a list of urls for Apache Tomcat deserialization (CVE-2020-9484) which could lead to RCE
  ☆32Updated 4 years ago
• emadshanab / 971-MB-content_discovery_wordlist
  Collection of content discovery wordlists in one wordlist.
  ☆38Updated 3 years ago
• roottusk / xforwardy
  Host Header Injection Scanner
  ☆44Updated 4 years ago
• ankitk323 / ImgRce
  Image Tragick Exploit Tool Using Burp Collaborator
  ☆35Updated 10 months ago
• PortSwigger / additional-cors-checks
  ☆9Updated 2 years ago
• arbazkiraak / BurpBLH
  Broken Link Hijacking Burp Extension
  ☆57Updated 5 years ago
• hahwul / hbxss
  Security test tool for Blind XSS
  ☆26Updated 5 years ago
• Josue87 / roboxtractor
  Extract endpoints marked as disallow in robots files to generate wordlists.
  ☆56Updated 3 years ago
• codewatchorg / Burp-AnonymousCloud
  Burp extension that performs a passive scan to identify cloud buckets and then test them for publicly accessible vulnerabilities
  ☆44Updated 2 years ago
• PortSwigger / ator
  ☆30Updated 11 months ago
• cujanovic / Virtual-host-wordlist
  Virtual host wordlist
  ☆51Updated 4 years ago
• YasserGersy / Enums
  Just lists of lists of lists !
  ☆16Updated last month
• codewatchorg / Burp-IndicatorsOfVulnerability
  Burp extension that checks application requests and responses for indicators of vulnerability or targets for attack
  ☆41Updated 2 years ago
• hahwul / gitls
  🖇 Enumerate git repository URL from list of URL / User / Org. Friendly to pipeline
  ☆59Updated 4 months ago
• dwisiswant0 / bounty-targets-alert
  It's an watcher for new scopes added to bounty-targets-data and send you alert to Slack.
  ☆57Updated 3 years ago
• DeepakPawar95 / cswsh
  A command-line tool for Cross-Site WebSocket Hijacking
  ☆43Updated last year
• topavankumarj / CORS-Exploit-Script
  ☆39Updated last year
• payloadartist / recon
  NodeJS script to extract assets for the Apple bug bounty program from their security acknowledgments page for bug bounty recon.
  ☆78Updated 2 years ago
• PortSwigger / web-cache-deception-scanner
  A Burp Extension to test applications for vulnerability to the Web Cache Deception attack
  ☆16Updated 7 years ago
• PortSwigger / asset-discovery
  Burp Suite extension to discover assets from HTTP response.
  ☆16Updated 3 years ago
• Josue87 / resolveDomains
  Given a list of domains, you resolve them and get the IP addresses.
  ☆49Updated 3 years ago
• ameenmaali / endpointdiff
  Wrapper around LinkFinder to quickly determine whether endpoints have been added/removed to JavaScript files.
  ☆41Updated 5 years ago
• R0X4R / scvault
  Custom scripts for directory fuzzing, subdomain enumeration, and more.
  ☆43Updated 3 years ago
• PortSwigger / hunt-scanner
  ☆18Updated 3 years ago
• dwisiswant0 / look4jar
  Looking for JAR files that are vulnerable to Log4j RCE (CVE‐2021‐44228)?
  ☆45Updated 3 years ago
• cybercdh / dirlstr
  Finds Directory Listings or open S3 buckets from a list of URLs
  ☆52Updated 3 years ago
• novanazizr / 10-Reset-Password-Flaws
  10 Reset Password Flaws Based on Web Application Security
  ☆11Updated 4 years ago
• jayateertha043 / FireOver
  A FireBase DataBase TakeOver Tool along with POC Generator
  ☆33Updated 3 years ago
• chopicalqui / TurboDataMiner
  The objective of this Burp Suite extension is the flexible and dynamic extraction, correlation, and structured presentation of informatio…
  ☆55Updated 2 years ago