A fast tool to scan client-side prototype pollution vulnerability written in Rust. π¦
β659Aug 28, 2025Updated 6 months ago
Alternatives and similar repositories for ppfuzz
Users that are interested in ppfuzz are comparing it to the libraries listed below
Sorting:
- Prototype Pollution Scannerβ139Apr 11, 2021Updated 4 years ago
- Prototype Pollution and useful Script Gadgetsβ1,589Jan 27, 2024Updated 2 years ago
- A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.β519Jun 22, 2022Updated 3 years ago
- Hidden parameters discovery suiteβ2,027Sep 8, 2024Updated last year
- Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one plβ¦β1,039Aug 23, 2025Updated 6 months ago
- Gotator is a tool to generate DNS wordlists through permutations.β506Jul 17, 2022Updated 3 years ago
- Client Side Prototype Pollution Scannerβ522Sep 17, 2022Updated 3 years ago
- De-clutter a list of URLsβ386Feb 3, 2026Updated last month
- Http request smuggling vulnerability scannerβ229Aug 11, 2022Updated 3 years ago
- A fast tool to scan CRLF vulnerability written in Goβ1,519Feb 23, 2026Updated last week
- Erebus is a fast tool for parameter-based vulnerability scanning using a Yaml based template engine like nuclei.β134Jul 11, 2021Updated 4 years ago
- Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hacβ¦β1,153Jan 21, 2026Updated last month
- β299Jul 16, 2022Updated 3 years ago
- Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource loadβ297Sep 22, 2024Updated last year
- Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3β2,062Jan 2, 2024Updated 2 years ago
- BBT - Bug Bounty Tools (examplesπ‘)β1,883Apr 5, 2024Updated last year
- β562Mar 27, 2025Updated 11 months ago
- Prototype pollution scanner using headless chromeβ218Jul 27, 2022Updated 3 years ago
- Scrape domain names from SSL certificates of arbitrary hostsβ690Mar 31, 2024Updated last year
- A fuzzer for detecting open redirect vulnerabilitiesβ782Jul 1, 2024Updated last year
- Secret and/or credential patterns used for gf.β243Feb 10, 2023Updated 3 years ago
- A repository that includes all the important wordlists used while bug hunting.β1,379Mar 11, 2023Updated 2 years ago
- declutters url lists for crawling/pentestingβ1,531Feb 23, 2025Updated last year
- GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grepβ1,401Sep 13, 2024Updated last year
- Making Favicon.ico based Recon Great again !β1,266Aug 29, 2023Updated 2 years ago
- Adobe Experience Manager Vulnerability Scannerβ186May 22, 2023Updated 2 years ago
- Automation for javascript recon in bug bounty.β1,069Sep 9, 2023Updated 2 years ago
- π Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.β427Feb 20, 2026Updated last week
- Filter and enrich a list of subdomains by levelβ210Sep 25, 2023Updated 2 years ago
- A tool to perform permutations, mutations and alteration of subdomains in golang.β156Nov 24, 2023Updated 2 years ago
- Find endpoints on GitHub.β214Mar 28, 2023Updated 2 years ago
- A collection of awesome one-liner scripts especially for bug bounty tips.β3,077Jul 29, 2024Updated last year
- 40X/HTTP bypasser in Go. Features: Verb tampering, headers, #bugbountytips, User-Agents, extensions, default credentials...β1,814Jul 3, 2023Updated 2 years ago
- Generate tens of thousands of subdomain combinations in a matter of secondsβ273Sep 25, 2023Updated 2 years ago
- CloudFlare Checker written in Goβ237May 12, 2024Updated last year
- An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters andβ¦β802Jul 4, 2023Updated 2 years ago
- Rust-based high performance domain permutation generator.β300Dec 2, 2023Updated 2 years ago
- Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entβ¦β2,126Feb 23, 2026Updated last week
- β810Jul 28, 2024Updated last year