Alternatives and similar repositories for guidtool

Users that are interested in guidtool are comparing it to the libraries listed below

• doyensec / oidc-ssrf

  View on GitHub
  An Evil OIDC Server
  ☆53Oct 19, 2022Updated 3 years ago
• defparam / haptyc

  View on GitHub
  ☆95Sep 18, 2021Updated 4 years ago
• 0xacb / recollapse

  View on GitHub
  REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications
  ☆1,287Aug 7, 2025Updated 6 months ago
• xnl-h4ck3r / urless

  View on GitHub
  De-clutter a list of URLs
  ☆384Feb 3, 2026Updated last week
• forcesunseen / graphquail

  View on GitHub
  Burp Suite extension that offers a toolkit for testing GraphQL endpoints.
  ☆205Aug 5, 2024Updated last year
• BishopFox / jsluice

  View on GitHub
  Extract URLs, paths, secrets, and other interesting bits from JavaScript
  ☆1,755May 22, 2024Updated last year
• dhn / spk

  View on GitHub
  spk aka spritzgebaeck: A small OSINT/Recon tool to find CIDRs that belong to a specific organization.
  ☆84Jan 12, 2026Updated last month
• hakluke / hakoriginfinder

  View on GitHub
  Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!
  ☆975Jan 12, 2024Updated 2 years ago
• sw33tLie / sns

  View on GitHub
  IIS shortname scanner written in Go
  ☆355Mar 25, 2023Updated 2 years ago
• assetnote / surf

  View on GitHub
  Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …
  ☆749Dec 19, 2023Updated 2 years ago
• wfinn / redirex

  View on GitHub
  tool that generates bypasses for open redirects
  ☆52Apr 18, 2022Updated 3 years ago
• Anof-cyber / ParaForge

  View on GitHub
  A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing
  ☆143Jun 27, 2023Updated 2 years ago
• bitquark / shortscan

  View on GitHub
  An IIS short filename enumeration tool
  ☆1,109Nov 25, 2024Updated last year
• spaceraccoon / detect-cve-2024-4367

  View on GitHub
  YARA detection rule for CVE-2024-4367 arbitrary javascript execution in PDF.js
  ☆11May 27, 2024Updated last year
• Escape-Technologies / graphql-wordlist

  View on GitHub
  The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.
  ☆458Oct 3, 2023Updated 2 years ago
• nicholasaleks / CrackQL

  View on GitHub
  CrackQL is a GraphQL password brute-force and fuzzing utility.
  ☆346Aug 3, 2024Updated last year
• nikitastupin / clairvoyance

  View on GitHub
  Obtain GraphQL API schema even if the introspection is disabled
  ☆1,383Dec 5, 2025Updated 2 months ago
• robre / jsmon

  View on GitHub
  a javascript change monitoring tool for bugbounties
  ☆710Jul 31, 2024Updated last year
• BishopFox / sj

  View on GitHub
  A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.
  ☆719Feb 3, 2026Updated last week
• Philesiv / XSLeaker

  View on GitHub
  Searcher for cross-site leaks (XS-Leaks)
  ☆82Dec 27, 2022Updated 3 years ago
• 0xDexter0us / Scavenger

  View on GitHub
  Burp extension to create target specific and tailored wordlist from burp history.
  ☆255Dec 8, 2021Updated 4 years ago
• iangcarroll / cookiemonster

  View on GitHub
  🍪 CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.
  ☆966Jan 10, 2025Updated last year
• g0ldencybersec / CloudRecon

  View on GitHub
  ☆520Apr 29, 2024Updated last year
• kiber-io / apkd

  View on GitHub
  APK downloader from few sources
  ☆136Aug 18, 2025Updated 5 months ago
• caido-community / burp2caido

  View on GitHub
  A tool to migrate Burpsuite HTTP history to Caido
  ☆35Apr 25, 2025Updated 9 months ago
• haticeerturk / scoper

  View on GitHub
  This is a Burp Suite extension that allows users to easily add web addresses to the Burp Suite scope.
  ☆97Jan 2, 2025Updated last year
• denandz / sourcemapper

  View on GitHub
  Extract JavaScript source trees from Sourcemap files
  ☆1,279Mar 22, 2024Updated last year
• sw33tLie / bbscope

  View on GitHub
  Scope aggregation tool for HackerOne, Bugcrowd, Intigriti, YesWeHack, and Immunefi!
  ☆1,262Jan 28, 2026Updated 2 weeks ago
• w9w / JSA

  View on GitHub
  Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.
  ☆560Mar 8, 2025Updated 11 months ago
• xnl-h4ck3r / waymore

  View on GitHub
  Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan, VirusTotal, GhostArchive & Intelligence X!
  ☆2,533Feb 7, 2026Updated last week
• resyncgg / ripgen

  View on GitHub
  Rust-based high performance domain permutation generator.
  ☆297Dec 2, 2023Updated 2 years ago
• Moopinger / smugglefuzz

  View on GitHub
  A rapid HTTP downgrade smuggling scanner written in Go.
  ☆311May 16, 2024Updated last year
• assetnote / blind-ssrf-chains

  View on GitHub
  An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability
  ☆946Dec 31, 2021Updated 4 years ago
• visma-prodsec / confused

  View on GitHub
  Tool to check for dependency confusion vulnerabilities in multiple package management systems
  ☆775Aug 19, 2024Updated last year
• random-robbie / wayback-saver

  View on GitHub
  Saves pages to Wayback machine
  ☆13Dec 2, 2024Updated last year
• 0ang3el / aem-hacker

  View on GitHub
  ☆809Jul 28, 2024Updated last year
• hakluke / hakip2host

  View on GitHub
  hakip2host takes a list of IP addresses via stdin, then does a series of checks to return associated domain names.
  ☆453Apr 27, 2022Updated 3 years ago
• xnl-h4ck3r / GAP-Burp-Extension

  View on GitHub
  Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist
  ☆1,495Jan 8, 2026Updated last month
• doyensec / Prototype-Pollution-Gadgets-Finder

  View on GitHub
  ☆91Apr 29, 2024Updated last year