Subdomain Takeover tool with web UI
☆57Feb 24, 2023Updated 3 years ago
Alternatives and similar repositories for SubNuke
Users that are interested in SubNuke are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files☆35Jan 14, 2021Updated 5 years ago
- Burpsuite Plugin to detect Directory Traversal vulnerabilities☆27Jul 22, 2021Updated 4 years ago
- NodeJS script to extract assets for the Apple bug bounty program from their security acknowledgments page for bug bounty recon.☆78Nov 5, 2022Updated 3 years ago
- Erebus is a fast tool for parameter-based vulnerability scanning using a Yaml based template engine like nuclei.☆133Jul 11, 2021Updated 4 years ago
- Fast AEM scope gathering tool for all your public and private BugCrowd Programs☆10Jul 14, 2021Updated 4 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- ☆57Sep 2, 2020Updated 5 years ago
- #JavascriptRecon #bugbounty☆21Aug 18, 2021Updated 4 years ago
- Tests for SSRF by injecting a specified location into different headers. This is a Rust port of m4ll0k's tool.☆37Jul 7, 2020Updated 5 years ago
- ☆32Jun 27, 2022Updated 3 years ago
- A replacement of "qsreplace", accepts URLs as standard input, replaces all query string values with user-supplied values and stdout.☆109Mar 1, 2022Updated 4 years ago
- ☆145Jul 25, 2022Updated 3 years ago
- TProx is a fast reverse proxy path traversal detector and directory bruteforcer.☆30Sep 16, 2021Updated 4 years ago
- BugBounty , sort and delete duplicates param value without missing original value☆22Jul 31, 2021Updated 4 years ago
- ☆18Apr 26, 2021Updated 5 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl and Filter Urls With OpenRedirection or SS…☆175Nov 11, 2020Updated 5 years ago
- A tool for append URLs, skipping duplicates/paths & combine parameters.�☆129Mar 2, 2022Updated 4 years ago
- Community curated list of templates for the erebus engine to find security vulnerabilities.☆16Jul 10, 2021Updated 4 years ago
- ☆14Feb 26, 2021Updated 5 years ago
- Extract domain from SSL Information☆15Nov 23, 2021Updated 4 years ago
- grapX will iterate through the URLs and grep the endpoints with all possible extensions.☆55Mar 23, 2021Updated 5 years ago
- A Simple Tool to Pull Paid Bounty Scopes for Wide Recon Actvities☆109Feb 22, 2021Updated 5 years ago
- XSSearch is a comprehensive reflected XSS tool built on selenium framework in python language. It contains more than 3000 payloads for au…☆59Feb 4, 2022Updated 4 years ago
- ☆27Jul 30, 2021Updated 4 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…☆133Feb 19, 2021Updated 5 years ago
- WaybackURLS + OtxURLS + CommonCrawl = The Best Results☆21Dec 7, 2019Updated 6 years ago
- Generates permutations, alterations and mutations of subdomains. Auto Resolve what we find.☆11Dec 8, 2020Updated 5 years ago
- Get all possible href | src | url from target url or domain☆40Aug 5, 2020Updated 5 years ago
- Easily schedule commands to run multiple times at set intervals (like a cronjob, but with one command)☆84Apr 5, 2021Updated 5 years ago
- Bucky (An automatic S3 bucket discovery tool)☆198Jan 6, 2022Updated 4 years ago
- Discovery Header Bug Bounty to DoD☆49Aug 20, 2021Updated 4 years ago
- Dotmil subdomain discovery tool that scrapes domains from official DoD website directories and certificate transparency logs☆95Jan 21, 2021Updated 5 years ago
- A collection of one off hacks and simple scripts☆26Mar 21, 2023Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- QUESTER is a Web Pentesting & Bug Bounty Recon tool which queries URLs / Subdomains from the given list of URLs or subdomains.☆15Aug 2, 2021Updated 4 years ago
- Automated client-side template injection (sandbox escape/bypass) detection for AngularJS.☆11Dec 14, 2025Updated 5 months ago
- Urls de-duplication tool for better recon.☆145Apr 13, 2026Updated last month
- 🏵 Gee is tool of stdin to each files and stdout. It is similar to the tee command, but there are more functions for convenience. In addi…☆85Sep 30, 2025Updated 8 months ago
- A Payload Injector for bugbounties written in go☆70Jul 18, 2020Updated 5 years ago
- Tool to find JavaScript files on Websites☆529Nov 2, 2023Updated 2 years ago
- Extract parameters/paths from urls☆17Aug 2, 2020Updated 5 years ago