Alternatives and similar repositories for forbidden:

Users that are interested in forbidden are comparing it to the libraries listed below

• Josue87 / gotator
  Gotator is a tool to generate DNS wordlists through permutations.
  ☆475Updated 2 years ago
• trickest / mkpath
  Make URL path combinations using a wordlist
  ☆174Updated last year
• hisxo / JSpector
  A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues
  ☆356Updated last year
• wdahlenburg / interactsh-collaborator
  Burpsuite plugin for Interact.sh
  ☆220Updated 10 months ago
• MindPatch / lorsrf
  Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load
  ☆293Updated 7 months ago
• Impact-I / x8-Burp
  Hidden parameters discovery suite
  ☆223Updated 2 years ago
• carlospolop / fuzzhttpbypass
  This tool use fuuzzing to try to bypass unknown authentication methods, who knows...
  ☆247Updated 8 months ago
• daffainfo / match-replace-burp
  Useful "Match and Replace" burpsuite rules
  ☆346Updated last year
• ARPSyndicate / bug-bounty-domains
  Domains belonging to the most reputed public bug bounty programs. [NOT FOR NON-MONETARY OR PRIVATE PROGRAMS]
  ☆216Updated 7 months ago
• root-tanishq / userefuzz
  User-Agent , X-Forwarded-For and Referer SQLI Fuzzer
  ☆382Updated last year
• trickest / mksub
  Generate tens of thousands of subdomain combinations in a matter of seconds
  ☆270Updated last year
• projectdiscovery / interactsh-web
  Web dashboard for Interactsh client
  ☆212Updated last week
• d3mondev / burp-vps-proxy
  This Burp Suite extension allows for the automatic creation and deletion of an upstream SOCKS5 proxy on popular cloud services.
  ☆241Updated last month
• iamthefrogy / nerdbug
  Full Nuclei automation script with logic explanation.
  ☆243Updated 3 years ago
• bp0lr / gauplus
  ☆290Updated 2 years ago
• hakluke / hakip2host
  hakip2host takes a list of IP addresses via stdin, then does a series of checks to return associated domain names.
  ☆443Updated 3 years ago
• cramppet / regulator
  Automated learning of regexes for DNS discovery
  ☆364Updated 2 years ago
• osmedeus / osmedeus-base
  Build your own reconnaissance system with Osmedeus Next Generation
  ☆188Updated this week
• ferreiraklet / airixss
  Finding XSS during recon
  ☆257Updated 2 years ago
• volkandindar / agartha
  A Burp extension helps identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violations,…
  ☆371Updated 2 weeks ago
• Net-hunter121 / API-Wordlist
  ☆240Updated 3 years ago
• BitTheByte / Monitorizer
  Monitoring framework to detect and report newly found subdomains on a specific target using various scanning tools
  ☆273Updated 9 months ago
• ameenmaali / urldedupe
  Pass in a list of URLs with query strings, get back a unique list of URLs and query string combinations
  ☆359Updated 4 years ago
• honoki / bbrf-server
  The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices
  ☆310Updated 5 months ago
• 0x240x23elu / JSScanner
  Js File Scanner
  ☆169Updated 3 years ago
• geeknik / the-nuclei-templates
  Nuclei templates written by us.
  ☆269Updated 3 years ago
• R0X4R / bhedak
  A replacement of "qsreplace", accepts URLs as standard input, replaces all query string values with user-supplied values and stdout.
  ☆105Updated 3 years ago
• edoardottt / missing-cve-nuclei-templates
  Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration test…
  ☆374Updated this week
• Akokonunes / Private-Nuclei-Templates
  ☆158Updated last year
• Sn1r / Forbidden-Buster
  A tool designed to automate various techniques in order to bypass HTTP 401 and 403 response codes and gain access to unauthorized areas i…
  ☆176Updated 7 months ago