Erebus is a fast tool for parameter-based vulnerability scanning using a Yaml based template engine like nuclei.
☆134Jul 11, 2021Updated 4 years ago
Alternatives and similar repositories for erebus
Users that are interested in erebus are comparing it to the libraries listed below
Sorting:
- Community curated list of templates for the erebus engine to find security vulnerabilities.☆16Jul 10, 2021Updated 4 years ago
- TProx is a fast reverse proxy path traversal detector and directory bruteforcer.☆30Sep 16, 2021Updated 4 years ago
- Extract endpoints marked as disallow in robots files to generate wordlists.☆58Mar 2, 2022Updated 4 years ago
- Vulnerability scanner for Spring4Shell (CVE-2022-22965)☆12Apr 7, 2022Updated 3 years ago
- A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀☆659Aug 28, 2025Updated 6 months ago
- An automated, reliable scanner for the Log4Shell (CVE-2021-44228) vulnerability.☆45Jan 22, 2025Updated last year
- A tool to perform permutations, mutations and alteration of subdomains in golang.☆156Nov 24, 2023Updated 2 years ago
- A simple tool which makes creating nuclei templates even easier.☆37Jun 23, 2024Updated last year
- ☆299Jul 16, 2022Updated 3 years ago
- Smart ssrf scanner using different methods like parameter brute forcing in post and get...☆279Feb 11, 2021Updated 5 years ago
- Simple tools to handle string and generate subdomain permutations☆15Jun 8, 2022Updated 3 years ago
- ☆436Jun 1, 2021Updated 4 years ago
- A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..e…☆1,024Feb 22, 2026Updated last week
- Subdomain Takeover tool with web UI☆57Feb 24, 2023Updated 3 years ago
- Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one pl…☆1,039Aug 23, 2025Updated 6 months ago
- A fuzzer made in golang for finding issues like xss, lfi, rce, ssti...that detects issues using change in content length and verify it us…☆62Oct 25, 2020Updated 5 years ago
- Nuclei Templates - Here you will find the templates I use while hunting☆120Sep 27, 2021Updated 4 years ago
- Little Bug Bounty & Hacking Tools⚔️☆370Nov 10, 2024Updated last year
- Finding XSS during recon☆273Sep 13, 2022Updated 3 years ago
- Client-Side Prototype Pollution Tools☆87Sep 21, 2021Updated 4 years ago
- Signatures for jaeles scanner by @j3ssie☆117Apr 20, 2024Updated last year
- A blind XSS detection and XSS data capture framework☆175Dec 6, 2025Updated 2 months ago
- A tool to download program information from Bugcrowd, for use by researchers to compare programs they are eligible to participate in☆21Dec 22, 2022Updated 3 years ago
- A command-line utility for auditing DNS configuration using Zonemaster API☆32Aug 21, 2023Updated 2 years ago
- ☆38Aug 27, 2022Updated 3 years ago
- Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load☆297Sep 22, 2024Updated last year
- Feed it a list of subdomains, it will resolve them and tell you which ones are internal☆93Nov 21, 2021Updated 4 years ago
- WRecon, is a tool for the recognition of vulnerabilities and blackbox information for wordpress.☆19Nov 30, 2022Updated 3 years ago
- Host Header Injection Checker☆84Mar 2, 2022Updated 4 years ago
- A Go tool that gets the newest PRs from projectdiscovery/nuclei-templates.☆55Jun 13, 2023Updated 2 years ago
- This script scrapes the list of open Bug Bounty Programs from openbugbounty.org☆28Mar 22, 2022Updated 3 years ago
- Nuclei Templates Directory☆57Feb 17, 2026Updated 2 weeks ago
- ☆33Jun 19, 2021Updated 4 years ago
- XRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing. This tool was built to test (XSS|SSRF|CORS|SSTI|ID…☆348Jun 17, 2023Updated 2 years ago
- Burp Suite Extension useful to verify OAUTHv2 and OpenID security☆175Oct 26, 2024Updated last year
- A tool for append URLs, skipping duplicates/paths & combine parameters.☆128Mar 2, 2022Updated 4 years ago
- A replacement of "qsreplace", accepts URLs as standard input, replaces all query string values with user-supplied values and stdout.☆109Mar 1, 2022Updated 4 years ago
- Generate tens of thousands of subdomain combinations in a matter of seconds☆273Sep 25, 2023Updated 2 years ago
- automated web assets enumeration & scanning [DEPRECATED]☆288Mar 7, 2023Updated 2 years ago