Built on a lazy Sunday after seeing this tweet (https://twitter.com/intigriti/status/1272145863868104705?s=20) I present to you, ParameterMiner! Pipe in a list of javascript urls and ParameterMiner pulls all the variable names.
☆51Jun 14, 2020Updated 5 years ago
Alternatives and similar repositories for ParameterMiner
Users that are interested in ParameterMiner are comparing it to the libraries listed below
Sorting:
- Extract relative urls from a heap snapshot☆87May 30, 2021Updated 4 years ago
- Wwwordlist is a wordlist generator for pentesters and bug bounty hunters. It extracts words from HTML, URLs, JS/HTTP/input variables, quo…☆104Sep 10, 2023Updated 2 years ago
- ☆38Nov 27, 2020Updated 5 years ago
- GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fing…☆207Jun 21, 2023Updated 2 years ago
- Simple "postMessage logger" Chrome extension☆103May 2, 2020Updated 5 years ago
- commonspeak2 subdomains wordlist generated daily **DEPRECATED** The author(s) of commonspeak2 maintain an official repo with more lists. …☆40May 21, 2021Updated 4 years ago
- Push notifications to Slack channel or to custom server based on BurpSuite response conditions.☆17Nov 26, 2020Updated 5 years ago
- A tool to perform permutations, mutations and alteration of subdomains in golang.☆156Nov 24, 2023Updated 2 years ago
- ☆30Jun 27, 2022Updated 3 years ago
- differer finds how URLs are parsed by different languages in order to help bug hunters break filters☆63May 3, 2020Updated 5 years ago
- HTTP parameter discovery suite.☆93Apr 16, 2020Updated 5 years ago
- ☆36Jul 15, 2020Updated 5 years ago
- Subvenkon is a subdomain enumerator from Venkon☆22Jun 22, 2020Updated 5 years ago
- Wraps projectdiscovery's cdncheck library to exclude CDN hosts from input passed over stdin☆45Mar 13, 2023Updated 3 years ago
- VHostChecker takes a csv list of targets in the form of domain,ip,port and runs 4 seperate connection checks to get a quick sense of how …☆33Sep 14, 2023Updated 2 years ago
- Quickly generate context-specific wordlists for content discovery from lists of URLs or paths☆238May 4, 2022Updated 3 years ago
- A Payload Injector for bugbounties written in go☆70Jul 18, 2020Updated 5 years ago
- Blind spot is a python tool for blind injection vulnerabilities , SQLi time based , Command injection , code injection , SSTI☆27Jan 6, 2021Updated 5 years ago
- Service-Now Article Bruteforcer☆16Jun 5, 2020Updated 5 years ago
- Smart ssrf scanner using different methods like parameter brute forcing in post and get...☆279Feb 11, 2021Updated 5 years ago
- ☆57Sep 2, 2020Updated 5 years ago
- Google Chrome Extension automates testing fundamental Web Problems via Chrome☆20Mar 18, 2021Updated 5 years ago
- A tool to find subdomains or domains from passive sources.☆112Jan 20, 2021Updated 5 years ago
- Dotmil subdomain discovery tool that scrapes domains from official DoD website directories and certificate transparency logs☆94Jan 21, 2021Updated 5 years ago
- ☆44Apr 30, 2021Updated 4 years ago
- Various Payload wordlists☆240Apr 26, 2025Updated 10 months ago
- ☆12May 16, 2020Updated 5 years ago
- Mini recon script to identify the links and sensitive information from a particular link☆22Mar 9, 2021Updated 5 years ago
- Suite of programs meant to aid in bug hunting and security assessments☆77Dec 29, 2019Updated 6 years ago
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆303Feb 12, 2023Updated 3 years ago
- a javascript change monitoring tool for bugbounties☆713Jul 31, 2024Updated last year
- Extension to log iframe and cross window communications.☆54Mar 14, 2023Updated 3 years ago
- ☆15Dec 15, 2020Updated 5 years ago
- sonarbyte is a simple and fast subdomain scanner written in go to extract subdomain from Rapid7's DNS Database using omnisint's api.☆27Sep 4, 2022Updated 3 years ago
- Wrapper around LinkFinder to quickly determine whether endpoints have been added/removed to JavaScript files.☆41Dec 27, 2019Updated 6 years ago
- You can read the writeup on this script here☆192Sep 30, 2021Updated 4 years ago
- Horizontal Domain Discovery☆77May 22, 2023Updated 2 years ago
- Subdomains-enumeration, subdomain-takeover monitoring api and S3 bucket scanner.☆40Nov 21, 2025Updated 3 months ago
- Dump all available paths and/or endpoints on WADL file.☆98Nov 24, 2025Updated 3 months ago