Alternatives and similar repositories for related-domains

Users that are interested in related-domains are comparing it to the libraries listed below

• tr3ss / newclei
  A Go tool that gets the newest PRs from projectdiscovery/nuclei-templates.
  ☆56Updated 2 years ago
• j3ssie / cdnstrip
  Striping CDN & WAF IPs from a list of IP Addresses
  ☆79Updated 6 months ago
• hakluke / hakfindinternaldomains
  Feed it a list of subdomains, it will resolve them and tell you which ones are internal
  ☆93Updated 4 years ago
• clarkvoss / Nuclei-Templates
  ☆84Updated 3 years ago
• ethicalhackingplayground / pathbuster
  A path-normalization pentesting tool.
  ☆134Updated last month
• six2dez / resolvers_reconftw
  Resolvers updated daily for reconftw
  ☆47Updated 2 years ago
• Ph33rr / cirrusgo
  A fast tool to scan SAAS,PAAS App written in Go
  ☆84Updated 2 years ago
• gwen001 / gitlab-subdomains
  Find subdomains on GitLab.
  ☆103Updated last year
• Th0h0 / autopoisoner
  Web cache poisoning vulnerability scanner.
  ☆72Updated 3 years ago
• devanshbatham / heaptruffle
  Mine URLs from Browser's Heap Snapshot for fun and profit
  ☆64Updated 2 years ago
• panch0r3d / nuclei-templates
  ☆89Updated 4 years ago
• mhmdiaa / waybackrobots
  Enumerate old versions of robots.txt paths using Wayback Machine for content discovery
  ☆53Updated 2 years ago
• PatrikFehrenbach / vilicus
  vīlicus is a bug bounty api dashboard
  ☆40Updated 2 years ago
• emadshanab / Content-Discovery-Web-Dir-Bruteforce-wordlists-Collection
  ☆37Updated last year
• seanmarpo / webjars-swagger-xss
  PoC for XSS in org.webjars:swagger-ui [3.14.2, 3.36.2]
  ☆53Updated 2 years ago
• ethicalhackingplayground / dnsresolver
  A Lightning-Fast DNS Resolver written in Rust 🦀
  ☆68Updated last year
• 0xRTH / IISRecon
  IIS shortname scanner + bruteforce
  ☆54Updated last year
• h1pmnh / sqli-dojo-docker
  A demo PHP application used to exercise SQL injection techniques in a safe, local Docker environment
  ☆44Updated last year
• cosad3s / hfinder
  Help recon of hostnames from specific ASN or CIDR, thanks to Robtex and BGP.HE
  ☆54Updated last year
• gwen001 / DataExtractor
  A Burp Suite extension to extract datas from source code while browsing.
  ☆160Updated last year
• NagliNagli / OneLiners
  Simple bash Oneliners to make life easier
  ☆62Updated 5 years ago
• tamimhasan404 / Gau-Expose
  It grep subdomains, email/username, build custom wordlist etc from gau results
  ☆48Updated 3 years ago
• trickest / enumerepo
  List all public repositories for (valid) GitHub usernames
  ☆76Updated 2 years ago
• vitorfhc / queryxss
  Tool for testing reflections in the HTTP responses
  ☆60Updated 2 years ago
• NitinYadav00 / gf-patterns
  Some of the gf patterns which i use
  ☆45Updated 3 years ago
• haticeerturk / scoper
  This is a Burp Suite extension that allows users to easily add web addresses to the Burp Suite scope.
  ☆97Updated 10 months ago
• wdahlenburg / VhostFinder
  Identify virtual hosts by similarity comparison
  ☆131Updated last year
• tess-ss / recon-ninja
  Recon-Ninja
  ☆86Updated last year
• BrownBearSec / SDTO-realworld-subdomains
  A repository to host the subdomain wordlists from my blog https://medium.com/@nynan/what-i-learnt-from-reading-217-subdomain-takeover-bug…
  ☆40Updated 3 years ago
• Mostafa-Elguerdawi / Automation_Bug_Hunting
  ☆67Updated 2 years ago