hahwul / dalfox
ππ¦ Dalfox is a powerful open-source XSS scanner and utility focused on automation.
β4,251Updated this week
Alternatives and similar repositories for dalfox
Users that are interested in dalfox are comparing it to the libraries listed below
Sorting:
- Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.β4,342Updated 4 months ago
- Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probingβ2,718Updated 10 months ago
- Rockyou for web fuzzingβ2,789Updated 2 weeks ago
- The Swiss Army knife for automated Web Application Testingβ2,233Updated last year
- Fetch all the URLs that the Wayback Machine knows about for a domainβ3,895Updated last year
- Find domains and subdomains related to a given domainβ3,256Updated 11 months ago
- Take a list of domains and probe for working HTTP and HTTPS serversβ2,996Updated 10 months ago
- An OOB interaction gathering server and client libraryβ3,751Updated last week
- HTTP parameter discovery suite.β5,612Updated 2 months ago
- reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and findinβ¦β6,238Updated last week
- The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, fβ¦β4,213Updated 7 months ago
- A python script that finds endpoints in JavaScript filesβ3,940Updated last year
- Automatic SSRF fuzzer and exploitation toolβ3,188Updated 2 months ago
- A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attβ¦β5,146Updated last week
- Contextual Content Discovery Toolβ2,837Updated last year
- Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug huβ¦β2,153Updated 10 months ago
- Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entβ¦β1,865Updated 5 months ago
- Automated & Manual Wordlists provided by Assetnoteβ1,432Updated 9 months ago
- A curated list of amazingly awesome Burp Extensionsβ3,173Updated 2 months ago
- Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web applicationβ4,704Updated 4 months ago
- An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flawsβ3,509Updated 2 months ago
- Top disclosed reports from HackerOneβ4,517Updated 3 weeks ago
- SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript filesβ2,166Updated 11 months ago
- Fast passive subdomain enumeration tool.β11,650Updated last week
- This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for β¦β3,322Updated this week
- "Can I take over XYZ?" β a list of services and how to claim (sub)domains with dangling DNS records.β5,147Updated 3 months ago
- dnsx is a fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolvers.β2,336Updated last month
- Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.β5,482Updated 8 months ago
- A toolkit for testing, tweaking and cracking JSON Web Tokensβ5,804Updated last week
- The fastest and complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, suβ¦β3,455Updated 3 weeks ago