Alternatives and similar repositories for forbidden:

Users that are interested in forbidden are comparing it to the libraries listed below

• ARPSyndicate / bug-bounty-domains
  Domains belonging to the most reputed public bug bounty programs. [NOT FOR NON-MONETARY OR PRIVATE PROGRAMS]
  ☆215Updated 7 months ago
• d3mondev / burp-vps-proxy
  This Burp Suite extension allows for the automatic creation and deletion of an upstream SOCKS5 proxy on popular cloud services.
  ☆241Updated 2 weeks ago
• hisxo / JSpector
  A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues
  ☆353Updated last year
• projectdiscovery / interactsh-web
  Web dashboard for Interactsh client
  ☆208Updated last week
• root-tanishq / userefuzz
  User-Agent , X-Forwarded-For and Referer SQLI Fuzzer
  ☆381Updated last year
• volkandindar / agartha
  A Burp extension helps identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violations,…
  ☆367Updated last week
• Josue87 / gotator
  Gotator is a tool to generate DNS wordlists through permutations.
  ☆467Updated 2 years ago
• carlospolop / fuzzhttpbypass
  This tool use fuuzzing to try to bypass unknown authentication methods, who knows...
  ☆246Updated 7 months ago
• daffainfo / match-replace-burp
  Useful "Match and Replace" burpsuite rules
  ☆342Updated last year
• wdahlenburg / interactsh-collaborator
  Burpsuite plugin for Interact.sh
  ☆217Updated 9 months ago
• hansmach1ne / LFImap
  Local File Inclusion discovery and exploitation tool
  ☆294Updated 3 months ago
• trickest / mkpath
  Make URL path combinations using a wordlist
  ☆173Updated last year
• Net-hunter121 / API-Wordlist
  ☆238Updated 3 years ago
• anshumanpattnaik / http-request-smuggling
  HTTP Request Smuggling Detection Tool
  ☆491Updated last year
• SeifElsallamy / Blind-XSS-Manager
  Never forget where you inject.
  ☆228Updated 2 years ago
• ayadim / Nuclei-bug-hunter
  i will upload more templates here to share with the comunity.
  ☆542Updated 11 months ago
• edoardottt / missing-cve-nuclei-templates
  Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration test…
  ☆370Updated this week
• v4d1 / Dome
  Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search …
  ☆528Updated last year
• Bandit-HaxUnit / haxunit
  ☆318Updated 2 months ago
• cramppet / regulator
  Automated learning of regexes for DNS discovery
  ☆364Updated 2 years ago
• bp0lr / gauplus
  ☆287Updated 2 years ago
• oppsec / Pinkerton
  🕵️ JavaScript file crawler and secret finder tool developed with Python
  ☆286Updated last year
• projectdiscovery / fuzzing-templates
  Community curated list of nuclei templates for finding "unknown" security vulnerabilities.
  ☆63Updated 10 months ago
• zapstiko / wordlists
  All Type of Payloads
  ☆136Updated last year
• musana / fuzzuli
  fuzzuli is a url fuzzing tool that aims to find critical backup files by creating a dynamic wordlist based on the domain.
  ☆804Updated last year
• Impact-I / x8-Burp
  Hidden parameters discovery suite
  ☆223Updated 2 years ago
• silentsignal / burp-text4shell
  Text4Shell scanner for Burp Suite
  ☆189Updated 2 years ago
• Anof-cyber / PyCript
  Burp Suite extension for bypassing client-side encryption for pentesting and bug bounty
  ☆204Updated 2 months ago
• p0dalirius / webapp-wordlists
  This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contai…
  ☆515Updated 3 months ago
• w9w / JSA
  Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.
  ☆497Updated 3 weeks ago