Alternatives and similar repositories for headerpwn

Users that are interested in headerpwn are comparing it to the libraries listed below

• devanshbatham / rayder
  A lightweight tool for orchestrating and organizing your bug hunting recon / pentesting command-line workflows
  ☆293Updated last year
• root-tanishq / userefuzz
  User-Agent , X-Forwarded-For and Referer SQLI Fuzzer
  ☆381Updated 2 years ago
• lauritzh / domscan
  Simple tool to scan a website for (DOM-based) XSS vulnerabilities and Open Redirects.
  ☆240Updated 5 months ago
• edoardottt / pphack
  The Most Advanced Client-Side Prototype Pollution Scanner
  ☆226Updated 3 weeks ago
• zzzteph / sheye
  Opensource assets and vulnerability scanning tool
  ☆181Updated last month
• Hackmanit / TInjA
  TInjA is a CLI tool for testing web pages for template injection vulnerabilities and supports 44 of the most relevant template engines fo…
  ☆362Updated 2 months ago
• edoardottt / csprecon
  Discover new target domains using Content Security Policy
  ☆460Updated 2 weeks ago
• rohsec / LEAKEY
  LEAKEY is a bash script which checks and validates for leaked credentials. The idea behind LEAKEY is to make it highly customizable and e…
  ☆350Updated last year
• cosad3s / postleaks
  Search for sensitive data in Postman public library.
  ☆206Updated 6 months ago
• Invicti-Security / brainstorm
  A smarter web fuzzing tool that combines local LLM models and ffuf to optimize directory and file discovery
  ☆315Updated 7 months ago
• SAPT01 / HBSQLI
  Automated Tool for Testing Header Based Blind SQL Injection
  ☆282Updated last year
• hakluke / hakip2host
  hakip2host takes a list of IP addresses via stdin, then does a series of checks to return associated domain names.
  ☆447Updated 3 years ago
• BishopFox / sj
  A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.
  ☆665Updated 3 months ago
• jthack / ffufai
  AI-powered ffuf wrapper
  ☆508Updated 7 months ago
• byt3hx / jsleak
  jsleak is a tool to find secret , paths or links in the source code during the recon.
  ☆534Updated 5 months ago
• SirBugs / endext
  EndExt is a .go tool for extracting all the possible endpoints from the JS files
  ☆214Updated last year
• reewardius / Nuclei-AI-Prompts
  Nuclei-AI-Prompts
  ☆212Updated 3 weeks ago
• hansmach1ne / LFImap
  Local File Inclusion discovery and exploitation tool
  ☆318Updated 6 months ago
• MandConsultingGroup / porch-pirate
  Porch Pirate is the most comprehensive Postman recon / OSINT client and framework that facilitates the automated discovery and exploitati…
  ☆421Updated last year
• projectdiscovery / tldfinder
  A streamlined tool for discovering private TLDs for security research.
  ☆213Updated last week
• sysdig / wafer
  ☆207Updated last year
• carlospolop / fuzzhttpbypass
  This tool use fuuzzing to try to bypass unknown authentication methods, who knows...
  ☆248Updated 11 months ago
• e1abrador / sub.Monitor
  Self-hosted passive subdomain continous monitoring tool.
  ☆165Updated last year
• sw33tLie / uff
  unleashed ffuf
  ☆216Updated last month
• edoardottt / missing-cve-nuclei-templates
  Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration test…
  ☆392Updated last week
• RikunjSindhwad / Task-Ninja
  Ultimate Tasks Automation Framework for Hackers, DevSecOps, Pentesters, and Bug-bounty hunters!
  ☆150Updated 7 months ago
• SeifElsallamy / Blind-XSS-Manager
  Never forget where you inject.
  ☆257Updated 2 years ago
• intrudir / BypassFuzzer
  Fuzz 401/403/404 pages for bypasses
  ☆323Updated 7 months ago
• Th0h0 / autossrf
  Smart context-based SSRF vulnerability scanner.
  ☆353Updated 3 years ago
• nullenc0de / gofuzz
  ☆171Updated last month