Alternatives and similar repositories for hfinder

Users that are interested in hfinder are comparing it to the libraries listed below

• Liodeus / swaggerHole

  View on GitHub
  A python3 script searching for secret on swaggerhub
  ☆66Mar 22, 2022Updated 3 years ago
• nullenc0de / paramhunter

  View on GitHub
  Looks for parameters in urls
  ☆34Oct 14, 2024Updated last year
• tomikoski / common-lists

  View on GitHub
  Misc stuff from internet
  ☆12Nov 5, 2025Updated 3 months ago
• j3ssie / durl

  View on GitHub
  Remove duplicate URLs by retaining only the unique combinations of hostname, path, and parameter names
  ☆40May 5, 2024Updated last year
• pikpikcu / js-finding

  View on GitHub
  JS Finding can be used to extract JavaScript (JS) files from either a single domain URL or a list of domains. The tool supports various e…
  ☆47Apr 29, 2024Updated last year
• cosad3s / salsa

  View on GitHub
  SALSA 💃⚡ - SALesforce Scanner for Aura (and beyond). Enumeration of vulnerabilities and misconfigurations against Salesforce endpoint.
  ☆26Jan 26, 2025Updated last year
• ferreiraklet / Airi

  View on GitHub
  Hidden input parameters finder
  ☆19Jul 10, 2023Updated 2 years ago
• edoardottt / favirecon

  View on GitHub
  Use favicons to improve your target recon phase. Quickly detect technologies, WAF, exposed panels, known services.
  ☆231Feb 2, 2026Updated 2 weeks ago
• c3l3si4n / godeclutter

  View on GitHub
  Declutters URLs in a fast and flexible way, for improving input for web hacking automations such as crawlers and vulnerability scans.
  ☆59Jan 22, 2023Updated 3 years ago
• cosad3s / njsdump

  View on GitHub
  Dump paths & pages from Next.js Manifest
  ☆15Mar 19, 2024Updated last year
• yavolo / Nemesis

  View on GitHub
  URL scanner for recon, vulnerabilities, secrets and more!
  ☆12Sep 27, 2021Updated 4 years ago
• c3l3si4n / subdomain_data

  View on GitHub
  Results from analyzing data gathered from 1.6 billion subdomains
  ☆32Oct 15, 2024Updated last year
• Moopinger / smugglefuzz

  View on GitHub
  A rapid HTTP downgrade smuggling scanner written in Go.
  ☆311May 16, 2024Updated last year
• Th0h0 / autopoisoner

  View on GitHub
  Web cache poisoning vulnerability scanner.
  ☆72May 5, 2022Updated 3 years ago
• gwen001 / related-domains

  View on GitHub
  Find related domains of a given domain.
  ☆103Aug 5, 2023Updated 2 years ago
• iambouali / p1radup

  View on GitHub
  Process URLs and remove duplicate query parameters.
  ☆28Mar 19, 2024Updated last year
• c3l3si4n / quickcert

  View on GitHub
  A better way of querying certificate transparency logs
  ☆89Mar 30, 2025Updated 10 months ago
• puzzlepeaches / ffufw

  View on GitHub
  ☆146Apr 25, 2024Updated last year
• zzzteph / probable_subdomains

  View on GitHub
  Subdomains analysis and generation tool. Reveal the hidden!
  ☆244Jun 8, 2025Updated 8 months ago
• bp0lr / dmut-resolvers

  View on GitHub
  public dns server list for dmut project
  ☆18Nov 30, 2023Updated 2 years ago
• BlackFan / Burp-Ai-Substitutor

  View on GitHub
  AI Substitutor is an extension for Burp Suite that uses AI functionality to substitute values of HTTP request parameters and headers.
  ☆28Apr 30, 2025Updated 9 months ago
• dsecuredcom / vhost-fuzzer

  View on GitHub
  Tool to fuzz for interesting vhost.
  ☆23Jan 8, 2025Updated last year
• edoardottt / csprecon

  View on GitHub
  Discover new target domains using Content Security Policy
  ☆501Feb 7, 2026Updated last week
• hahwul / gitls

  View on GitHub
  🖇 Enumerate git repository URL from list of URL / User / Org. Friendly to pipeline
  ☆57Nov 24, 2024Updated last year
• jdouliez / ffuf-launcher

  View on GitHub
  This tool is a simple ffuf launcher which lets you select dynamically which wordlist and which extentions you want to fuzz.
  ☆10Sep 10, 2025Updated 5 months ago
• SAPT01 / HBSQLI

  View on GitHub
  Automated Tool for Testing Header Based Blind SQL Injection
  ☆324Jul 23, 2023Updated 2 years ago
• trufflesecurity / WhoAmISlack

  View on GitHub
  Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.
  ☆42Dec 12, 2023Updated 2 years ago
• ethicalhackingplayground / aem-eye

  View on GitHub
  A very simple AEM detector written in rust.🦀
  ☆20Jun 27, 2023Updated 2 years ago
• ghsec / ghsec-jaeles-signatures

  View on GitHub
  Signatures for jaeles scanner by @j3ssie
  ☆117Apr 20, 2024Updated last year
• devanshbatham / rayder-workflows

  View on GitHub
  Repo for hosting rayder workflows
  ☆64Aug 31, 2023Updated 2 years ago
• redhuntlabs / Log4JHunt

  View on GitHub
  An automated, reliable scanner for the Log4Shell (CVE-2021-44228) vulnerability.
  ☆45Jan 22, 2025Updated last year
• bp0lr / dmut

  View on GitHub
  A tool to perform permutations, mutations and alteration of subdomains in golang.
  ☆155Nov 24, 2023Updated 2 years ago
• bsysop / servicenow

  View on GitHub
  ServiceNow widge-simple-list misconfiguration scanner
  ☆65Nov 16, 2023Updated 2 years ago
• pkgforge-security / CertStream-Domains

  View on GitHub
  [Automated | UpToDate] Daily Dumps of CertStream Certificate Logs Subdomains Data (SAN || CN)
  ☆49Mar 6, 2025Updated 11 months ago
• Cgboal / exclude-cdn

  View on GitHub
  Wraps projectdiscovery's cdncheck library to exclude CDN hosts from input passed over stdin
  ☆45Mar 13, 2023Updated 2 years ago
• HernanRodriguez1 / ScanReflectedXSS

  View on GitHub
  ☆46Nov 5, 2025Updated 3 months ago
• xnl-h4ck3r / getSubsidiaries

  View on GitHub
  Get list of subsidiaries for a selected company
  ☆31Dec 21, 2024Updated last year
• codingo / simple

  View on GitHub
  A collection of one off hacks and simple scripts
  ☆27Mar 21, 2023Updated 2 years ago
• ethicalhackingplayground / erebus

  View on GitHub
  Erebus is a fast tool for parameter-based vulnerability scanning using a Yaml based template engine like nuclei.
  ☆134Jul 11, 2021Updated 4 years ago