decal / werdlists
Wordlists, Dictionaries and Other Data Sets for Writing Software Security Test Cases
☆330Updated 2 months ago
Related projects ⓘ
Alternatives and complementary repositories for werdlists
- Wordlist for content(directory) bruteforce discovering with Burp or dirsearch☆212Updated 3 weeks ago
- BFAC (Backup File Artifacts Checker): An automated tool that checks for backup artifacts that may disclose the web-application's source c…☆530Updated 2 years ago
- SSLScrape | A scanning tool for scaping hostnames from SSL certificates.☆329Updated 3 years ago
- A scripted pipeline of tools to streamline the bug bounty/penetration test reconnaissance phase, so you can focus on chomping bugs.☆394Updated 4 years ago
- An hourly updated list of subdomains gathered from certificate transparency logs☆341Updated 3 years ago
- Python 3.5+ DNS asynchronous brute force utility☆644Updated last year
- A script to extract subdomains/emails for a given domain using SSL/TLS certificate dataset on Censys☆151Updated last year
- Python API wrapper and command-line client for the tools hosted on spyse.com.☆269Updated 4 years ago
- A tool to link a domain with registered organisation names and emails, to other domains.☆829Updated 5 months ago
- Trying to make automated recon for bug bounties☆250Updated 3 years ago
- Note: Going through a full re-write of the tooling so the current versions in the repo do not work!☆398Updated 4 years ago
- File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.☆266Updated 3 years ago
- A highly configurable Framework for easy automated web scanning☆364Updated 4 years ago
- An extremely fast and flexible web fuzzer☆212Updated last year
- Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]☆302Updated 6 years ago
- Subdomain Takeover Scanner | Subdomain Takeover Tool | by 0x94☆353Updated last year
- OSINT scanning tool which discovers and maps directories found in javascript files hosted on a website.☆224Updated 5 years ago
- Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.☆465Updated 4 years ago
- Payloads for CRLF Injection☆215Updated 3 weeks ago
- Correlated injection proxy tool for XSS Hunter☆249Updated last year
- My Recon Automation☆194Updated 3 years ago
- DNS Rebinding Exploitation Framework☆481Updated 3 years ago
- Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported)☆443Updated 5 years ago
- Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT☆390Updated 3 months ago
- Generates lists of live hosts and URLs for targeting, automating the usage of MassDNS, Masscan and nmap to filter out unreachable hosts a…☆363Updated 2 years ago
- Simple shell script for automated domain recognition with some tools☆299Updated 3 years ago
- Rock-On is a all in one Recon tool that will just get a single entry of the Domain name and do all of the work alone.☆291Updated 4 years ago
- This repository contains all the supplement material for the book "The art of sub-domain enumeration"☆639Updated 5 years ago
- Automated blind-xss search for Burp Suite☆277Updated 5 years ago