cujanovic/Open-Redirect-Payloads

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/cujanovic/Open-Redirect-Payloads)

cujanovic / Open-Redirect-Payloads

Open Redirect Payloads

☆654

Alternatives and similar repositories for Open-Redirect-Payloads

Users that are interested in Open-Redirect-Payloads are comparing it to the libraries listed below

Sorting:

cujanovic / CRLF-Injection-Payloads
View on GitHub
Payloads for CRLF Injection
☆227Oct 12, 2024Updated last year
cujanovic / subdomain-bruteforce-list
View on GitHub
subdomain bruteforce list
☆101Oct 12, 2024Updated last year
cujanovic / Content-Bruteforcing-Wordlist
View on GitHub
Wordlist for content(directory) bruteforce discovering with Burp or dirsearch
☆217Oct 12, 2024Updated last year
cujanovic / SSRF-Testing
View on GitHub
SSRF (Server Side Request Forgery) testing resources
☆2,483Oct 12, 2024Updated last year
devanshbatham / OpenRedireX
View on GitHub
A fuzzer for detecting open redirect vulnerabilities
☆782Jul 1, 2024Updated last year
maK- / parameth
View on GitHub
This tool can be used to brute discover GET and POST parameters
☆1,393Aug 24, 2019Updated 6 years ago
r0075h3ll / Oralyzer
View on GitHub
Open Redirection Analyzer
☆812Mar 5, 2023Updated 2 years ago
KathanP19 / JSFScan.sh
View on GitHub
Automation for javascript recon in bug bounty.
☆1,069Sep 9, 2023Updated 2 years ago
GerbenJavado / LinkFinder
View on GitHub
A python script that finds endpoints in JavaScript files
☆4,286Apr 13, 2024Updated last year
AlephNullSK / dnsgen
View on GitHub
DNSGen is a powerful and flexible DNS name permutation tool designed for security researchers and penetration testers. It generates intel…
☆1,051Jan 3, 2025Updated last year
elkokc / reflector
View on GitHub
Burp plugin able to find reflected XSS on page in real-time while browsing on site
☆1,202Feb 2, 2021Updated 5 years ago
1ndianl33t / Gf-Patterns
View on GitHub
GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep
☆1,401Sep 13, 2024Updated last year
KathanP19 / Gxss
View on GitHub
A tool to check a bunch of URLs that contain reflecting params.
☆598Aug 4, 2024Updated last year
lc / subjs
View on GitHub
Fetches javascript file from a list of URLS or subdomains.
☆835Jul 22, 2025Updated 7 months ago
wagiro / BurpBounty
View on GitHub
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…
☆1,774Apr 26, 2024Updated last year
m4ll0k / BBTz
View on GitHub
BBT - Bug Bounty Tools (examples💡)
☆1,883Apr 5, 2024Updated last year
infosec-au / altdns
View on GitHub
Generates permutations, alterations and mutations of subdomains and then resolves them
☆2,474Jan 9, 2025Updated last year
jobertabma / relative-url-extractor
View on GitHub
A small tool that extracts relative URLs from a file.
☆768Sep 23, 2020Updated 5 years ago
cujanovic / Markdown-XSS-Payloads
View on GitHub
XSS payloads for exploiting Markdown syntax
☆492Oct 12, 2024Updated last year
nahamsec / JSParser
View on GitHub
☆831Nov 13, 2023Updated 2 years ago
zseano / JS-Scan
View on GitHub
a .js scanner, built in php. designed to scrape urls and other info
☆226Aug 22, 2017Updated 8 years ago
EdOverflow / bugbounty-cheatsheet
View on GitHub
A list of interesting payloads, tips and tricks for bug bounty hunters.
☆6,382Sep 14, 2023Updated 2 years ago
dwisiswant0 / findom-xss
View on GitHub
A fast DOM based XSS vulnerability scanner with simplicity.
☆852Sep 30, 2022Updated 3 years ago
codingo / VHostScan
View on GitHub
A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, al…
☆1,285Aug 18, 2025Updated 6 months ago
jobertabma / virtual-host-discovery
View on GitHub
A script to enumerate virtual hosts on a server.
☆691Dec 28, 2017Updated 8 years ago
hakluke / weaponised-XSS-payloads
View on GitHub
XSS payloads designed to turn alert(1) into P1
☆1,392Sep 12, 2023Updated 2 years ago
zseano / InputScanner
View on GitHub
☆250Jun 6, 2018Updated 7 years ago
bugcrowd / HUNT
View on GitHub
☆2,316Dec 8, 2023Updated 2 years ago
s0md3v / Arjun
View on GitHub
HTTP parameter discovery suite.
☆6,091Feb 20, 2025Updated last year
BuffaloWill / oxml_xxe
View on GitHub
A tool for embedding XXE/XML exploits into different filetypes
☆1,130Dec 16, 2024Updated last year
arkadiyt / bounty-targets-data
View on GitHub
This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for …
☆3,651Updated this week
defparam / smuggler
View on GitHub
Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3
☆2,062Jan 2, 2024Updated 2 years ago
tomnomnom / hacks
View on GitHub
A collection of hacks and one-off scripts
☆2,424Mar 13, 2025Updated 11 months ago
streaak / keyhacks
View on GitHub
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
☆6,082Aug 14, 2024Updated last year
jdonsec / AllThingsSSRF
View on GitHub
This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single location
☆1,361Jan 24, 2021Updated 5 years ago
gwen001 / pentest-tools
View on GitHub
A collection of custom security tools for quick needs.
☆3,284May 1, 2023Updated 2 years ago
swisskyrepo / SSRFmap
View on GitHub
Automatic SSRF fuzzer and exploitation tool
☆3,489Sep 4, 2025Updated 5 months ago
ameenmaali / qsfuzz
View on GitHub
qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.
☆303Feb 12, 2023Updated 3 years ago
nahamsec / lazyrecon
View on GitHub
This script is intended to automate your reconnaissance process in an organized fashion
☆2,014Aug 19, 2021Updated 4 years ago