gathers the XSS cheatsheet payloads and creates a usable wordlist
☆74Jan 4, 2021Updated 5 years ago
Alternatives and similar repositories for PortswiggerXSS
Users that are interested in PortswiggerXSS are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Boxer: A fast directory bruteforce tool written in Python with concurrency.☆14Feb 26, 2021Updated 5 years ago
- Scan secrets from Continuous Integration Build Logs☆53Oct 14, 2019Updated 6 years ago
- Extract (links/possible endpoints) from responses & filter them via decoding/sorting☆93Aug 27, 2019Updated 6 years ago
- -☆11Nov 21, 2020Updated 5 years ago
- View screenshots as a slideshow over http☆15Mar 13, 2020Updated 6 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- A tool that turns the authoritative nameservers of DNS providers to resolvers and resolves the target domain list. Please think of this a…☆25Sep 19, 2019Updated 6 years ago
- ☆14Nov 29, 2019Updated 6 years ago
- Recursive DNS Subdomain Enumerator with dead-end avoidance system (BETA)☆146Apr 9, 2021Updated 4 years ago
- Finds Directory Listings or open S3 buckets from a list of URLs☆52Dec 1, 2021Updated 4 years ago
- The format of various s3 buckets is convert in one format. for bugbounty and security testing.☆87May 6, 2023Updated 2 years ago
- A simple SSRF-testing sheriff written in Go☆336Oct 31, 2024Updated last year
- Auto Recon Bash Script☆31Dec 31, 2024Updated last year
- Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will m…☆99Dec 30, 2019Updated 6 years ago
- Smart ssrf scanner using different methods like parameter brute forcing in post and get...☆279Feb 11, 2021Updated 5 years ago
- NordVPN Threat Protection Pro™ • AdTake your cybersecurity to the next level. Block phishing, malware, trackers, and ads. Lightweight app that works with all browsers.
- Automatic tool for DNS rebinding-based SSRF attacks☆304Aug 21, 2020Updated 5 years ago
- Takes ip range, Scan all open SSL Certs, Grab Cnames☆113Sep 23, 2018Updated 7 years ago
- Hacked together script for feeding urls into Burp's Sitemap☆92Dec 7, 2025Updated 3 months ago
- A python script that filters, checks the validity, generates clickable link(s) of subdomain(s), and reports their status☆89Oct 29, 2020Updated 5 years ago
- URL-encode data streams via commandline☆14Oct 26, 2019Updated 6 years ago
- Subdomains-enumeration, subdomain-takeover monitoring api and S3 bucket scanner.☆40Nov 21, 2025Updated 4 months ago
- OSINT scanning tool which discovers and maps directories found in javascript files hosted on a website.☆228Feb 24, 2019Updated 7 years ago
- A better version of my xssfinder tool - scans for different types of xss on a list of urls.☆187Aug 3, 2019Updated 6 years ago
- sub domain wild card filtering tool☆40Apr 18, 2020Updated 5 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- AWS S3 Bucket Finder.☆14Oct 28, 2025Updated 4 months ago
- BurpSuite extension to inject custom cross-site scripting payloads on every form/request submitted to detect blind XSS vulnerabilities☆118Dec 23, 2025Updated 3 months ago
- Powerful Visual Subdomain Enumeration at the Click of a Mouse☆137Jun 6, 2019Updated 6 years ago
- Dashboard/API + DNS/HTTP Servers to identify Out of Band Resolution in Payloads☆38Jun 10, 2021Updated 4 years ago
- A tool for fetching archived URLs (to be rewritten in Go).☆41Jul 19, 2018Updated 7 years ago
- ☆32Apr 6, 2021Updated 4 years ago
- A tool to speed up Android pentesting by automating the APK acquisition and information gathering☆18Jul 6, 2022Updated 3 years ago
- A simple tool to detect wildcards domain based on Amass's wildcards detector.☆65Apr 13, 2021Updated 4 years ago
- Match and Replace script used to automatically generate JSON option file to BurpSuite☆215May 13, 2019Updated 6 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Detect exposed API keys on GitHub commits.☆35Jul 27, 2022Updated 3 years ago
- WaybackRust is a tool written in Rust to query the WaybackMachine.☆14Jul 18, 2025Updated 8 months ago
- Find endpoints in archived versions of robots.txt☆14Nov 21, 2019Updated 6 years ago
- This changes the style of Burp Suite's Repeater tabs to help the testers☆29Jul 3, 2019Updated 6 years ago
- You can read the writeup on this script here☆192Sep 30, 2021Updated 4 years ago
- CircleCI log and security configuration automations☆22Sep 20, 2020Updated 5 years ago
- HTTP parameter discovery suite.☆93Apr 16, 2020Updated 5 years ago