Alternatives and similar repositories for CORStest:

Users that are interested in CORStest are comparing it to the libraries listed below

• mazen160 / bfac
  BFAC (Backup File Artifacts Checker): An automated tool that checks for backup artifacts that may disclose the web-application's source c…
  ☆546Updated 2 years ago
• antichown / subdomain-takeover
  Subdomain Takeover Scanner | Subdomain Takeover Tool | by 0x94
  ☆358Updated last year
• nahamsec / HostileSubBruteforcer
  ☆463Updated 4 years ago
• daeken / httprebind
  Automatic tool for DNS rebinding-based SSRF attacks
  ☆298Updated 4 years ago
• appsecco / bugcrowd-levelup-subdomain-enumeration
  This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtu…
  ☆634Updated 6 years ago
• ZephrFish / GoogD0rker
  Note: Going through a full re-write of the tooling so the current versions in the repo do not work!
  ☆403Updated 4 years ago
• mandatoryprogrammer / xsshunter_client
  Correlated injection proxy tool for XSS Hunter
  ☆256Updated 2 years ago
• EdOverflow / megplus
  Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]
  ☆304Updated 6 years ago
• gwen001 / s3-buckets-finder
  Find AWS S3 buckets and test their permissions.
  ☆377Updated last year
• TypeError / domained
  Multi Tool Subdomain Enumeration
  ☆725Updated 3 years ago
• fransr / bountyplz
  Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported)
  ☆452Updated 5 years ago
• milo2012 / pathbrute
  Pathbrute
  ☆449Updated 4 years ago
• internetwache / CT_subdomains
  An hourly updated list of subdomains gathered from certificate transparency logs
  ☆343Updated 3 years ago
• mazen160 / server-status_PWN
  A script that monitors and extracts requested URLs and clients connected to the service by exploiting publicly accessible Apache server-s…
  ☆433Updated 3 years ago
• Mad-robot / Spartan
  My Recon Automation
  ☆194Updated 3 years ago
• tomdev / teh_s3_bucketeers
  ☆275Updated 3 years ago
• zseano / JS-Scan
  a .js scanner, built in php. designed to scrape urls and other info
  ☆212Updated 7 years ago
• TheHackerDev / race-the-web
  Tests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.
  ☆601Updated 2 years ago
• JoshuaMart / AutoRecon
  Simple shell script for automated domain recognition with some tools
  ☆299Updated 4 years ago
• jobertabma / virtual-host-discovery
  A script to enumerate virtual hosts on a server.
  ☆679Updated 7 years ago
• jobertabma / relative-url-extractor
  A small tool that extracts relative URLs from a file.
  ☆743Updated 4 years ago
• anshumanbh / tko-subs
  A tool that can help detect and takeover subdomains with dead DNS records
  ☆756Updated 4 years ago
• infosec-au / enumXFF
  Enumerating IPs in X-Forwarded-Headers to bypass 403 restrictions
  ☆220Updated 2 years ago
• 0xbharath / censys-enumeration
  A script to extract subdomains/emails for a given domain using SSL/TLS certificate dataset on Censys
  ☆152Updated 2 years ago
• JacobReynolds / ssrfDetector
  Server-side request forgery detector
  ☆155Updated 7 years ago
• RhinoSecurityLabs / SleuthQL
  Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.
  ☆468Updated 5 years ago
• bugbountyforum / XSS-Radar
  ☆326Updated 7 years ago
• LewisArdern / bXSS
  bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
  ☆527Updated 2 years ago
• lc / theftfuzzer
  TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.
  ☆310Updated last year
• pentester-io / commonspeak
  Content discovery wordlists generated using BigQuery
  ☆565Updated 4 years ago