Alternatives and similar repositories for XSS-Catcher

Users that are interested in XSS-Catcher are comparing it to the libraries listed below

• allyomalley / BurpParamFlagger
  A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…
  ☆132Updated 4 years ago
• GainSec / GoldenNuggets-1
  Burp Extension for easily creating Wordlists
  ☆211Updated 3 years ago
• Leoid / MatchandReplace
  Match and Replace script used to automatically generate JSON option file to BurpSuite
  ☆213Updated 6 years ago
• smaranchand / bucky
  Bucky (An automatic S3 bucket discovery tool)
  ☆197Updated 3 years ago
• MindPatch / lorsrf
  Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load
  ☆296Updated 9 months ago
• Dheerajmadhukar / Lilly
  Tool to find the real IP behind CDNs/WAFs like cloudflare using passive recon by retrieving the favicon hash. For the same hash value, al…
  ☆178Updated 4 years ago
• MilindPurswani / whoxyrm
  A reverse whois tool based on Whoxy API.
  ☆166Updated last year
• KathanP19 / protoscan
  Prototype Pollution Scanner
  ☆121Updated 4 years ago
• BonJarber / fresh-resolvers
  List of fresh DNS resolvers updated daily
  ☆108Updated 2 years ago
• yeswehack / xsstools
  xss development frameworks, with the goal of making payload writing easier.
  ☆143Updated 11 months ago
• bytebutcher / burp-send-to
  Adds a customizable "Send to..."-context-menu to your BurpSuite.
  ☆161Updated 2 years ago
• nikitastupin / param-miner-doc
  Unofficial documentation for the great tool Param Miner
  ☆179Updated 2 years ago
• BonJarber / SecUtils
  Random utilities from my security projects that might be useful to others
  ☆181Updated 5 months ago
• benso-io / posta
  🐙 Cross-document messaging security research tool powered by https://enso.security
  ☆292Updated 2 years ago
• six2dez / burp-bounty-profiles
  Burp Bounty profiles compilation, feel free to contribute!
  ☆148Updated 3 years ago
• mlcsec / headi
  Customisable and automated HTTP header injection
  ☆253Updated last year
• 0xmoot / s3sec
  Check AWS S3 instances for read/write/delete access
  ☆121Updated 3 years ago
• raverrr / plution
  Prototype pollution scanner using headless chrome
  ☆219Updated 2 years ago
• ignis-sec / puff
  Clientside vulnerability / reflected xss fuzzer
  ☆150Updated last year
• serain / bbrecon
  Python library and CLI for the Bug Bounty Recon API
  ☆227Updated 4 years ago
• Josue87 / AnalyticsRelationships
  Get related domains / subdomains by looking at Google Analytics IDs
  ☆246Updated 3 years ago
• michael1026 / trashcompactor
  ☆67Updated 2 years ago
• ethicalhackingplayground / ssrf-tool
  ☆145Updated 2 years ago
• dark-warlord14 / ffufplus
  You can read the writeup on this script here
  ☆193Updated 3 years ago
• rastating / dnmasscan
  A script that can resolve an input file of domains and scan them with masscan
  ☆155Updated 4 years ago
• ameenmaali / wordlistgen
  Quickly generate context-specific wordlists for content discovery from lists of URLs or paths
  ☆228Updated 3 years ago
• rotemreiss / uddup
  Urls de-duplication tool for better recon.
  ☆141Updated last month
• defparam / tiscripts
  Turbo Intruder Scripts
  ☆221Updated 5 years ago
• xer0times / BugBounty
  Bug Bounty stuffs, payloads, scripts, profiles, tips and tricks, ...
  ☆149Updated 4 years ago
• th3hack3rwiz / Wordlist-Weaver
  The project aims at creating target-specific wordlists for any web application that you are testing.
  ☆66Updated 3 years ago