Alternatives and similar repositories for scary-strings

Users that are interested in scary-strings are comparing it to the libraries listed below

• nullenc0de / ChromeAudit
  Nuclei plugins to audit Chrome extensions
  ☆65Updated last year
• infosecak / DVBE
  Damn Vulnerable Browser Extension (DVBE), previously named as Badly Coded Browser Extension (BCBE), is an open-source vulnerable Chrome E…
  ☆31Updated 7 months ago
• adelapazborrero / slack_jack
  Hijack a slack bot to phish your way in
  ☆57Updated 3 months ago
• intrudir / burpcollaborator-docker
  A set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate in as simple a p…
  ☆30Updated 9 months ago
• adeptex / whispers
  Identify hardcoded secrets in static structured text (version 2)
  ☆94Updated 8 months ago
• Outpost24 / outpost24-cors-check
  Additional active scan checks for BURP
  ☆28Updated last year
• siamthanathack / Passkey-Raider
  Burp Suite extension for testing Passkey systems.
  ☆74Updated 6 months ago
• thisis0xczar / FrogPost
  FrogPost: postMessage Security Testing Tool
  ☆98Updated this week
• nodyhub / zipslipper
  Create tar/zip archives that try to exploit zipslip vulnerability.
  ☆48Updated last year
• Anof-cyber / PyCript-WebSocket
  Burp Suite extension for bypassing client-side encryption for pentesting and bug bounty in WebSocket
  ☆84Updated last month
• tenable / hidden-services-revealer
  ☆39Updated last year
• trufflesecurity / WhoAmISlack
  Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.
  ☆42Updated last year
• redrays-io / WS_RaceCondition_PoC
  Simple PoC for demonstrating Race Conditions on Websockets
  ☆55Updated 2 years ago
• synacktiv / gh-hijack-runner
  A python script to create a fake GitHub runner and hijack pipeline jobs to leak CI/CD secrets.
  ☆27Updated last year
• GONZOsint / trufflehog-explorer
  TruffleHog Explorer, a user-friendly web-based tool to visualize and analyze data extracted using TruffleHog.
  ☆48Updated 9 months ago
• n0tspam / delepwn
  DelePwn is a security assessment tool designed to identify and demonstrate the risks associated with Google Workspace Domain-Wide Delegat…
  ☆35Updated 2 months ago
• umair9747 / 4oFour
  A tech enumeration toolkit focused on 404 Not found pages.
  ☆25Updated last year
• nightwatchcybersecurity / gitbleed_tools
  ☆90Updated 3 years ago
• PalindromeLabs / WebSockets-Playground
  Jumpstart multiple WebSocket servers quickly
  ☆32Updated 3 years ago
• Liodeus / swaggerHole
  A python3 script searching for secret on swaggerhub
  ☆66Updated 3 years ago
• red-kite-solutions / stalker
  Stalker, the Extensible Attack Surface Management tool.
  ☆87Updated 2 weeks ago
• RichardoC / gitlab-secrets
  This tool analyzes a given Gitlab repository and searches for dangling or force-pushed commits containing potential secret or interesting…
  ☆47Updated last year
• yeswehack / myopenvdp
  MyOpenVDP is a free web application to install a vulnerability disclosure policy or a vulnerability disclosure program on your assets. (V…
  ☆31Updated last year
• dwisiswant0 / ipfuscator
  A blazing-fast, thread-safe, straightforward and zero memory allocations tool to swiftly generate alternative IP(v4) address representati…
  ☆93Updated 2 years ago
• harisec / orange-confusion-attacks
  Repro for Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!
  ☆20Updated last year
• dreadnode / burpference
  A research project to add some brrrrrr to Burp
  ☆194Updated 8 months ago
• rootcathacking / cloudcat
  aws cli pentesting/red team snippets
  ☆32Updated last year
• Sprocket-Security / cvetrends
  cvet is a Python utility for pulling actionable vulnerabilities from cvetrends.com
  ☆39Updated 3 years ago
• koaj / aws-s3-bucket-wordlist
  Most common AWS S3 bucket names.
  ☆27Updated 5 years ago
• honoki / bbrf-agents
  A collection of BBRF agents that can be deployed to AWS lambda
  ☆23Updated 11 months ago