Alternatives and similar repositories for brutesubs

Users that are interested in brutesubs are comparing it to the libraries listed below

• maK- / parameth

  View on GitHub
  This tool can be used to brute discover GET and POST parameters
  ☆1,390Aug 24, 2019Updated 6 years ago
• mandatoryprogrammer / cloudflare_enum

  View on GitHub
  Cloudflare DNS Enumeration Tool for Pentesters
  ☆524Aug 6, 2022Updated 3 years ago
• ewilded / psychoPATH

  View on GitHub
  psychoPATH - an advanced path traversal tool. Features: evasive techniques, dynamic web root list generation, output encoding, site map-s…
  ☆277Feb 12, 2021Updated 5 years ago
• jhaddix / domain

  View on GitHub
  Setup script for Regon-ng
  ☆936Nov 17, 2020Updated 5 years ago
• anshumanbh / kubebot

  View on GitHub
  A security testing Slackbot built with a Kubernetes backend on the Google Cloud Platform
  ☆166Sep 14, 2024Updated last year
• pathetiq / BurpSmartBuster

  View on GitHub
  A Burp Suite content discovery plugin that add the smart into the Buster!
  ☆378Oct 12, 2020Updated 5 years ago
• anshumanbh / tko-subs

  View on GitHub
  A tool that can help detect and takeover subdomains with dead DNS records
  ☆773Jan 3, 2021Updated 5 years ago
• zseano / InputScanner

  View on GitHub
  ☆250Jun 6, 2018Updated 7 years ago
• bugbountyforum / XSS-Radar

  View on GitHub
  ☆332Jan 8, 2018Updated 8 years ago
• jobertabma / ground-control

  View on GitHub
  A collection of scripts that run on my web server. Mainly for debugging SSRF, blind XSS, and XXE vulnerabilities.
  ☆550Jun 12, 2017Updated 8 years ago
• gwen001 / actarus

  View on GitHub
  Actarus is a custom tool for bug bounty
  ☆77Nov 14, 2019Updated 6 years ago
• blechschmidt / massdns

  View on GitHub
  A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
  ☆3,528Jul 21, 2025Updated 6 months ago
• tomdev / teh_s3_bucketeers

  View on GitHub
  ☆276Oct 19, 2021Updated 4 years ago
• lorenzog / dns-parallel-prober

  View on GitHub
  PoC for an adaptive parallelised DNS prober
  ☆109Oct 4, 2022Updated 3 years ago
• danilabs / tools-tbhm

  View on GitHub
  Tools of "The Bug Hunters Methodology V2 by @jhaddix"
  ☆202Aug 11, 2017Updated 8 years ago
• jobertabma / recon.sh

  View on GitHub
  A toolset to track and organize output of reconnaissance tools
  ☆346Jan 3, 2018Updated 8 years ago
• vulnersCom / burp-vulners-scanner

  View on GitHub
  Vulnerability scanner based on vulners.com search API
  ☆884Oct 1, 2025Updated 4 months ago
• VirtueSecurity / aws-extender

  View on GitHub
  AWS Extender (Cloud Storage Tester) is a Burp plugin to assess permissions of cloud storage containers on AWS, Google Cloud and Azure.
  ☆256Feb 23, 2022Updated 3 years ago
• P3GLEG / PwnBack

  View on GitHub
  Burp Extender plugin that generates a sitemap of a website using Wayback Machine
  ☆227May 8, 2018Updated 7 years ago
• infosec-au / altdns

  View on GitHub
  Generates permutations, alterations and mutations of subdomains and then resolves them
  ☆2,468Jan 9, 2025Updated last year
• bugcrowd / HUNT

  View on GitHub
  ☆2,315Dec 8, 2023Updated 2 years ago
• anshumanbh / git-all-secrets

  View on GitHub
  A tool to capture all the git secrets by leveraging multiple open source git searching tools
  ☆1,143Jun 25, 2019Updated 6 years ago
• Plazmaz / Sublist3r

  View on GitHub
  Fast subdomains enumeration tool for penetration testers
  ☆117Feb 3, 2019Updated 7 years ago
• appsecco / bugcrowd-levelup-subdomain-enumeration

  View on GitHub
  This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtu…
  ☆631Feb 5, 2019Updated 7 years ago
• jhaddix / tbhm

  View on GitHub
  The Bug Hunters Methodology
  ☆4,239Aug 1, 2023Updated 2 years ago
• fransr / bountyplz

  View on GitHub
  Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported)
  ☆459May 10, 2019Updated 6 years ago
• nahamsec / JSParser

  View on GitHub
  ☆834Nov 13, 2023Updated 2 years ago
• nahamsec / HostileSubBruteforcer

  View on GitHub
  ☆477Jan 29, 2021Updated 5 years ago
• jobertabma / virtual-host-discovery

  View on GitHub
  A script to enumerate virtual hosts on a server.
  ☆691Dec 28, 2017Updated 8 years ago
• strozfriedberg / xxe-recursive-download

  View on GitHub
  ☆232Nov 18, 2015Updated 10 years ago
• EdOverflow / megplus

  View on GitHub
  Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]
  ☆305Oct 14, 2018Updated 7 years ago
• mazen160 / struts-pwn

  View on GitHub
  An exploit for Apache Struts CVE-2017-5638
  ☆441May 21, 2018Updated 7 years ago
• xorrior / RemoteRecon

  View on GitHub
  Remote Recon and Collection
  ☆459Nov 23, 2017Updated 8 years ago
• maK- / scantastic-tool

  View on GitHub
  It's bloody scantastic
  ☆238Jun 21, 2022Updated 3 years ago
• mandatoryprogrammer / xsshunter

  View on GitHub
  The XSS Hunter service - a portable version of XSSHunter.com
  ☆1,540Dec 7, 2022Updated 3 years ago
• PortSwigger / backslash-powered-scanner

  View on GitHub
  Finds unknown classes of injection vulnerabilities
  ☆708Apr 30, 2025Updated 9 months ago
• fransr / template-generator

  View on GitHub
  A simple variable based template editor using handlebarjs+strapdownjs. The idea is to use variables in markdown based files to easily rep…
  ☆256Aug 30, 2023Updated 2 years ago
• nashcontrol / bounty-monitor

  View on GitHub
  Leverage certificate transparency live feed to monitor for newly issued subdomain certificates (last 90 days, configurable), for domains …
  ☆224Dec 7, 2022Updated 3 years ago
• BuffaloWill / oxml_xxe

  View on GitHub
  A tool for embedding XXE/XML exploits into different filetypes
  ☆1,129Dec 16, 2024Updated last year