Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
☆213Mar 31, 2020Updated 5 years ago
Alternatives and similar repositories for crithit
Users that are interested in crithit are comparing it to the libraries listed below
Sorting:
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆303Feb 12, 2023Updated 3 years ago
- Generates lists of live hosts and URLs for targeting, automating the usage of MassDNS, Masscan and nmap to filter out unreachable hosts a…☆367Jul 23, 2022Updated 3 years ago
- Maintains a list of IPv4 DNS servers by verifying them against baseline servers, and ensuring accurate responses.☆729Jan 16, 2024Updated 2 years ago
- A highly configurable Framework for easy automated web scanning☆381Jul 13, 2020Updated 5 years ago
- A DNS Bruteforcing Wordlist Generator☆362Feb 22, 2023Updated 3 years ago
- You can read the writeup on this script here☆273Jul 12, 2020Updated 5 years ago
- Burp Suite Extension to monitor new scope☆200Mar 31, 2021Updated 4 years ago
- A collection of code for interacting with API sources directly to improve your understanding of those services.☆66Dec 11, 2020Updated 5 years ago
- Take a list of domains/subdomains and probe for working http/https server.☆192Sep 8, 2020Updated 5 years ago
- Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.☆1,284Sep 12, 2025Updated 5 months ago
- A handy DNS service written in Go to aid in the detection of several types of blind vulnerabilities. It monitors a pentester's server for…☆192Sep 6, 2020Updated 5 years ago
- Repo of useful scripts☆104Jun 30, 2020Updated 5 years ago
- differer finds how URLs are parsed by different languages in order to help bug hunters break filters☆63May 3, 2020Updated 5 years ago
- An hourly updated list of subdomains gathered from certificate transparency logs☆349Oct 13, 2021Updated 4 years ago
- Various Payload wordlists☆240Apr 26, 2025Updated 10 months ago
- Fetches javascript file from a list of URLS or subdomains.☆835Jul 22, 2025Updated 7 months ago
- Piper Burp Suite Extender plugin☆130Jan 14, 2026Updated last month
- ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight☆220Apr 10, 2022Updated 3 years ago
- A simple SSRF-testing sheriff written in Go☆336Oct 31, 2024Updated last year
- Automatic tool for DNS rebinding-based SSRF attacks☆304Aug 21, 2020Updated 5 years ago
- Continuous monitoring for JavaScript files☆225Dec 29, 2019Updated 6 years ago
- Pathbrute☆456Jun 3, 2020Updated 5 years ago
- DNSGen is a powerful and flexible DNS name permutation tool designed for security researchers and penetration testers. It generates intel…☆1,051Jan 3, 2025Updated last year
- Pass in a list of URLs with query strings, get back a unique list of URLs and query string combinations☆394Jun 17, 2020Updated 5 years ago
- commonspeak2 subdomains wordlist generated daily **DEPRECATED** The author(s) of commonspeak2 maintain an official repo with more lists. …☆40May 21, 2021Updated 4 years ago
- ☆105Oct 18, 2020Updated 5 years ago
- Wraps projectdiscovery's cdncheck library to exclude CDN hosts from input passed over stdin☆45Mar 13, 2023Updated 2 years ago
- Reconnaissance tool which scans javascript files for subdomains and then iterates over all javascript files hosted on subsequent subdomai…☆223Jul 10, 2020Updated 5 years ago
- Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported)☆459May 10, 2019Updated 6 years ago
- ☆172Jan 26, 2023Updated 3 years ago
- Send notifications on different channels such as Slack, Telegram, Discord etc.☆39Jan 12, 2026Updated last month
- View screenshots as a slideshow over http☆15Mar 13, 2020Updated 5 years ago
- Scripts to help with different ffuf tasks and workflows☆223Dec 24, 2023Updated 2 years ago
- jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints.☆154Feb 15, 2021Updated 5 years ago
- Extract relative urls from a heap snapshot☆87May 30, 2021Updated 4 years ago
- A tool which scrapes public github repositories for common naming conventions in variables, folders and files☆296Jun 3, 2024Updated last year
- An efficient multi-threaded DNS resolver validator☆87Dec 1, 2020Updated 5 years ago
- A collection of hacks and one-off scripts☆2,422Mar 13, 2025Updated 11 months ago
- secretz, minimizing the large attack surface of Travis CI☆324May 30, 2022Updated 3 years ago