Alternatives and similar repositories for PortswiggerXSS

Users that are interested in PortswiggerXSS are comparing it to the libraries listed below

• abdilahrf / shania

  View on GitHub
  Scan secrets from Continuous Integration Build Logs
  ☆53Oct 14, 2019Updated 6 years ago
• zpettry / boxer

  View on GitHub
  Boxer: A fast directory bruteforce tool written in Python with concurrency.
  ☆14Feb 26, 2021Updated 4 years ago
• arbazkiraak / LinksDumper

  View on GitHub
  Extract (links/possible endpoints) from responses & filter them via decoding/sorting
  ☆93Aug 27, 2019Updated 6 years ago
• MilindPurswani / Syborg

  View on GitHub
  Recursive DNS Subdomain Enumerator with dead-end avoidance system (BETA)
  ☆146Apr 9, 2021Updated 4 years ago
• tehryanx / ssslide

  View on GitHub
  View screenshots as a slideshow over http
  ☆15Mar 13, 2020Updated 5 years ago
• Abss0x7tbh / massNS

  View on GitHub
  A tool that turns the authoritative nameservers of DNS providers to resolvers and resolves the target domain list. Please think of this a…
  ☆25Sep 19, 2019Updated 6 years ago
• Damian89 / extended-ssrf-search

  View on GitHub
  Smart ssrf scanner using different methods like parameter brute forcing in post and get...
  ☆280Feb 11, 2021Updated 5 years ago
• Cyb3rMehul / venom

  View on GitHub
  Auto Recon Bash Script
  ☆31Dec 31, 2024Updated last year
• clirimemini / Keye

  View on GitHub
  Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will m…
  ☆99Dec 30, 2019Updated 6 years ago
• melbadry9 / ScanApi

  View on GitHub
  Subdomains-enumeration, subdomain-takeover monitoring api and S3 bucket scanner.
  ☆40Nov 21, 2025Updated 2 months ago
• thelikes / gwdomains

  View on GitHub
  sub domain wild card filtering tool
  ☆40Apr 18, 2020Updated 5 years ago
• cybercdh / dirlstr

  View on GitHub
  Finds Directory Listings or open S3 buckets from a list of URLs
  ☆52Dec 1, 2021Updated 4 years ago
• daeken / httprebind

  View on GitHub
  Automatic tool for DNS rebinding-based SSRF attacks
  ☆304Aug 21, 2020Updated 5 years ago
• teknogeek / ssrf-sheriff

  View on GitHub
  A simple SSRF-testing sheriff written in Go
  ☆336Oct 31, 2024Updated last year
• w9w / Open_Redirects_list

  View on GitHub
  -
  ☆11Nov 21, 2020Updated 5 years ago
• sawzeeyy / Sanitiz3r

  View on GitHub
  A python script that filters, checks the validity, generates clickable link(s) of subdomain(s), and reports their status
  ☆89Oct 29, 2020Updated 5 years ago
• BitTheByte / BitBlinder

  View on GitHub
  BurpSuite extension to inject custom cross-site scripting payloads on every form/request submitted to detect blind XSS vulnerabilities
  ☆117Dec 23, 2025Updated last month
• Leoid / MatchandReplace

  View on GitHub
  Match and Replace script used to automatically generate JSON option file to BurpSuite
  ☆215May 13, 2019Updated 6 years ago
• theblackturtle / wildcheck

  View on GitHub
  A simple tool to detect wildcards domain based on Amass's wildcards detector.
  ☆65Apr 13, 2021Updated 4 years ago
• Damian89 / extended-xss-search

  View on GitHub
  A better version of my xssfinder tool - scans for different types of xss on a list of urls.
  ☆188Aug 3, 2019Updated 6 years ago
• bugbounty-site / GitSecure

  View on GitHub
  Detect exposed API keys on GitHub commits.
  ☆37Jul 27, 2022Updated 3 years ago
• hahwul / s3reverse

  View on GitHub
  The format of various s3 buckets is convert in one format. for bugbounty and security testing.
  ☆86May 6, 2023Updated 2 years ago
• irsdl / BurpTabEssentials

  View on GitHub
  This changes the style of Burp Suite's Repeater tabs to help the testers
  ☆29Jul 3, 2019Updated 6 years ago
• Neolex-Security / WaybackRust

  View on GitHub
  WaybackRust is a tool written in Rust to query the WaybackMachine.
  ☆13Jul 18, 2025Updated 6 months ago
• Cillian-Collins / dirscraper

  View on GitHub
  OSINT scanning tool which discovers and maps directories found in javascript files hosted on a website.
  ☆229Feb 24, 2019Updated 6 years ago
• 3lpsy / boucanpy

  View on GitHub
  Dashboard/API + DNS/HTTP Servers to identify Out of Band Resolution in Payloads
  ☆38Jun 10, 2021Updated 4 years ago
• EdOverflow / curate

  View on GitHub
  A tool for fetching archived URLs (to be rewritten in Go).
  ☆41Jul 19, 2018Updated 7 years ago
• random-robbie / s3-tko

  View on GitHub
  AWS S3 Bucket Finder.
  ☆14Oct 28, 2025Updated 3 months ago
• arbazkiraak / certasset

  View on GitHub
  Takes ip range, Scan all open SSL Certs, Grab Cnames
  ☆113Sep 23, 2018Updated 7 years ago
• ZephrFish / BurpFeed

  View on GitHub
  Hacked together script for feeding urls into Burp's Sitemap
  ☆93Dec 7, 2025Updated 2 months ago
• edduu / Arjun

  View on GitHub
  HTTP parameter discovery suite.
  ☆93Apr 16, 2020Updated 5 years ago
• JannisKirschner / Horn3t

  View on GitHub
  Powerful Visual Subdomain Enumeration at the Click of a Mouse
  ☆137Jun 6, 2019Updated 6 years ago
• ndavison / circleci-logs

  View on GitHub
  CircleCI log and security configuration automations
  ☆22Sep 20, 2020Updated 5 years ago
• MindPatch / pmg

  View on GitHub
  Extract parameters/paths from urls
  ☆17Aug 2, 2020Updated 5 years ago
• xYantix / Notes

  View on GitHub
  ☆14Nov 29, 2019Updated 6 years ago
• ArenasDev / AndroidBlastOff

  View on GitHub
  A tool to speed up Android pentesting by automating the APK acquisition and information gathering
  ☆18Jul 6, 2022Updated 3 years ago
• cablej / FileChangeMonitor

  View on GitHub
  Continuous monitoring for JavaScript files
  ☆225Dec 29, 2019Updated 6 years ago
• caffeinedoom / Subvenkon

  View on GitHub
  Subvenkon is a subdomain enumerator from Venkon
  ☆23Jun 22, 2020Updated 5 years ago
• incogbyte / jsearch

  View on GitHub
  ☆31Apr 6, 2021Updated 4 years ago