☆172Jan 26, 2023Updated 3 years ago
Alternatives and similar repositories for transformations
Users that are interested in transformations are comparing it to the libraries listed below
Sorting:
- Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures t…☆213Mar 31, 2020Updated 5 years ago
- A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon☆1,293Jan 26, 2024Updated 2 years ago
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆303Feb 12, 2023Updated 3 years ago
- A highly configurable Framework for easy automated web scanning☆381Jul 13, 2020Updated 5 years ago
- You can read the writeup on this script here☆273Jul 12, 2020Updated 5 years ago
- ☆88Apr 24, 2024Updated last year
- Simple "postMessage logger" Chrome extension☆103May 2, 2020Updated 5 years ago
- A wrapper around jq, to help you parse jq output!☆30Aug 23, 2020Updated 5 years ago
- ☆46Sep 10, 2020Updated 5 years ago
- Burp Extension for copying requests safely. It redacts headers like Cookie, Authorization and X-CSRF-Token for now. More support can be a…☆18May 17, 2020Updated 5 years ago
- Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.☆213Jun 23, 2020Updated 5 years ago
- Reconnaissance tool which scans javascript files for subdomains and then iterates over all javascript files hosted on subsequent subdomai…☆223Jul 10, 2020Updated 5 years ago
- Urls status code & content length checker☆146Oct 1, 2020Updated 5 years ago
- Various Payload wordlists☆240Apr 26, 2025Updated 10 months ago
- ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight☆220Apr 10, 2022Updated 3 years ago
- PostMessage extension☆102Aug 28, 2019Updated 6 years ago
- CRACK AND CHECK HASH TYPES IN BULK☆13Jul 28, 2021Updated 4 years ago
- web-based-fuzzer☆32Jun 26, 2020Updated 5 years ago
- Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl and Filter Urls With OpenRedirection or SS…☆174Nov 11, 2020Updated 5 years ago
- Wrapper around LinkFinder to quickly determine whether endpoints have been added/removed to JavaScript files.☆41Dec 27, 2019Updated 6 years ago
- sub domain wild card filtering tool☆40Apr 18, 2020Updated 5 years ago
- ☆562Mar 27, 2025Updated 11 months ago
- Bass grabs you those "extra resolvers" you are missing out on when performing Active DNS enumeration. Add anywhere from 100-6k resolvers …☆147Apr 12, 2024Updated last year
- The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, f…☆4,350Sep 30, 2024Updated last year
- ☆95Sep 18, 2021Updated 4 years ago
- Extract relative urls from a heap snapshot☆87May 30, 2021Updated 4 years ago
- HTTP parameter discovery suite.☆93Apr 16, 2020Updated 5 years ago
- find hardcoded strings from source code☆285Feb 3, 2022Updated 4 years ago
- Fast GitHub recon tool. Scans for leaked secrets across all of GitHub, not just known repos and orgs. Support for GitHub dorks.☆1,405Feb 10, 2026Updated 2 weeks ago
- Fetches javascript file from a list of URLS or subdomains.☆835Jul 22, 2025Updated 7 months ago
- List DTDs and generate XXE payloads using those local DTDs.☆648Feb 21, 2024Updated 2 years ago
- ☆694Jul 4, 2022Updated 3 years ago
- Maintains a list of IPv4 DNS servers by verifying them against baseline servers, and ensuring accurate responses.☆729Jan 16, 2024Updated 2 years ago
- Repo of useful scripts☆104Jun 30, 2020Updated 5 years ago
- CollabOzark is a simple tool which helps the researchers track SSRF, RCE, Blind XSS, XXE, External Resource Access payloads triggers.☆135Sep 25, 2019Updated 6 years ago
- A collection of tools to perform searches on GitHub.☆1,467Feb 9, 2023Updated 3 years ago
- ☆36Sep 12, 2020Updated 5 years ago
- Words list generator to crack security tokens☆110May 20, 2020Updated 5 years ago
- A handy DNS service written in Go to aid in the detection of several types of blind vulnerabilities. It monitors a pentester's server for…☆192Sep 6, 2020Updated 5 years ago