Alternatives and similar repositories for bhhb

Users that are interested in bhhb are comparing it to the libraries listed below

• defparam / h1stats

  View on GitHub
  a tool that compiles a csv of all h1 program stats
  ☆49Jul 2, 2023Updated 2 years ago
• sea-erkin / log-snare

  View on GitHub
  LogSnare: A playground for testing, preventing, and logging IDOR vulnerabilities.
  ☆33Mar 4, 2024Updated last year
• exploit-io / nuclei-fuzz-templates

  View on GitHub
  Gathering All Nuclei Fuzzing Templates in a Single Repo.
  ☆11Apr 23, 2024Updated last year
• dwisiswant0 / gfx

  View on GitHub
  A wrapper around grep, to help you grep for things! - Improved version of gf by @tomnomnom.
  ☆62Nov 17, 2023Updated 2 years ago
• bhavukjain1 / frida_helper

  View on GitHub
  ☆22Apr 12, 2023Updated 2 years ago
• hisxo / JSpector

  View on GitHub
  A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues
  ☆373Jul 25, 2023Updated 2 years ago
• d3mondev / burp-vps-proxy

  View on GitHub
  This Burp Suite extension allows for the automatic creation and deletion of an upstream SOCKS5 proxy on popular cloud services.
  ☆246Mar 17, 2025Updated 10 months ago
• WangYihang / Subdomain-Crawler

  View on GitHub
  A program for collecting subdomains of a list of given second-level domains (SLD)
  ☆15Updated this week
• ItsIgnacioPortal / Hacker-Scoper

  View on GitHub
  CLI tool for filtering URLs/IPs with automatically-updated Bug Bounty program scope rules.
  ☆34Dec 31, 2025Updated last month
• Static-Flow / RepeaterSearch

  View on GitHub
  This extension adds a search bar to the Repeater tab that can be used to highlight all repeater tabs where the request and/or response ma…
  ☆81Oct 20, 2023Updated 2 years ago
• WHOISshuvam / gotld

  View on GitHub
  Command-line tool to enumerate top-level domains, check response codes and find potential vulnerabilities for bug bounty hunters and secu…
  ☆26Mar 6, 2023Updated 2 years ago
• Hipapheralkus / AIAIAI

  View on GitHub
  An Incredibly Annoying, Insufferable Authentication Implementation
  ☆31Apr 17, 2024Updated last year
• pikpikcu / subdomain-monitoring-elasticsearch

  View on GitHub
  ☆20Jun 26, 2024Updated last year
• gwen001 / graphql-introspection-analyzer

  View on GitHub
  Graphql introspection query analyzer.
  ☆18Mar 28, 2023Updated 2 years ago
• Warxim / deluder

  View on GitHub
  Deluder is a tool for intercepting traffic of proxy unaware applications. Currently, Deluder supports OpenSSL, GnuTLS, SChannel, WinSock …
  ☆209Nov 14, 2025Updated 2 months ago
• Elsfa7-110 / top-burpsuite-plugins-extensions

  View on GitHub
  ☆25Aug 19, 2024Updated last year
• karelorigin / limiter

  View on GitHub
  A small command-line utility to artificially limit the input rate to STDIN.
  ☆19Feb 14, 2024Updated last year
• swanandx / rustywitness

  View on GitHub
  A CLI tool for getting screenshots of URLs using headless chrome
  ☆26Apr 23, 2023Updated 2 years ago
• hahwul / mzap

  View on GitHub
  ⚡️ Multiple target ZAP Scanning
  ☆105Nov 26, 2023Updated 2 years ago
• ferreiraklet / Jeeves

  View on GitHub
  Jeeves SQLI Finder
  ☆218May 13, 2022Updated 3 years ago
• ffuf / pencode

  View on GitHub
  Complex payload encoder
  ☆238Jan 20, 2024Updated 2 years ago
• Impact-I / x8-Burp

  View on GitHub
  Hidden parameters discovery suite
  ☆225Nov 14, 2022Updated 3 years ago
• dhn / spk

  View on GitHub
  spk aka spritzgebaeck: A small OSINT/Recon tool to find CIDRs that belong to a specific organization.
  ☆84Jan 12, 2026Updated last month
• BlackFan / Burp-Ai-Substitutor

  View on GitHub
  AI Substitutor is an extension for Burp Suite that uses AI functionality to substitute values of HTTP request parameters and headers.
  ☆28Apr 30, 2025Updated 9 months ago
• asluppiter / Somnium

  View on GitHub
  Script to test NetSec capabilities.
  ☆21May 1, 2023Updated 2 years ago
• dsecuredcom / dynamic-file-searcher

  View on GitHub
  Tool to scan servers and hosts using dynamic paths.
  ☆21Oct 1, 2025Updated 4 months ago
• hahwul / gitls

  View on GitHub
  🖇 Enumerate git repository URL from list of URL / User / Org. Friendly to pipeline
  ☆57Nov 24, 2024Updated last year
• doyensec / Session-Hijacking-Visual-Exploitation

  View on GitHub
  Session Hijacking Visual Exploitation
  ☆210Mar 7, 2024Updated last year
• dwisiswant0 / hinject

  View on GitHub
  Host Header Injection Checker
  ☆84Mar 2, 2022Updated 3 years ago
• defparam / haptyc

  View on GitHub
  ☆95Sep 18, 2021Updated 4 years ago
• Sybil-Scan / TLDbrute

  View on GitHub
  A simple utility to generate domain names with all possible TLDs
  ☆24Feb 3, 2023Updated 3 years ago
• umair9747 / 4oFour

  View on GitHub
  A tech enumeration toolkit focused on 404 Not found pages.
  ☆25Oct 6, 2024Updated last year
• usdAG / FlowMate

  View on GitHub
  FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…
  ☆165Oct 28, 2025Updated 3 months ago
• Leoid / NonPublishedExploits

  View on GitHub
  A Collection of Proof of Concepts for non-published Web Exploits and Common CVEs
  ☆10Nov 29, 2020Updated 5 years ago
• gbrls / kurl

  View on GitHub
  HTTP Requests for security researchers
  ☆64Jul 3, 2023Updated 2 years ago
• xnl-h4ck3r / GAP-Burp-Extension

  View on GitHub
  Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist
  ☆1,496Jan 8, 2026Updated last month
• spenkk / rapiddns-extractor

  View on GitHub
  Extract subdomains from rapiddns.io
  ☆23Nov 24, 2022Updated 3 years ago
• harisec / orange-confusion-attacks

  View on GitHub
  Repro for Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!
  ☆21Aug 25, 2024Updated last year
• FuzzySecurity / afl-frida-build

  View on GitHub
  Ansible build for Afl++ Frida-Mode
  ☆25Jun 8, 2024Updated last year