Alternatives and similar repositories for wordlists

Users that are interested in wordlists are comparing it to the libraries listed below

• codewatchorg / Burp-AnonymousCloud
  Burp extension that performs a passive scan to identify cloud buckets and then test them for publicly accessible vulnerabilities
  ☆46Updated 2 years ago
• codewatchorg / Burp-IndicatorsOfVulnerability
  Burp extension that checks application requests and responses for indicators of vulnerability or targets for attack
  ☆41Updated 2 years ago
• Static-Flow / BurpSuiteTeamServer
  This is the Go Server that relays all HTTP requests and responses between clients.
  ☆28Updated 2 years ago
• hahwul / ras-fuzzer
  RAS(RAndom Subdomain) Fuzzer
  ☆42Updated 5 years ago
• osamahamad / CVE-2020-9484-Mass-Scan
  CVE-2020-9484 Mass Scanner, Scan a list of urls for Apache Tomcat deserialization (CVE-2020-9484) which could lead to RCE
  ☆31Updated 5 years ago
• netscylla / JWT_Hacking
  Collection of scripts that aid in penetration testing of JSON Web Tokens
  ☆59Updated 6 years ago
• SomeKirill / wordlist_generator
  Unique wordlist generator of unique wordlists.
  ☆42Updated 2 years ago
• TROUBLE-1 / codeza
  This tool will scan all the URL's in the file and will provide Content-Length, Status-Code, Server and more.
  ☆36Updated 3 years ago
• ZephrFish / BurpFeed
  Hacked together script for feeding urls into Burp's Sitemap
  ☆93Updated 6 months ago
• DFC302 / statusparser
  Retrive the status codes from a list of URLs
  ☆33Updated 5 years ago
• mgeeky / burpContextAwareFuzzer
  BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JS…
  ☆40Updated 4 years ago
• twelvesec / BearerAuthToken
  This burpsuite extender provides a solution on testing Enterprise applications that involve security Authorization tokens into every HTTP…
  ☆47Updated 6 years ago
• ettic-team / EndpointFinder-Burp
  ☆32Updated 6 years ago
• EdOverflow / curate
  A tool for fetching archived URLs (to be rewritten in Go).
  ☆41Updated 7 years ago
• profmoriarity / wfuxx
  web-based-fuzzer
  ☆32Updated 5 years ago
• cujanovic / subdomain-bruteforce-list
  subdomain bruteforce list
  ☆102Updated last year
• PortSwigger / burp-smart-buster
  A Burp Suite content discovery plugin that add the smart into the Buster!
  ☆32Updated 7 years ago
• rhelmke / urlenc
  URL-encode data streams via commandline
  ☆14Updated 6 years ago
• antichown / vpn-ssl-pulse
  Pulse SSL VPN Arbitrary File Read burp extension
  ☆24Updated 6 years ago
• theblackturtle / wildcheck
  A simple tool to detect wildcards domain based on Amass's wildcards detector.
  ☆65Updated 4 years ago
• jimmy-ly00 / dirlister
  Create wordlists from source codes files/directories for enumeration
  ☆30Updated 2 years ago
• random-robbie / kube-scan
  Kubernetes Scanner
  ☆40Updated 3 years ago
• InitRoot / BurpSQLTruncSanner
  Messy BurpSuite plugin for SQL Truncation vulnerabilities.
  ☆63Updated 5 years ago
• arbazkiraak / BurpBLH
  Broken Link Hijacking Burp Extension
  ☆57Updated 6 years ago
• si9int / ScreenShooter
  Convert your masscan/subdomain-scan results (80,443,8080) into screenshots for better analysis
  ☆37Updated 7 years ago
• Regala / burp-subdomains
  Burp Suite extension to easily export sub domains
  ☆44Updated 5 years ago
• 003random / ICU
  An Extended, Modulair, Host Discovery Framework
  ☆43Updated 6 years ago
• secxena / credcheck
  Credentials Checking Framework
  ☆54Updated 2 years ago
• cybercdh / dirlstr
  Finds Directory Listings or open S3 buckets from a list of URLs
  ☆53Updated 3 years ago
• adamyordan / offbyslash-django-dumper
  A proof of concept to dump Django website's source code affected by NGINX's off-by-slash alias directive misconfiguration.
  ☆24Updated 2 years ago