APIDetector: Efficiently scan for exposed Swagger endpoints across web domains and subdomains. Supports HTTP/HTTPS, multi-threading, and flexible input/output options. Ideal for API security testing.
β377Mar 28, 2025Updated last year
Alternatives and similar repositories for apidetector
Users that are interested in apidetector are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- πΉ Python project to bruteforce Apache Tomcat manager login with known-default credentialsβ97Mar 12, 2024Updated 2 years ago
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application aβ¦β168Oct 28, 2025Updated 8 months ago
- A Powerful Network Reconnaissance Tool for Security Professionalsβ107Dec 29, 2024Updated last year
- TInjA is a CLI tool for testing web pages for template injection vulnerabilities and supports 44 of the most relevant template engines foβ¦β418Apr 27, 2026Updated 2 months ago
- ngrok Collaborator Link β yet another Burp Collaborator alternative for free with ngrok.β116Jan 4, 2024Updated 2 years ago
- Managed Kubernetes at scale on DigitalOcean β’ AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectorsβ91Feb 3, 2024Updated 2 years ago
- Advanced Client-Side Prototype Pollution Scannerβ250Updated this week
- hauditor is a tool designed to analyze the security headers returned by a web page.β178Jul 6, 2024Updated 2 years ago
- A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issuesβ378Jul 25, 2023Updated 2 years ago
- A tool to dump users's .plist on a Mac OS system and to convert them into a crackable hashβ53Oct 12, 2024Updated last year
- SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applicβ¦β463Mar 28, 2024Updated 2 years ago
- Advanced Time-based Blind SQL Injection fuzzer for HTTP Headersβ313Mar 31, 2024Updated 2 years ago
- Identify binaries with Authenticode digital signatures signed to an internal CA/domainβ40Feb 6, 2024Updated 2 years ago
- Discover hidden debugging parameters and uncover web application secretsβ249Feb 4, 2026Updated 5 months ago
- Managed hosting for WordPress and PHP on Cloudways β’ AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- β526Apr 29, 2024Updated 2 years ago
- A rapid HTTP downgrade smuggling scanner written in Go.β313May 16, 2024Updated 2 years ago
- β548Jun 26, 2024Updated 2 years ago
- Simplify your life with leak detection in JavaScript. NipeJS streamlines the use of regex, making it effortless to uncover potential leakβ¦β95Aug 9, 2024Updated last year
- The OWASP OFFAT tool autonomously assesses your API for prevalent vulnerabilities, though full compatibility with OAS v3 is pending. The β¦β661Apr 6, 2026Updated 3 months ago
- Find authentication (authn) and authorization (authz) security bugs in web application routes.β280Sep 11, 2025Updated 9 months ago
- BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for cβ¦β443Dec 30, 2025Updated 6 months ago
- SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokensβ169Nov 29, 2024Updated last year
- Repo for hosting rayder workflowsβ63Aug 31, 2023Updated 2 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI β’ AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- β126Aug 24, 2025Updated 10 months ago
- A python tool used to discover endpoints, potential parameters, a target specific wordlist for a given target and secretsβ1,574Mar 8, 2026Updated 4 months ago
- RepoReaper is an automated tool crafted to meticulously scan and identify exposed .git repositories within specified domains and their suβ¦β35Feb 20, 2024Updated 2 years ago
- Black box fuzzer for web applicationsβ438Jul 20, 2025Updated 11 months ago
- A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzingβ141Jun 27, 2023Updated 3 years ago
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive filesβ232Apr 17, 2026Updated 2 months ago
- γπγA tool used to hunt down API key leaks in JS files and pagesβ913Mar 12, 2026Updated 3 months ago
- Utility to craft HTML or SVG smuggled files for Red Team engagementsβ246Mar 19, 2024Updated 2 years ago
- uforall is a fast url crawler this tool crawl all URLs number of different sources, alienvault,WayBackMachine,urlscan,commoncrawlβ53Nov 3, 2025Updated 8 months ago
- GPU virtual machines on DigitalOcean Gradient AI β’ AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- β92Apr 29, 2024Updated 2 years ago
- Keylogging server and client that uses DNS tunneling/exfiltration to transmit keystrokes through firewalls.β277Jun 16, 2024Updated 2 years ago
- Porch Pirate is the most comprehensive Postman recon / OSINT client and framework that facilitates the automated discovery and exploitatiβ¦β463Jan 25, 2024Updated 2 years ago
- Burp Extension to find potential endpoints, parameters, and generate a custom target wordlistβ1,520Jan 8, 2026Updated 6 months ago
- Clientside vulnerability / reflected xss fuzzerβ149Jul 29, 2023Updated 2 years ago
- NucleiFuzzer is a robust automation tool that efficiently detects web application vulnerabilities, including XSS, SQLi, SSRF, and Open Reβ¦β1,852Apr 17, 2026Updated 2 months ago
- JavaScript beacons and C2 to be used for XSS payload or post exploitation implants on webapp servers or desktop software to monitor usersβ¦β469Updated this week