Welcome to the Bug Hunter's Wordlists repository! ππ This repository serves as a comprehensive collection of essential wordlists utilized by bug hunters, penetration testers, and security enthusiasts during their reconnaissance and vulnerability assessment processes.
β153May 17, 2024Updated 2 years ago
Alternatives and similar repositories for Wordlist-Hub
Users that are interested in Wordlist-Hub are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- BUG HUNTING/WEB APPLICATION PENTESTING CHECKLISTβ15May 30, 2023Updated 2 years ago
- BugSquasher Bug Bounty Tools Listβ21Feb 2, 2023Updated 3 years ago
- Template Nuclei SSTIβ34Nov 18, 2025Updated 6 months ago
- Passively check for XSS character encodingsβ19Mar 9, 2026Updated 2 months ago
- This Repositories contains list of One Liners with Descriptions and Installation requirementsβ505Jun 28, 2025Updated 11 months ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits β’ AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- All-in Fuzzer. Burp suite extension for auto fuzzing params, headers, bodyβ36Apr 9, 2026Updated last month
- Bcheck scripts for Burpβ30Aug 7, 2024Updated last year
- Burp extension used to snip any header from all the requests.β23Nov 12, 2023Updated 2 years ago
- SAPLAR - LFI & Path Traversal Scannerβ15Mar 11, 2025Updated last year
- Contains nuclei templates for security testing and POCs.β17Oct 19, 2024Updated last year
- an exploit of Server-side request forgery (SSRF)β54Aug 2, 2024Updated last year
- Shodan Dorks 2023β244Jan 13, 2025Updated last year
- ScanExp automates the scanning of any machine's open ports via the ip address and performs a brute force attack on ports 20, 21 for the Fβ¦β26Oct 14, 2023Updated 2 years ago
- β24Nov 18, 2023Updated 2 years ago
- Managed Kubernetes at scale on DigitalOcean β’ AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- DomainTrail is a fast subdomain enumeration tool that uses effective passive and active techniques.β41Apr 18, 2024Updated 2 years ago
- Advanced Time-based Blind SQL Injection fuzzer for HTTP Headersβ313Mar 31, 2024Updated 2 years ago
- A simple utility to quickly gather historic Port and CVE exposures from an IP range.β41Nov 12, 2023Updated 2 years ago
- A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzingβ143Jun 27, 2023Updated 2 years ago
- i will upload more templates here to share with the comunity.β571Apr 17, 2024Updated 2 years ago
- Simple-XSS is a multiplatform cross-site scripting (XSS) vulnerability exploitation tool.β48Jul 2, 2025Updated 10 months ago
- G3nius Tools Sploit is a penetration testing tool with a lot of plugins for advanced cybersecurity attacks. User-friendly, Easy and modulβ¦β63Apr 13, 2024Updated 2 years ago
- Subprober is a powerful and efficient subdomain scanning tool written in Python. With the ability to handle large lists of subdomains. Thβ¦β266May 17, 2026Updated last week
- A lightweight tool for orchestrating and organizing your bug hunting recon / pentesting command-line workflowsβ302Sep 8, 2023Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways β’ AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Python/Bash automation customization script designed to automate the reconnaissance processβ21Jan 28, 2024Updated 2 years ago
- LFI-FINDER is an open-source tool available on GitHub that focuses on detecting Local File Inclusion (LFI) vulnerabilitiesβ300Jan 7, 2024Updated 2 years ago
- This repository contains random Nuclei templates I've created. Most of them based on recent security issues and exploits.β18May 21, 2024Updated 2 years ago
- An automated script to extract hidden images from Tecno Camon Xβ12Sep 23, 2023Updated 2 years ago
- Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.β777Nov 19, 2025Updated 6 months ago
- My Priv8 Nuclei Templatesβ342May 12, 2024Updated 2 years ago
- Generate password spraying lists based on the pwdLastSet-attribute of users.β55Dec 6, 2023Updated 2 years ago
- β250May 25, 2021Updated 5 years ago
- A Chrome/Firefox browser extension to show alerts for reflected query params, show Wayback archive links for the current path, show hiddeβ¦β443Apr 24, 2026Updated last month
- Managed Database hosting by DigitalOcean β’ AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- β427May 4, 2026Updated 3 weeks ago
- Self-hosted passive subdomain continous monitoring tool.β172Jan 30, 2024Updated 2 years ago
- Mine URLs from Browser's Heap Snapshot for fun and profitβ65Aug 9, 2023Updated 2 years ago
- Community curated list of nuclei templates for finding "unknown" security vulnerabilities.β93May 2, 2024Updated 2 years ago
- Burp Suite extension that makes your life easier by tucking the headers out of the way, so you can see the body content right away withouβ¦β40Oct 23, 2023Updated 2 years ago
- Nodesub is a command-line tool for finding subdomains in bug bounty programsβ148Aug 1, 2024Updated last year
- Encoder PHP webshell to bypass WAF using XOR operations.β55Aug 2, 2023Updated 2 years ago