Alternatives and similar repositories for ugly-duckling:

Users that are interested in ugly-duckling are comparing it to the libraries listed below

• PortSwigger / autowasp
  BurpSuite Extension: A one-stop pen testing checklist and logger tool
  ☆265Updated last year
• Shivangx01b / CorsMe
  Cross Origin Resource Sharing MisConfiguration Scanner
  ☆172Updated 3 years ago
• Static-Flow / gofingerprint
  GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fing…
  ☆203Updated last year
• orlyjamie / asnrecon
  ASN reconnaissance script
  ☆124Updated last year
• raverrr / plution
  Prototype pollution scanner using headless chrome
  ☆216Updated 2 years ago
• chennylmf / OWASP-Web-App-Pentesting-checklists
  ☆71Updated 4 years ago
• MilindPurswani / whoxyrm
  A reverse whois tool based on Whoxy API.
  ☆162Updated 10 months ago
• GainSec / GoldenNuggets-1
  Burp Extension for easily creating Wordlists
  ☆210Updated 3 years ago
• devanshbatham / CertEagle
  Weaponizing Live CT logs for automated monitoring of assets
  ☆132Updated 3 years ago
• wallarm / jwt-heartbreaker
  The Burp extension to check JWT (JSON Web Tokens) for using keys from known from public sources
  ☆128Updated 4 years ago
• codingo / bbr
  An open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.
  ☆209Updated 4 years ago
• pry0cc / proteus
  A projectdiscovery driven attack surface monitoring bot powered by axiom
  ☆181Updated 2 years ago
• In3tinct / Taken
  Takeover AWS ips and have a working POC for Subdomain Takeover.
  ☆90Updated this week
• david3107 / graphql-security-labs
  GraphQL security workshop labs
  ☆102Updated 7 months ago
• forcesunseen / graphquail
  Burp Suite extension that offers a toolkit for testing GraphQL endpoints.
  ☆189Updated 6 months ago
• righettod / burp-piper-custom-scripts
  Custom scripts for the PIPER Burp extensions.
  ☆97Updated last year
• rastating / dnmasscan
  A script that can resolve an input file of domains and scan them with masscan
  ☆157Updated 4 years ago
• honoki / bbrf-server
  The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices
  ☆304Updated 3 months ago
• BonJarber / fresh-resolvers
  List of fresh DNS resolvers updated daily
  ☆109Updated 2 years ago
• m6a-UdS / dvca
  Damn Vulnerable Cloud Application
  ☆191Updated 6 years ago
• dwisiswant0 / slackcat
  A simple way of sending messages from the CLI output to your Slack with webhook.
  ☆116Updated last year
• ameenmaali / wordlistgen
  Quickly generate context-specific wordlists for content discovery from lists of URLs or paths
  ☆216Updated 2 years ago
• bytebutcher / burp-send-to
  Adds a customizable "Send to..."-context-menu to your BurpSuite.
  ☆152Updated 2 years ago
• BountyStrike / Bountystrike-sh
  Poor (rich?) man's bug bounty pipeline https://dubell.io
  ☆274Updated last year
• AvasDream / pentesting-dockerfiles
  Pentesting/Bugbounty Dockerfiles.
  ☆176Updated 3 years ago
• zPrototype / bugbounty_stuff
  ☆99Updated last year
• codingo / crithit
  Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures t…
  ☆208Updated 4 years ago
• dark-warlord14 / ffufplus
  You can read the writeup on this script here
  ☆193Updated 3 years ago
• sw33tLie / bcscope
  Get the scope of your bugcrowd programs
  ☆66Updated 4 years ago
• DevSlop / Pixi
  The Pixi module is a MEAN Stack web app with wildly insecure APIs!
  ☆120Updated 2 years ago