γπγA tool used to hunt down API key leaks in JS files and pages
β885Mar 12, 2026Updated last month
Alternatives and similar repositories for mantra
Users that are interested in mantra are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Extract URLs, paths, secrets, and other interesting bits from JavaScriptβ1,824May 22, 2024Updated last year
- Automated Tool for Testing Header Based Blind SQL Injectionβ323Jul 23, 2023Updated 2 years ago
- jsleak is a tool to find secret , paths or links in the source code during the recon.β587Sep 25, 2025Updated 7 months ago
- A python tool used to discover endpoints, potential parameters, a target specific wordlist for a given target and secretsβ1,546Mar 8, 2026Updated last month
- Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan, VirusTotal, GhostArchive & Intelligence X!β2,625Mar 8, 2026Updated last month
- GPU virtual machines on DigitalOcean Gradient AI β’ AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- π« Advanced tool for security researchers to bypass 403/40X restrictions through smart techniques and adaptive request manipulation. Fastβ¦�β1,606Apr 12, 2026Updated 3 weeks ago
- A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzingβ143Jun 27, 2023Updated 2 years ago
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable β¦β756Dec 19, 2023Updated 2 years ago
- An IIS short filename enumeration toolβ1,153Nov 25, 2024Updated last year
- Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!β1,076Mar 24, 2026Updated last month
- NucleiFuzzer is a robust automation tool that efficiently detects web application vulnerabilities, including XSS, SQLi, SSRF, and Open Reβ¦β1,837Apr 17, 2026Updated 2 weeks ago
- Fast and customizable subdomain wordlist generator using DSLβ943Feb 5, 2026Updated 3 months ago
- declutters url lists for crawling/pentestingβ1,551Feb 23, 2025Updated last year
- A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.β845Mar 24, 2026Updated last month
- Deploy to Railway using AI coding agents - Free Credits Offer β’ AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flawsβ3,985Oct 4, 2025Updated 7 months ago
- SubDominator helps you discover subdomains associated with a target domain efficiently and with minimal impact for your Bug Bountyβ753Jan 25, 2026Updated 3 months ago
- My Priv8 Nuclei Templatesβ340May 12, 2024Updated last year
- A fuzzer for finding anomalies and analyzing how servers respond to different HTTP headersβ357Dec 14, 2023Updated 2 years ago
- A lightweight tool for orchestrating and organizing your bug hunting recon / pentesting command-line workflowsβ298Sep 8, 2023Updated 2 years ago
- User-Agent , X-Forwarded-For and Referer SQLI Fuzzerβ384May 19, 2023Updated 2 years ago
- β205Jun 11, 2024Updated last year
- ππ¦ Dalfox is a powerful open-source XSS scanner and utility focused on automation.β4,959Updated this week
- Process URLs and remove duplicate query parameters.β27Mar 19, 2024Updated 2 years ago
- 1-Click AI Models by DigitalOcean Gradient β’ AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Community curated list of nuclei templates for finding "unknown" security vulnerabilities.β91May 2, 2024Updated 2 years ago
- De-clutter a list of URLsβ387Mar 8, 2026Updated last month
- SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript filesβ2,440May 26, 2024Updated last year
- i will upload more templates here to share with the comunity.β570Apr 17, 2024Updated 2 years ago
- Discover hidden debugging parameters and uncover web application secretsβ248Feb 4, 2026Updated 3 months ago
- Automation for javascript recon in bug bounty.β1,083Sep 9, 2023Updated 2 years ago
- Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.β562Mar 8, 2025Updated last year
- Burp Extension to find potential endpoints, parameters, and generate a custom target wordlistβ1,511Jan 8, 2026Updated 3 months ago
- Find endpoints on GitHub.β220Mar 28, 2023Updated 3 years ago
- Deploy on Railway without the complexity - Free Credits Offer β’ AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probingβ3,060Mar 7, 2026Updated last month
- Discover new target domains using Content Security Policyβ513Apr 27, 2026Updated last week
- A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issuesβ377Jul 25, 2023Updated 2 years ago
- fuzzuli is a url fuzzing tool that aims to find critical backup files by creating a dynamic wordlist based on the domain.β939Aug 24, 2023Updated 2 years ago
- 1337 Wordlists for Bug Bounty Huntingβ956Updated this week
- 403/401 Bypass Methods + Bash Automation + Your Support ;)β1,615Jun 6, 2022Updated 3 years ago
- AllForOne allows bug bounty hunters and security researchers to collect all Nuclei YAML templates from various public repositories,β735Mar 21, 2024Updated 2 years ago