yataf extracts secrets and paths from files or urls - its best used against javascript files
☆52Sep 11, 2024Updated last year
Alternatives and similar repositories for yataf
Users that are interested in yataf are comparing it to the libraries listed below
Sorting:
- Extract most frequent words in a list of subdomains☆12Feb 15, 2025Updated last year
- Golang tool which helps dropping the irrelevant entries from your ffuf result file.☆142Sep 16, 2024Updated last year
- HashiCorp-relevant rules for the Semgrep code analysis tool☆41Oct 3, 2023Updated 2 years ago
- BOR - Break On Request, is a burp extension that provides a custom context menu for marking requests to be stopped by the interceptor wit…☆13Nov 18, 2022Updated 3 years ago
- Saves pages to Wayback machine☆12Dec 2, 2024Updated last year
- Combine words from two wordlist files and concatenate them with an optional delimiter☆38Sep 25, 2023Updated 2 years ago
- ☆105Jan 3, 2023Updated 3 years ago
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.☆41Dec 12, 2023Updated 2 years ago
- Provides an overview of the inner file structure of a PDF☆24Sep 26, 2022Updated 3 years ago
- A high-performance domain scanner that discovers active domains by testing multiple Top-Level Domains (TLDs) for given domain names.☆30Oct 26, 2025Updated 4 months ago
- ☆20Sep 6, 2023Updated 2 years ago
- ☆12Jan 30, 2025Updated last year
- EZGHSA is a command-line tool for summarizing and filtering vulnerability alerts on Github repositories.☆35Jan 4, 2026Updated last month
- ☆65Dec 9, 2021Updated 4 years ago
- Chameleon Wordlists☆15Sep 13, 2022Updated 3 years ago
- Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.☆23Aug 30, 2024Updated last year
- Recurrent Neural Network SubDomain Discovery Tool☆95Sep 20, 2022Updated 3 years ago
- moniorg is a tool that leverages crt.sh website to monitor domains of a target☆47Apr 1, 2023Updated 2 years ago
- ☆30Jul 14, 2023Updated 2 years ago
- Mapping from bug bounty and vulnerability disclosure programs to respective GitHub organizations☆85Feb 21, 2026Updated last week
- Passively check for XSS character encodings☆18Feb 7, 2026Updated 3 weeks ago
- Filter and enrich a list of subdomains by level☆210Sep 25, 2023Updated 2 years ago
- [Custom || Automated] Curation & Collection of BugBounty Wordlists☆63Feb 22, 2026Updated last week
- Stay within program scope☆37Aug 17, 2022Updated 3 years ago
- Remove duplicate URLs by retaining only the unique combinations of hostname, path, and parameter names☆39May 5, 2024Updated last year
- A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing☆142Jun 27, 2023Updated 2 years ago
- A simple Google Protobuf Decoder for Burp☆43Nov 22, 2022Updated 3 years ago
- truffleproc — hunt secrets in process memory (TruffleHog & gdb mashup)☆123Aug 20, 2023Updated 2 years ago
- CLI tool that extracts a regex pattern from a list of urls ( Rust )☆61Sep 14, 2022Updated 3 years ago
- An extension to use Semgrep inside Burp Suite.☆88May 23, 2025Updated 9 months ago
- Tool to scan servers and hosts using dynamic paths.☆21Oct 1, 2025Updated 5 months ago
- Attempt zone transfers on domains☆18Jul 12, 2021Updated 4 years ago
- MetaSec.js combines all the free open-source security tools to identify issues with JavaScript and automates the boring parts☆82Feb 4, 2023Updated 3 years ago
- Tool to fuzz for interesting vhost.☆23Jan 8, 2025Updated last year
- Declutters URLs in a fast and flexible way, for improving input for web hacking automations such as crawlers and vulnerability scans.☆59Jan 22, 2023Updated 3 years ago
- ☆40Aug 2, 2024Updated last year
- ☆154Aug 18, 2023Updated 2 years ago
- Hunt SSL Certificates for interesting keywords on major cloud service providers / internet☆40Nov 20, 2025Updated 3 months ago
- navgix is a multi-threaded golang tool that will check for nginx alias traversal vulnerabilities☆74May 20, 2023Updated 2 years ago