You can read the writeup on this script here
☆192Sep 30, 2021Updated 4 years ago
Alternatives and similar repositories for ffufplus
Users that are interested in ffufplus are comparing it to the libraries listed below
Sorting:
- You can read the writeup on this script here☆274Jul 12, 2020Updated 5 years ago
- Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl and Filter Urls With OpenRedirection or SS…☆174Nov 11, 2020Updated 5 years ago
- A tool for append URLs, skipping duplicates/paths & combine parameters.☆128Mar 2, 2022Updated 4 years ago
- sub domain wild card filtering tool☆40Apr 18, 2020Updated 5 years ago
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆303Feb 12, 2023Updated 3 years ago
- Trying to make automated recon for bug bounties☆255May 3, 2021Updated 4 years ago
- Multiprocessing(Parallel)Subdomain Detect Script☆329Jan 28, 2024Updated 2 years ago
- Python library and CLI for the Bug Bounty Recon API☆230Jun 5, 2021Updated 4 years ago
- Alias for storing ffuf results☆20May 23, 2020Updated 5 years ago
- GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep☆1,401Sep 13, 2024Updated last year
- Tool to find JavaScript files on Websites☆528Nov 2, 2023Updated 2 years ago
- Burp Extension written in Jython to hunt for common vulnerabilities found in websites. Developed by Gaurav Narwani to help people find vu…☆251Apr 27, 2020Updated 5 years ago
- Generates lists of live hosts and URLs for targeting, automating the usage of MassDNS, Masscan and nmap to filter out unreachable hosts a…☆367Jul 23, 2022Updated 3 years ago
- Hacked together script for feeding urls into Burp's Sitemap☆92Dec 7, 2025Updated 2 months ago
- Signatures for jaeles scanner by @j3ssie☆117Apr 20, 2024Updated last year
- Fetches javascript file from a list of URLS or subdomains.☆837Jul 22, 2025Updated 7 months ago
- My recon script☆50Dec 23, 2019Updated 6 years ago
- A simple tool to detect wildcards domain based on Amass's wildcards detector.☆65Apr 13, 2021Updated 4 years ago
- A tool to test working urls.☆43Nov 17, 2020Updated 5 years ago
- Reconnaissance tool which scans javascript files for subdomains and then iterates over all javascript files hosted on subsequent subdomai…☆223Jul 10, 2020Updated 5 years ago
- Match and Replace script used to automatically generate JSON option file to BurpSuite☆215May 13, 2019Updated 6 years ago
- Toolkit to detect and keep track on Blind XSS, XXE & SSRF☆293Aug 23, 2019Updated 6 years ago
- Extract endpoints marked as disallow in robots files to generate wordlists.☆58Mar 2, 2022Updated 4 years ago
- Various Payload wordlists☆240Apr 26, 2025Updated 10 months ago
- gathers the XSS cheatsheet payloads and creates a usable wordlist☆74Jan 4, 2021Updated 5 years ago
- Secret and/or credential patterns used for gf.☆243Feb 10, 2023Updated 3 years ago
- The project contains multiple shell scripts for automating the tasks during recon.☆174Aug 21, 2023Updated 2 years ago
- Smart ssrf scanner using different methods like parameter brute forcing in post and get...☆279Feb 11, 2021Updated 5 years ago
- BBT - Bug Bounty Tools (examples💡)☆1,883Apr 5, 2024Updated last year
- ☆36Jul 15, 2020Updated 5 years ago
- Scripts to help with different ffuf tasks and workflows☆223Dec 24, 2023Updated 2 years ago
- Hunt down the secrets from the WebArchives for Fun and Profit☆163Dec 8, 2022Updated 3 years ago
- List of periodically validated public DNS resolvers☆237Updated this week
- A tool to perform permutations, mutations and alteration of subdomains in golang.☆156Nov 24, 2023Updated 2 years ago
- A golang utility to spider through a website searching for additional links.☆343Nov 7, 2020Updated 5 years ago
- ☆44Apr 30, 2021Updated 4 years ago
- XRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing. This tool was built to test (XSS|SSRF|CORS|SSTI|ID…☆348Jun 17, 2023Updated 2 years ago
- information gathering☆282Jul 12, 2025Updated 7 months ago
- A tool to find subdomains or domains from passive sources.☆112Jan 20, 2021Updated 5 years ago