Welcome to the Bug Hunter's Wordlists repository! ππ This repository serves as a comprehensive collection of essential wordlists utilized by bug hunters, penetration testers, and security enthusiasts during their reconnaissance and vulnerability assessment processes.
β153May 17, 2024Updated last year
Alternatives and similar repositories for Wordlist-Hub
Users that are interested in Wordlist-Hub are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- BUG HUNTING/WEB APPLICATION PENTESTING CHECKLISTβ15May 30, 2023Updated 2 years ago
- BugSquasher Bug Bounty Tools Listβ21Feb 2, 2023Updated 3 years ago
- Template Nuclei SSTIβ34Nov 18, 2025Updated 5 months ago
- Passively check for XSS character encodingsβ19Mar 9, 2026Updated last month
- This Repositories contains list of One Liners with Descriptions and Installation requirementsβ502Jun 28, 2025Updated 10 months ago
- Managed Database hosting by DigitalOcean β’ AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- All-in Fuzzer. Burp suite extension for auto fuzzing params, headers, bodyβ36Apr 9, 2026Updated last month
- Bcheck scripts for Burpβ28Aug 7, 2024Updated last year
- Burp extension used to snip any header from all the requests.β23Nov 12, 2023Updated 2 years ago
- SAPLAR - LFI & Path Traversal Scannerβ15Mar 11, 2025Updated last year
- Contains nuclei templates for security testing and POCs.β17Oct 19, 2024Updated last year
- an exploit of Server-side request forgery (SSRF)β54Aug 2, 2024Updated last year
- Shodan Dorks 2023β244Jan 13, 2025Updated last year
- ScanExp automates the scanning of any machine's open ports via the ip address and performs a brute force attack on ports 20, 21 for the Fβ¦β26Oct 14, 2023Updated 2 years ago
- β24Nov 18, 2023Updated 2 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer β’ AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- DomainTrail is a fast subdomain enumeration tool that uses effective passive and active techniques.β41Apr 18, 2024Updated 2 years ago
- Advanced Time-based Blind SQL Injection fuzzer for HTTP Headersβ312Mar 31, 2024Updated 2 years ago
- A simple utility to quickly gather historic Port and CVE exposures from an IP range.β41Nov 12, 2023Updated 2 years ago
- A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzingβ143Jun 27, 2023Updated 2 years ago
- i will upload more templates here to share with the comunity.β569Apr 17, 2024Updated 2 years ago
- Simple-XSS is a multiplatform cross-site scripting (XSS) vulnerability exploitation tool.β48Jul 2, 2025Updated 10 months ago
- G3nius Tools Sploit is a penetration testing tool with a lot of plugins for advanced cybersecurity attacks. User-friendly, Easy and modulβ¦β63Apr 13, 2024Updated 2 years ago
- Subprober is a powerful and efficient subdomain scanning tool written in Python. With the ability to handle large lists of subdomains. Thβ¦β267Apr 19, 2026Updated 2 weeks ago
- A lightweight tool for orchestrating and organizing your bug hunting recon / pentesting command-line workflowsβ298Sep 8, 2023Updated 2 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI β’ AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- Python/Bash automation customization script designed to automate the reconnaissance processβ21Jan 28, 2024Updated 2 years ago
- LFI-FINDER is an open-source tool available on GitHub that focuses on detecting Local File Inclusion (LFI) vulnerabilitiesβ300Jan 7, 2024Updated 2 years ago
- This repository contains random Nuclei templates I've created. Most of them based on recent security issues and exploits.β18May 21, 2024Updated last year
- An automated script to extract hidden images from Tecno Camon Xβ12Sep 23, 2023Updated 2 years ago
- Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.β773Nov 19, 2025Updated 5 months ago
- My Priv8 Nuclei Templatesβ340May 12, 2024Updated last year
- Generate password spraying lists based on the pwdLastSet-attribute of users.β55Dec 6, 2023Updated 2 years ago
- β250May 25, 2021Updated 4 years ago
- A Chrome/Firefox browser extension to show alerts for reflected query params, show Wayback archive links for the current path, show hiddeβ¦β441Apr 24, 2026Updated 2 weeks ago
- Managed Database hosting by DigitalOcean β’ AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- β423Mar 26, 2026Updated last month
- Self-hosted passive subdomain continous monitoring tool.β172Jan 30, 2024Updated 2 years ago
- Mine URLs from Browser's Heap Snapshot for fun and profitβ65Aug 9, 2023Updated 2 years ago
- Burp Suite extension that makes your life easier by tucking the headers out of the way, so you can see the body content right away withouβ¦β39Oct 23, 2023Updated 2 years ago
- Community curated list of nuclei templates for finding "unknown" security vulnerabilities.β91May 2, 2024Updated 2 years ago
- Nodesub is a command-line tool for finding subdomains in bug bounty programs��β148Aug 1, 2024Updated last year
- Encoder PHP webshell to bypass WAF using XOR operations.β55Aug 2, 2023Updated 2 years ago