Now, the Host is Mine! - Super Fast Sub-domain Takeover Detection!
☆382Jun 7, 2023Updated 2 years ago
Alternatives and similar repositories for NtHiM
Users that are interested in NtHiM are comparing it to the libraries listed below
Sorting:
- Automation Recon tool which works with Large & Medium scopes. It performs a lot of tasks and gets back all the results in separated files…☆684Jul 15, 2024Updated last year
- Hidden parameters discovery suite☆224Nov 14, 2022Updated 3 years ago
- Top level domain scanner in Go☆30Sep 24, 2023Updated 2 years ago
- ☆13Feb 26, 2021Updated 5 years ago
- Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for m…☆705Oct 29, 2021Updated 4 years ago
- ☆436Jun 1, 2021Updated 4 years ago
- A tool to check a bunch of URLs that contain reflecting params.☆598Aug 4, 2024Updated last year
- An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects☆970Dec 8, 2021Updated 4 years ago
- Electron JS Browser To Find XSS Vulnerabilities Automatically☆747Mar 30, 2021Updated 4 years ago
- Go scripts for checking API key / access token validity☆221Aug 3, 2021Updated 4 years ago
- Astra is a tool to find URLs and secrets inside a webpage/files☆212Mar 14, 2023Updated 2 years ago
- Automating XSS using Bash☆362Jan 27, 2026Updated last month
- Subdomain takeover vulnerability checker☆1,525Sep 10, 2024Updated last year
- A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀☆659Aug 28, 2025Updated 6 months ago
- An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and…☆802Jul 4, 2023Updated 2 years ago
- Bucky (An automatic S3 bucket discovery tool)☆198Jan 6, 2022Updated 4 years ago
- Open Redirection Analyzer☆813Mar 5, 2023Updated 3 years ago
- Signatures for jaeles scanner by @j3ssie☆117Apr 20, 2024Updated last year
- automated web assets enumeration & scanning [DEPRECATED]☆288Mar 7, 2023Updated 2 years ago
- ☆756Jun 26, 2024Updated last year
- Urls de-duplication tool for better recon.☆145May 29, 2025Updated 9 months ago
- declutters url lists for crawling/pentesting☆1,531Feb 23, 2025Updated last year
- GH-Takeover — GitHub Pages Sub-domain Takeover Automation!☆28Apr 17, 2021Updated 4 years ago
- A replacement of "qsreplace", accepts URLs as standard input, replaces all query string values with user-supplied values and stdout.☆109Mar 1, 2022Updated 4 years ago
- Prototype pollution scanner using headless chrome☆218Jul 27, 2022Updated 3 years ago
- Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3☆2,062Jan 2, 2024Updated 2 years ago
- Takeover subdomains using AWS dangling elastic ips and have a working POC for Subdomain Takeover.☆93Jul 9, 2025Updated 7 months ago
- A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.☆519Jun 22, 2022Updated 3 years ago
- Heuristic Vulnerable Parameter Scanner☆601Jan 8, 2024Updated 2 years ago
- A tool for append URLs, skipping duplicates/paths & combine parameters.☆128Mar 2, 2022Updated 4 years ago
- CloudFlare Checker written in Go☆237May 12, 2024Updated last year
- A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..e…☆1,024Feb 22, 2026Updated last week
- Hidden parameters discovery suite☆2,028Sep 8, 2024Updated last year
- Automation for javascript recon in bug bounty.☆1,069Sep 9, 2023Updated 2 years ago
- ☆299Jul 16, 2022Updated 3 years ago
- Endpoint monitor tool☆21Sep 16, 2020Updated 5 years ago
- Get related domains / subdomains by looking at Google Analytics IDs☆250Jun 3, 2022Updated 3 years ago
- Check AWS S3 instances for read/write/delete access☆121Feb 8, 2022Updated 4 years ago
- The project aims at creating target-specific wordlists for any web application that you are testing.☆66May 28, 2022Updated 3 years ago