Welcome to the Bug Hunter's Wordlists repository! ππ This repository serves as a comprehensive collection of essential wordlists utilized by bug hunters, penetration testers, and security enthusiasts during their reconnaissance and vulnerability assessment processes.
β153May 17, 2024Updated last year
Alternatives and similar repositories for Wordlist-Hub
Users that are interested in Wordlist-Hub are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- BUG HUNTING/WEB APPLICATION PENTESTING CHECKLISTβ15May 30, 2023Updated 2 years ago
- BugSquasher Bug Bounty Tools Listβ21Feb 2, 2023Updated 3 years ago
- Template Nuclei SSTIβ34Nov 18, 2025Updated 4 months ago
- Passively check for XSS character encodingsβ18Mar 9, 2026Updated 2 weeks ago
- All-in Fuzzer. Burp suite extension for auto fuzzing params, headers, bodyβ36Dec 13, 2025Updated 3 months ago
- Wordpress hosting with auto-scaling on Cloudways β’ AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- Bcheck scripts for Burpβ29Aug 7, 2024Updated last year
- Burp extension used to snip any header from all the requests.β23Nov 12, 2023Updated 2 years ago
- This Repositories contains list of One Liners with Descriptions and Installation requirementsβ502Jun 28, 2025Updated 9 months ago
- SAPLAR - LFI & Path Traversal Scannerβ15Mar 11, 2025Updated last year
- Contains nuclei templates for security testing and POCs.β17Oct 19, 2024Updated last year
- an exploit of Server-side request forgery (SSRF)β53Aug 2, 2024Updated last year
- Shodan Dorks 2023β245Jan 13, 2025Updated last year
- ScanExp automates the scanning of any machine's open ports via the ip address and performs a brute force attack on ports 20, 21 for the Fβ¦β26Oct 14, 2023Updated 2 years ago
- β24Nov 18, 2023Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways β’ AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- DomainTrail is a fast subdomain enumeration tool that uses effective passive and active techniques.β41Apr 18, 2024Updated last year
- Advanced Time-based Blind SQL Injection fuzzer for HTTP Headersβ312Mar 31, 2024Updated last year
- A simple utility to quickly gather historic Port and CVE exposures from an IP range.β41Nov 12, 2023Updated 2 years ago
- A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzingβ143Jun 27, 2023Updated 2 years ago
- i will upload more templates here to share with the comunity.β569Apr 17, 2024Updated last year
- Simple-XSS is a multiplatform cross-site scripting (XSS) vulnerability exploitation tool.β48Jul 2, 2025Updated 8 months ago
- G3nius Tools Sploit is a penetration testing tool with a lot of plugins for advanced cybersecurity attacks. User-friendly, Easy and modulβ¦β63Apr 13, 2024Updated last year
- Subprober is a powerful and efficient subdomain scanning tool written in Python. With the ability to handle large lists of subdomains. Thβ¦β265Mar 22, 2026Updated last week
- A lightweight tool for orchestrating and organizing your bug hunting recon / pentesting command-line workflowsβ300Sep 8, 2023Updated 2 years ago
- Wordpress hosting with auto-scaling on Cloudways β’ AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- Python/Bash automation customization script designed to automate the reconnaissance processβ21Jan 28, 2024Updated 2 years ago
- LFI-FINDER is an open-source tool available on GitHub that focuses on detecting Local File Inclusion (LFI) vulnerabilitiesβ300Jan 7, 2024Updated 2 years ago
- This repository contains random Nuclei templates I've created. Most of them based on recent security issues and exploits.β18May 21, 2024Updated last year
- My Priv8 Nuclei Templatesβ340May 12, 2024Updated last year
- An automated script to extract hidden images from Tecno Camon Xβ12Sep 23, 2023Updated 2 years ago
- Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.β760Nov 19, 2025Updated 4 months ago
- Generate password spraying lists based on the pwdLastSet-attribute of users.β55Dec 6, 2023Updated 2 years ago
- A Chrome/Firefox browser extension to show alerts for reflected query params, show Wayback archive links for the current path, show hiddeβ¦β437Mar 6, 2026Updated 3 weeks ago
- β251May 25, 2021Updated 4 years ago
- Proton VPN Special Offer - Get 70% off β’ AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- β421Updated this week
- Self-hosted passive subdomain continous monitoring tool.β172Jan 30, 2024Updated 2 years ago
- Mine URLs from Browser's Heap Snapshot for fun and profitβ65Aug 9, 2023Updated 2 years ago
- Burp Suite extension that makes your life easier by tucking the headers out of the way, so you can see the body content right away withouβ¦β39Oct 23, 2023Updated 2 years ago
- Community curated list of nuclei templates for finding "unknown" security vulnerabilities.β91May 2, 2024Updated last year
- Nodesub is a command-line tool for finding subdomains in bug bounty programsβ148Aug 1, 2024Updated last year
- Encoder PHP webshell to bypass WAF using XOR operations.β55Aug 2, 2023Updated 2 years ago