Alternatives and similar repositories for navgix

Users that are interested in navgix are comparing it to the libraries listed below

• yousseflahouifi / moniorg

  View on GitHub
  moniorg is a tool that leverages crt.sh website to monitor domains of a target
  ☆47Apr 1, 2023Updated 2 years ago
• Escape-Technologies / graphql-wordlist

  View on GitHub
  The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.
  ☆454Oct 3, 2023Updated 2 years ago
• bitquark / shortscan

  View on GitHub
  An IIS short filename enumeration tool
  ☆1,109Nov 25, 2024Updated last year
• assetnote / surf

  View on GitHub
  Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …
  ☆749Dec 19, 2023Updated 2 years ago
• Anof-cyber / ParaForge

  View on GitHub
  A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing
  ☆143Jun 27, 2023Updated 2 years ago
• avito-tech / deepsecrets

  View on GitHub
  Secrets scanner that understands code
  ☆192Nov 2, 2023Updated 2 years ago
• puzzlepeaches / ffufw

  View on GitHub
  ☆144Apr 25, 2024Updated last year
• e1abrador / sub.Monitor

  View on GitHub
  Self-hosted passive subdomain continous monitoring tool.
  ☆170Jan 30, 2024Updated 2 years ago
• dillonfranke / protoburp

  View on GitHub
  Encode and Fuzz Custom Protobuf Messages in Burp Suite
  ☆36Mar 4, 2025Updated 11 months ago
• dsecuredcom / yataf

  View on GitHub
  yataf extracts secrets and paths from files or urls - its best used against javascript files
  ☆52Sep 11, 2024Updated last year
• BishopFox / sj

  View on GitHub
  A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.
  ☆721Feb 3, 2026Updated 2 weeks ago
• 0x999-x / jsluicepp

  View on GitHub
  jsluice++ is a Burp Suite extension designed for passive and active scanning of JavaScript traffic using the CLI tool jsluice
  ☆292Apr 9, 2024Updated last year
• BishopFox / jsluice

  View on GitHub
  Extract URLs, paths, secrets, and other interesting bits from JavaScript
  ☆1,755May 22, 2024Updated last year
• emadshanab / BChecks-Collection

  View on GitHub
  BChecks collection for Burp Suite Professional
  ☆99Jun 6, 2024Updated last year
• cyberaz0r / Burp-IISTildeEnumerationScanner

  View on GitHub
  Burp extension to check and exploit the IIS Tilde Enumeration/IIS 8.3 Short Filename Disclosure vulnerability
  ☆61Jun 12, 2023Updated 2 years ago
• doyensec / wsrepl

  View on GitHub
  WebSocket REPL for pentesters
  ☆234Jul 24, 2024Updated last year
• 0xacb / recollapse

  View on GitHub
  REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications
  ☆1,288Aug 7, 2025Updated 6 months ago
• doyensec / oidc-ssrf

  View on GitHub
  An Evil OIDC Server
  ☆53Oct 19, 2022Updated 3 years ago
• hakluke / hakoriginfinder

  View on GitHub
  Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!
  ☆973Jan 12, 2024Updated 2 years ago
• haticeerturk / scoper

  View on GitHub
  This is a Burp Suite extension that allows users to easily add web addresses to the Burp Suite scope.
  ☆97Jan 2, 2025Updated last year
• Moopinger / smugglefuzz

  View on GitHub
  A rapid HTTP downgrade smuggling scanner written in Go.
  ☆313May 16, 2024Updated last year
• RandomRobbieBF / CVE-2023-7028

  View on GitHub
  CVE-2023-7028
  ☆58Jan 12, 2024Updated 2 years ago
• devanshbatham / rayder-workflows

  View on GitHub
  Repo for hosting rayder workflows
  ☆64Aug 31, 2023Updated 2 years ago
• musana / fuzzuli

  View on GitHub
  fuzzuli is a url fuzzing tool that aims to find critical backup files by creating a dynamic wordlist based on the domain.
  ☆936Aug 24, 2023Updated 2 years ago
• mschwager / route-detect

  View on GitHub
  Find authentication (authn) and authorization (authz) security bugs in web application routes.
  ☆282Sep 11, 2025Updated 5 months ago
• devanshbatham / rayder

  View on GitHub
  A lightweight tool for orchestrating and organizing your bug hunting recon / pentesting command-line workflows
  ☆299Sep 8, 2023Updated 2 years ago
• devanshbatham / heaptruffle

  View on GitHub
  Mine URLs from Browser's Heap Snapshot for fun and profit
  ☆64Aug 9, 2023Updated 2 years ago
• The-Login / DNS-Analyzer

  View on GitHub
  A Burp Suite extension for finding DNS vulnerabilities in web applications!
  ☆91Sep 12, 2023Updated 2 years ago
• forcesunseen / graphquail

  View on GitHub
  Burp Suite extension that offers a toolkit for testing GraphQL endpoints.
  ☆203Aug 5, 2024Updated last year
• caido-community / burp2caido

  View on GitHub
  A tool to migrate Burpsuite HTTP history to Caido
  ☆35Apr 25, 2025Updated 9 months ago
• Josue87 / gotator

  View on GitHub
  Gotator is a tool to generate DNS wordlists through permutations.
  ☆504Jul 17, 2022Updated 3 years ago
• trufflesecurity / WhoAmISlack

  View on GitHub
  Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.
  ☆41Dec 12, 2023Updated 2 years ago
• stark0de / nginxpwner

  View on GitHub
  Nginxpwner is a simple tool to look for common Nginx misconfigurations and vulnerabilities.
  ☆1,581Mar 4, 2024Updated last year
• wfinn / redirex

  View on GitHub
  tool that generates bypasses for open redirects
  ☆51Apr 18, 2022Updated 3 years ago
• defparam / haptyc

  View on GitHub
  ☆94Sep 18, 2021Updated 4 years ago
• ethicalhackingplayground / pathbuster

  View on GitHub
  A path-normalization pentesting tool.
  ☆150Jan 22, 2026Updated 3 weeks ago
• PatrikFehrenbach / vilicus

  View on GitHub
  vīlicus is a bug bounty api dashboard
  ☆42Aug 13, 2023Updated 2 years ago
• riramar / SmuggleTP

  View on GitHub
  A straightforward tool for exploiting SMTP Smuggling vulnerabilities.
  ☆14Jul 22, 2024Updated last year
• xnl-h4ck3r / GAP-Burp-Extension

  View on GitHub
  Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist
  ☆1,495Jan 8, 2026Updated last month