Alternatives and similar repositories for XSS-Catcher

Users that are interested in XSS-Catcher are comparing it to the libraries listed below

• allyomalley / BurpParamFlagger
  A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…
  ☆131Updated 4 years ago
• GainSec / GoldenNuggets-1
  Burp Extension for easily creating Wordlists
  ☆211Updated 3 years ago
• raverrr / plution
  Prototype pollution scanner using headless chrome
  ☆219Updated 3 years ago
• bytebutcher / burp-send-to
  Adds a customizable "Send to..."-context-menu to your BurpSuite.
  ☆163Updated 2 years ago
• MilindPurswani / whoxyrm
  A reverse whois tool based on Whoxy API.
  ☆166Updated last year
• KathanP19 / protoscan
  Prototype Pollution Scanner
  ☆127Updated 4 years ago
• MindPatch / lorsrf
  Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load
  ☆295Updated 11 months ago
• rotemreiss / uddup
  Urls de-duplication tool for better recon.
  ☆143Updated 3 months ago
• smaranchand / bucky
  Bucky (An automatic S3 bucket discovery tool)
  ☆197Updated 3 years ago
• BonJarber / SecUtils
  Random utilities from my security projects that might be useful to others
  ☆182Updated 7 months ago
• Dheerajmadhukar / Lilly
  Tool to find the real IP behind CDNs/WAFs like cloudflare using passive recon by retrieving the favicon hash. For the same hash value, al…
  ☆178Updated 4 years ago
• BonJarber / fresh-resolvers
  List of fresh DNS resolvers updated daily
  ☆108Updated 2 years ago
• 0xmoot / s3sec
  Check AWS S3 instances for read/write/delete access
  ☆121Updated 3 years ago
• mlcsec / headi
  Customisable and automated HTTP header injection
  ☆262Updated last year
• Leoid / MatchandReplace
  Match and Replace script used to automatically generate JSON option file to BurpSuite
  ☆215Updated 6 years ago
• rastating / dnmasscan
  A script that can resolve an input file of domains and scan them with masscan
  ☆155Updated 5 years ago
• th3hack3rwiz / Wordlist-Weaver
  The project aims at creating target-specific wordlists for any web application that you are testing.
  ☆66Updated 3 years ago
• dark-warlord14 / ffufplus
  You can read the writeup on this script here
  ☆194Updated 3 years ago
• Impact-I / x8-Burp
  Hidden parameters discovery suite
  ☆225Updated 2 years ago
• Josue87 / AnalyticsRelationships
  Get related domains / subdomains by looking at Google Analytics IDs
  ☆250Updated 3 years ago
• geeknik / the-nuclei-templates
  Nuclei templates written by geeknik. Claude is my co-pilot. 🤖
  ☆275Updated last month
• nikitastupin / param-miner-doc
  Unofficial documentation for the great tool Param Miner
  ☆182Updated 3 years ago
• six2dez / burp-bounty-profiles
  Burp Bounty profiles compilation, feel free to contribute!
  ☆148Updated 3 years ago
• xer0times / BugBounty
  Bug Bounty stuffs, payloads, scripts, profiles, tips and tricks, ...
  ☆149Updated 5 years ago
• benso-io / posta
  🐙 Cross-document messaging security research tool powered by https://enso.security
  ☆297Updated 2 years ago
• yeswehack / xsstools
  xss development frameworks, with the goal of making payload writing easier.
  ☆147Updated last year
• ignis-sec / puff
  Clientside vulnerability / reflected xss fuzzer
  ☆149Updated 2 years ago
• dwisiswant0 / unew
  A tool for append URLs, skipping duplicates/paths & combine parameters.
  ☆123Updated 3 years ago
• dwisiswant0 / gf-secrets
  Secret and/or credential patterns used for gf.
  ☆241Updated 2 years ago
• defparam / tiscripts
  Turbo Intruder Scripts
  ☆225Updated 5 years ago