EndExt is a .go tool for extracting all the possible endpoints from the JS files
☆219Jul 14, 2024Updated last year
Alternatives and similar repositories for endext
Users that are interested in endext are comparing it to the libraries listed below
Sorting:
- JsValidator is a tool created for validating the JS files after crawlling it from waybackurls☆18Mar 13, 2023Updated 2 years ago
- i will upload more templates here to share with the comunity.☆567Apr 17, 2024Updated last year
- Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!☆978Jan 12, 2024Updated 2 years ago
- User-Agent , X-Forwarded-For and Referer SQLI Fuzzer☆382May 19, 2023Updated 2 years ago
- A Powerful Sensor Tool to discover login panels, and POST Form SQLi Scanning☆523Jul 5, 2023Updated 2 years ago
- 「🔑」A tool used to hunt down API key leaks in JS files and pages☆853Sep 4, 2025Updated 6 months ago
- A command-line utility designed to recursively spider webpages for URLs. It works by actively traversing websites - following links embed…☆104Dec 8, 2025Updated 2 months ago
- A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues☆374Jul 25, 2023Updated 2 years ago
- Filter and enrich a list of subdomains by level☆210Sep 25, 2023Updated 2 years ago
- ☆99Mar 6, 2023Updated 2 years ago
- Subdomains analysis and generation tool. Reveal the hidden!☆244Jun 8, 2025Updated 8 months ago
- Crtsh Subdomain Enumeration | This bash script makes it easy to quickly save and parse the output from https://crt.sh website.☆263Aug 31, 2024Updated last year
- This is a Burp Suite extension that allows users to easily add web addresses to the Burp Suite scope.☆97Jan 2, 2025Updated last year
- A tool to quickly do keyword searches over Gitlab and Github for OSINT & bug bounty recon☆245Oct 20, 2023Updated 2 years ago
- A command-line utility designed to discover subdomains for a given domain in a simple, efficient way. It works by gathering information f…☆116Feb 23, 2026Updated last week
- Filter URLs to save your time.☆60Jul 29, 2022Updated 3 years ago
- A python tool used to discover endpoints, potential parameters, a target specific wordlist for a given target and secrets☆1,529Jan 15, 2026Updated last month
- 1337 Wordlists for Bug Bounty Hunting☆932Updated this week
- De-clutter a list of URLs☆386Feb 3, 2026Updated last month
- My Priv8 Nuclei Templates☆338May 12, 2024Updated last year
- jsleak is a tool to find secret , paths or links in the source code during the recon.☆576Sep 25, 2025Updated 5 months ago
- LFI-FINDER is an open-source tool available on GitHub that focuses on detecting Local File Inclusion (LFI) vulnerabilities☆299Jan 7, 2024Updated 2 years ago
- ☆858Dec 26, 2025Updated 2 months ago
- Tool for testing reflections in the HTTP responses☆60Jun 10, 2023Updated 2 years ago
- Discover hidden debugging parameters and uncover web application secrets☆247Feb 4, 2026Updated last month
- Weaponizing WaybackUrls for Recon, BugBounties , OSINT, Sensitive Endpoints and what not☆517Nov 26, 2025Updated 3 months ago
- Extract URLs, paths, secrets, and other interesting bits from JavaScript☆1,773May 22, 2024Updated last year
- ☆18Apr 3, 2023Updated 2 years ago
- Detailed information about API key / OAuth token (Description, Request, Response, Regex, Example)☆289Sep 26, 2023Updated 2 years ago
- "XSS automation tool helps hackers identify and exploit cross-site scripting vulnerabilities in web apps. Tests for reflected and persist…☆91Jul 26, 2024Updated last year
- a javascript change monitoring tool for bugbounties☆711Jul 31, 2024Updated last year
- AllForOne allows bug bounty hunters and security researchers to collect all Nuclei YAML templates from various public repositories,☆733Mar 21, 2024Updated last year
- Crawlector is a threat hunting framework designed for scanning websites for malicious objects.☆124Dec 13, 2025Updated 2 months ago
- WhatMail is a command-line tool that analyzes the header of an email and provides detailed information about various fields.☆139Jul 27, 2023Updated 2 years ago
- Automated Tool for Testing Header Based Blind SQL Injection☆323Jul 23, 2023Updated 2 years ago
- A simple tool for bypassing file upload restrictions.☆893Jul 22, 2024Updated last year
- Burp Suite's extension to scan and crawl Single Page Applications☆107Apr 14, 2023Updated 2 years ago
- Never forget where you inject.☆298Aug 15, 2025Updated 6 months ago
- ☆1,116Jul 26, 2023Updated 2 years ago