Afuzz is an automated web path fuzzing tool for the Bug Bounty projects.
☆311Jul 15, 2023Updated 2 years ago
Alternatives and similar repositories for Afuzz
Users that are interested in Afuzz are comparing it to the libraries listed below
Sorting:
- 目录扫描+JS文件中提取URL和子域+403状态绕过+指纹识别☆857Sep 30, 2025Updated 5 months ago
- URLFUZZ By T00ls.Net☆24Jul 4, 2023Updated 2 years ago
- Argo is an automated general crawler for automatically obtaining website URLs . Argo 是一个自动化扫描器爬虫 用于自动化获取网站的URL 基于go-rod实现了静态和动态结合的方式来实现☆217Dec 16, 2025Updated 2 months ago
- 基于burpsuite的资产分析工具☆474Apr 29, 2023Updated 2 years ago
- A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors☆90Feb 3, 2024Updated 2 years ago
- 一款用于辅助渗透测试工程师日常渗透测试的Burp被动漏扫插件☆242Nov 25, 2022Updated 3 years ago
- 对Auth/Waf 自动化bypass的burpsuite插件☆1,089Updated this week
- 最好用最智能最可控的目录Fuzz工具 | The most powerful, user-friendly, intelligent, and precise HTTP Fuzzer.☆982Feb 12, 2026Updated 2 weeks ago
- API Security DAST & Oprations☆319Jul 5, 2023Updated 2 years ago
- A rapid HTTP downgrade smuggling scanner written in Go.☆313May 16, 2024Updated last year
- Smart context-based SSRF vulnerability scanner.☆360May 5, 2022Updated 3 years ago
- A Burp Suite extension to add OpenAI (GPT) on Burp and help you with your Bug Bounty recon to discover endpoints, params, URLs, subdomain…☆888May 3, 2023Updated 2 years ago
- 一款代理扫描器☆566May 5, 2023Updated 2 years ago
- AK资源管理工具,阿里云/腾讯云/华为云/AWS/UCLOUD/京东云/百度云/七牛云存储/火山引擎 AccessKey AccessKeySecret,利用AK获取资源信息和操作资源,ECS/CVM/E2/UHOST/ECI/BCC执行命令,OSS/COS/S3/BOS…☆779Feb 13, 2025Updated last year
- APIKit:Discovery, Scan and Audit APIs Toolkit All In One.☆2,239Apr 2, 2024Updated last year
- RevSuit is a flexible and powerful reverse connection platform designed for receiving connection from target host in penetration.☆561Jun 1, 2023Updated 2 years ago
- Discover hidden debugging parameters and uncover web application secrets☆247Feb 4, 2026Updated 3 weeks ago
- Burp Suite's extension to scan and crawl Single Page Applications☆107Apr 14, 2023Updated 2 years ago
- jsubfinder searches webpages for javascript & analyzes them for hidden subdomains and secrets (wip).☆280Jan 15, 2025Updated last year
- OneScan 是一款用于递归目录扫描的 BurpSuite 插件☆1,230Jun 24, 2025Updated 8 months ago
- A path-normalization pentesting tool.☆151Jan 22, 2026Updated last month
- 用于渗透测试中对40x页面进行bypass并发扫描,采用go��编写☆262Mar 25, 2023Updated 2 years ago
- Fast and customizable subdomain wordlist generator using DSL☆928Feb 5, 2026Updated 3 weeks ago
- Burpsuite - Route Vulnerable Scanning 递归式被动检测脆弱路径的burp插件☆1,314Jun 29, 2024Updated last year
- 🚫 Advanced tool for security researchers to bypass 403/40X restrictions through smart techniques and adaptive request manipulation. Fast…☆1,519Updated this week
- 新一代子域名主/被动收集工具 - Subdomain automatic/passive collection tool☆498Oct 9, 2022Updated 3 years ago
- 爬网站JS文件,自动fuzz api接口,指定api接口(针对前后端分离项目,可指定后端接口地址),回显api响应☆756Jul 20, 2023Updated 2 years ago
- Jie stands out as a comprehensive security assessment and exploitation tool meticulously crafted for web applications. Its robust suite o…☆614Jul 5, 2024Updated last year
- Burp extension to evade TLS fingerprinting. Bypass WAF, spoof any browser.☆1,749Feb 11, 2026Updated 2 weeks ago
- Apache Superset Auth Bypass (CVE-2023-27524)☆11May 9, 2023Updated 2 years ago
- Community curated list of nuclei templates for finding "unknown" security vulnerabilities.☆89May 2, 2024Updated last year
- A python tool used to discover endpoints, potential parameters, a target specific wordlist for a given target and secrets☆1,529Jan 15, 2026Updated last month
- A Swagger API Exploit☆1,370Jun 7, 2024Updated last year
- Browser-based XSS finder☆209Jul 30, 2022Updated 3 years ago
- Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack…☆3,210May 24, 2024Updated last year
- Wscan is a web security scanner that focuses on web security, dedicated to making web security accessible to everyone.☆702Jan 6, 2026Updated last month
- 🚀Komo, a comprehensive asset collection and vulnerability scanning tool. Komo 一个综合资产收集和漏洞扫描工具,集成了20余款工具,通过多种方式对子域进行获取,收集域名邮箱,进行存活探测,域名指纹…☆560Jan 19, 2024Updated 2 years ago
- 面向红队的, 高性能高度自由可拓展的自动化扫描引擎 | A highly controllable and extensionable automated scanning engine for red teams☆2,009Feb 3, 2026Updated last month
- User-Agent , X-Forwarded-For and Referer SQLI Fuzzer☆382May 19, 2023Updated 2 years ago