Finds Directory Listings or open S3 buckets from a list of URLs
☆52Dec 1, 2021Updated 4 years ago
Alternatives and similar repositories for dirlstr
Users that are interested in dirlstr are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- take a list of resolved subdomains and output any corresponding CNAMES en masse.☆18Jan 29, 2026Updated last month
- Converts a hostname (or URI) to IP address using your local resolver☆26Mar 31, 2024Updated last year
- Boxer: A fast directory bruteforce tool written in Python with concurrency.☆14Feb 26, 2021Updated 5 years ago
- nuclei framework scripts☆35Jun 16, 2022Updated 3 years ago
- A tool that turns the authoritative nameservers of DNS providers to resolvers and resolves the target domain list. Please think of this a…☆25Sep 19, 2019Updated 6 years ago
- A better version of my xssfinder tool - scans for different types of xss on a list of urls.☆187Aug 3, 2019Updated 6 years ago
- gathers the XSS cheatsheet payloads and creates a usable wordlist☆74Jan 4, 2021Updated 5 years ago
- Dashboard/API + DNS/HTTP Servers to identify Out of Band Resolution in Payloads☆38Jun 10, 2021Updated 4 years ago
- Simple python script to check against hypothetical JWT vulnerability.☆51Nov 29, 2020Updated 5 years ago
- Fetch known urls from AlienVault's Open Threat Exchange for given hosts☆63Jul 22, 2019Updated 6 years ago
- Bass grabs you those "extra resolvers" you are missing out on when performing Active DNS enumeration. Add anywhere from 100-6k resolvers …☆147Apr 12, 2024Updated last year
- S3 bucket finder from html,js and bucket misconfiguration testing tool☆34Feb 10, 2020Updated 6 years ago
- The format of various s3 buckets is convert in one format. for bugbounty and security testing.☆87May 6, 2023Updated 2 years ago
- Service-Now Article Bruteforcer☆16Jun 5, 2020Updated 5 years ago
- RAS(RAndom Subdomain) Fuzzer☆42Jan 22, 2020Updated 6 years ago
- Detect exposed API keys on GitHub commits.☆35Jul 27, 2022Updated 3 years ago
- ☆200Jun 6, 2019Updated 6 years ago
- ☆16May 3, 2021Updated 4 years ago
- A tool to speed up Android pentesting by automating the APK acquisition and information gathering☆18Jul 6, 2022Updated 3 years ago
- Security tool to find potential vulnerable Server Side Request Forgery (SSRF) parameters.☆356Feb 13, 2026Updated last month
- ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight☆220Apr 10, 2022Updated 3 years ago
- notorious BIG IP☆15Aug 8, 2019Updated 6 years ago
- This is a web application fuzzer scanner - the goal was CLI flexibility and rapid prototyping☆48Nov 12, 2019Updated 6 years ago
- Private vulnerability testing suite☆13Mar 30, 2021Updated 4 years ago
- View screenshots as a slideshow over http☆15Mar 13, 2020Updated 6 years ago
- Burp extension that performs a passive scan to identify cloud buckets and then test them for publicly accessible vulnerabilities☆48Jan 11, 2023Updated 3 years ago
- Small script to check a list of domains against open redirect vulnerability☆29Jan 22, 2022Updated 4 years ago
- websocket-connection-smuggler☆66Jan 22, 2020Updated 6 years ago
- Smart ssrf scanner using different methods like parameter brute forcing in post and get...☆279Feb 11, 2021Updated 5 years ago
- A tool for searching a Git repository for interesting content☆107Dec 18, 2023Updated 2 years ago
- CTI-URLScan is a command line tool to enable analysts to search URLscan.io submissions. Pull screenshot and DOM content. As well as, auto…☆11Mar 2, 2021Updated 5 years ago
- APT34/OILRIG leak☆11Jun 25, 2019Updated 6 years ago
- Google Chrome Extension automates testing fundamental Web Problems via Chrome☆20Mar 18, 2021Updated 5 years ago
- Second-order subdomain takeover scanner☆403Aug 28, 2025Updated 6 months ago
- All-in-one AWS S3 bucket tool for pentesters.☆74Feb 16, 2019Updated 7 years ago
- Generates lists of live hosts and URLs for targeting, automating the usage of MassDNS, Masscan and nmap to filter out unreachable hosts a…☆367Jul 23, 2022Updated 3 years ago
- Send notifications on different channels such as Slack, Telegram, Discord etc.☆39Jan 12, 2026Updated 2 months ago
- This tests a list of s3 buckets to see if they have dir listings enabled or if they are uploadable☆55Dec 10, 2025Updated 3 months ago
- CircleCI log and security configuration automations☆22Sep 20, 2020Updated 5 years ago