Built on a lazy Sunday after seeing this tweet (https://twitter.com/intigriti/status/1272145863868104705?s=20) I present to you, ParameterMiner! Pipe in a list of javascript urls and ParameterMiner pulls all the variable names.
☆51Jun 14, 2020Updated 5 years ago
Alternatives and similar repositories for ParameterMiner
Users that are interested in ParameterMiner are comparing it to the libraries listed below
Sorting:
- Extract relative urls from a heap snapshot☆87May 30, 2021Updated 4 years ago
- ☆38Nov 27, 2020Updated 5 years ago
- Wwwordlist is a wordlist generator for pentesters and bug bounty hunters. It extracts words from HTML, URLs, JS/HTTP/input variables, quo…☆104Sep 10, 2023Updated 2 years ago
- Blind spot is a python tool for blind injection vulnerabilities , SQLi time based , Command injection , code injection , SSTI☆27Jan 6, 2021Updated 5 years ago
- A tool to perform permutations, mutations and alteration of subdomains in golang.☆156Nov 24, 2023Updated 2 years ago
- Push notifications to Slack channel or to custom server based on BurpSuite response conditions.☆17Nov 26, 2020Updated 5 years ago
- ☆36Jul 15, 2020Updated 5 years ago
- GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fing…☆207Jun 21, 2023Updated 2 years ago
- commonspeak2 subdomains wordlist generated daily **DEPRECATED** The author(s) of commonspeak2 maintain an official repo with more lists. …☆40May 21, 2021Updated 4 years ago
- ☆30Jun 27, 2022Updated 3 years ago
- Wraps projectdiscovery's cdncheck library to exclude CDN hosts from input passed over stdin☆45Mar 13, 2023Updated 2 years ago
- Dotmil subdomain discovery tool that scrapes domains from official DoD website directories and certificate transparency logs☆94Jan 21, 2021Updated 5 years ago
- A BurpSuite plugin for BBRF☆25Nov 17, 2024Updated last year
- differer finds how URLs are parsed by different languages in order to help bug hunters break filters☆63May 3, 2020Updated 5 years ago
- ☆44Apr 30, 2021Updated 4 years ago
- A python3 intruder that gave me bounties, easy to use and as fast as fuff☆38Oct 31, 2020Updated 5 years ago
- HTTP parameter discovery suite.☆93Apr 16, 2020Updated 5 years ago
- Quickly generate context-specific wordlists for content discovery from lists of URLs or paths☆238May 4, 2022Updated 3 years ago
- 0x0p1n3r is set of combination of other tools and one line scripts to find subdomains easily and to check subdomain takeover☆57Dec 15, 2020Updated 5 years ago
- Burp extension to generate multi-step CSRF POC.☆31Sep 23, 2019Updated 6 years ago
- Simple "postMessage logger" Chrome extension☆103May 2, 2020Updated 5 years ago
- A set of Gitlab pipelines and Github workflows to automate and ease on BugBounty and Penetration Testing engagements☆28Dec 18, 2022Updated 3 years ago
- WILSON Cloud Respwnder is a Web Interaction Logger Sending Out Notifications with the ability to serve custom content in order to appropr…☆50Sep 5, 2024Updated last year
- Google Chrome Extension automates testing fundamental Web Problems via Chrome☆20Mar 18, 2021Updated 4 years ago
- ☆15Dec 15, 2020Updated 5 years ago
- Service-Now Article Bruteforcer☆16Jun 5, 2020Updated 5 years ago
- Smart ssrf scanner using different methods like parameter brute forcing in post and get...☆279Feb 11, 2021Updated 5 years ago
- ☆57Sep 2, 2020Updated 5 years ago
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆303Feb 12, 2023Updated 3 years ago
- A collection of code for interacting with API sources directly to improve your understanding of those services.☆66Dec 11, 2020Updated 5 years ago
- Credax - Fuzzing Tool with Slack Notifications. Also removes false positive responses.☆10Oct 14, 2021Updated 4 years ago
- Expand urls into one url for each path depth☆31Jul 29, 2020Updated 5 years ago
- ☆10Nov 24, 2018Updated 7 years ago
- a tool that compiles a csv of all h1 program stats☆49Jul 2, 2023Updated 2 years ago
- Horizontal Domain Discovery☆77May 22, 2023Updated 2 years ago
- Subdomains-enumeration, subdomain-takeover monitoring api and S3 bucket scanner.☆40Nov 21, 2025Updated 3 months ago
- Wrapper around LinkFinder to quickly determine whether endpoints have been added/removed to JavaScript files.☆41Dec 27, 2019Updated 6 years ago
- This repo includes my analysis of some public reports.☆55Sep 22, 2020Updated 5 years ago
- You can read the writeup on this script here☆192Sep 30, 2021Updated 4 years ago