APIDetector: Efficiently scan for exposed Swagger endpoints across web domains and subdomains. Supports HTTP/HTTPS, multi-threading, and flexible input/output options. Ideal for API security testing.
☆377Mar 28, 2025Updated last year
Alternatives and similar repositories for apidetector
Users that are interested in apidetector are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- 😹 Python project to bruteforce Apache Tomcat manager login with known-default credentials☆97Mar 12, 2024Updated 2 years ago
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…☆168Oct 28, 2025Updated 7 months ago
- A Powerful Network Reconnaissance Tool for Security Professionals☆107Dec 29, 2024Updated last year
- TInjA is a CLI tool for testing web pages for template injection vulnerabilities and supports 44 of the most relevant template engines fo…☆415Apr 27, 2026Updated last month
- ngrok Collaborator Link — yet another Burp Collaborator alternative for free with ngrok.☆115Jan 4, 2024Updated 2 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors☆91Feb 3, 2024Updated 2 years ago
- Advanced Client-Side Prototype Pollution Scanner☆249Jun 3, 2026Updated 2 weeks ago
- hauditor is a tool designed to analyze the security headers returned by a web page.☆178Jul 6, 2024Updated last year
- A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues☆376Jul 25, 2023Updated 2 years ago
- A tool to dump users's .plist on a Mac OS system and to convert them into a crackable hash☆52Oct 12, 2024Updated last year
- SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applic…☆463Mar 28, 2024Updated 2 years ago
- Advanced Time-based Blind SQL Injection fuzzer for HTTP Headers☆313Mar 31, 2024Updated 2 years ago
- Identify binaries with Authenticode digital signatures signed to an internal CA/domain☆40Feb 6, 2024Updated 2 years ago
- Discover hidden debugging parameters and uncover web application secrets☆249Feb 4, 2026Updated 4 months ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- ☆528Apr 29, 2024Updated 2 years ago
- A rapid HTTP downgrade smuggling scanner written in Go.☆312May 16, 2024Updated 2 years ago
- ☆546Jun 26, 2024Updated last year
- Simplify your life with leak detection in JavaScript. NipeJS streamlines the use of regex, making it effortless to uncover potential leak…☆95Aug 9, 2024Updated last year
- The OWASP OFFAT tool autonomously assesses your API for prevalent vulnerabilities, though full compatibility with OAS v3 is pending. The …☆660Apr 6, 2026Updated 2 months ago
- Find authentication (authn) and authorization (authz) security bugs in web application routes.☆280Sep 11, 2025Updated 9 months ago
- BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for c…☆443Dec 30, 2025Updated 5 months ago
- SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokens☆167Nov 29, 2024Updated last year
- Repo for hosting rayder workflows☆63Aug 31, 2023Updated 2 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- ☆125Aug 24, 2025Updated 9 months ago
- A python tool used to discover endpoints, potential parameters, a target specific wordlist for a given target and secrets☆1,565Mar 8, 2026Updated 3 months ago
- RepoReaper is an automated tool crafted to meticulously scan and identify exposed .git repositories within specified domains and their su…☆35Feb 20, 2024Updated 2 years ago
- Black box fuzzer for web applications☆436Jul 20, 2025Updated 10 months ago
- A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing☆142Jun 27, 2023Updated 2 years ago
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files☆232Apr 17, 2026Updated 2 months ago
- 「🔑」A tool used to hunt down API key leaks in JS files and pages☆911Mar 12, 2026Updated 3 months ago
- Utility to craft HTML or SVG smuggled files for Red Team engagements☆247Mar 19, 2024Updated 2 years ago
- uforall is a fast url crawler this tool crawl all URLs number of different sources, alienvault,WayBackMachine,urlscan,commoncrawl☆53Nov 3, 2025Updated 7 months ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- ☆92Apr 29, 2024Updated 2 years ago
- Keylogging server and client that uses DNS tunneling/exfiltration to transmit keystrokes through firewalls.☆277Jun 16, 2024Updated 2 years ago
- Porch Pirate is the most comprehensive Postman recon / OSINT client and framework that facilitates the automated discovery and exploitati…☆458Jan 25, 2024Updated 2 years ago
- Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist☆1,519Jan 8, 2026Updated 5 months ago
- Clientside vulnerability / reflected xss fuzzer☆149Jul 29, 2023Updated 2 years ago
- NucleiFuzzer is a robust automation tool that efficiently detects web application vulnerabilities, including XSS, SQLi, SSRF, and Open Re…☆1,849Apr 17, 2026Updated 2 months ago
- JavaScript beacons and C2 to be used for XSS payload or post exploitation implants on webapp servers or desktop software to monitor users…☆457Updated this week