Alternatives and similar repositories for X-Recon

Users that are interested in X-Recon are comparing it to the libraries listed below

• AiGptCode / Ai-Security-URL
  functions to exploit common web application vulnerabilities such as SQL Injection, Cross-Site Scripting (XSS), Server-Side Request Forger…
  ☆91Updated last year
• UndeadSec / SwaggerSpy
  Automated OSINT on SwaggerHub
  ☆221Updated last year
• mr-kasim-mehar / CveSpider
  A Python tool to resolve domains to IPs, fetch related CVEs, and display open ports
  ☆15Updated last month
• 1BlackLine / Payloads
  Payload for bug bounty
  ☆97Updated last year
• iamunixtz / LazySql
  ☆78Updated 8 months ago
• Stuub / CVE-2024-32640-SQLI-MuraCMS
  CVE-2024-32640 | Automated SQLi Exploitation PoC
  ☆68Updated last year
• errorfiathck / ssrf-exploit
  an exploit of Server-side request forgery (SSRF)
  ☆51Updated last year
• ill-deed / CVE-2025-34085-Multi-target
  Multi-target unauthenticated RCE scanner for CVE-2025-34085 affecting WordPress Simple File List plugin. Uploads, renames, and triggers P…
  ☆28Updated 5 months ago
• schooldropout1337 / nuclei-templates
  ☆184Updated last year
• zeusvlun / zeusleak
  ZeusLeak is a browser extension that automatically detects leaked secrets and credentials in code while browsing.
  ☆45Updated 9 months ago
• 0-d3y / SQLi
  It is a tool for scanning and exploiting the famous SQL injection vulnerability in more than millions of sites. The exploit was programme…
  ☆67Updated last year
• spyboy-productions / WebSecProbe
  Bypass 403
  ☆164Updated 10 months ago
• MuhammadWaseem29 / SubDomain-Grabber
  ☆21Updated 9 months ago
• RevoltSecurities / Dnsbruter
  Dnsbruter is a powerful tool designed to perform active subdomain enumeration and discovery. It uses DNS resolution to efficiently brutef…
  ☆122Updated last year
• VFA250 / Morgan
  Morgan is a powerful tool designed to help security researchers, developers, and security auditors identify sensitive information, vulner…
  ☆56Updated 10 months ago
• Spix0r / writeup-miner
  This is a useful Python script for extracting bug bounty or any other write-ups from every RSS.
  ☆142Updated last month
• LucasPDiniz / 403-Bypass
  Bypass 403 pages
  ☆125Updated last year
• VikzSharma / ffufwebparser
  Parse FFUF results in GUI with option to sort based by response code , size , keyword
  ☆99Updated last year
• blackhatethicalhacking / SQLMutant
  SQLMutant is a powerful SQL injection testing tool that includes both passive and active reconnaissance processes for any given domain. I…
  ☆161Updated last year
• umutcamliyurt / Subhunter
  A fast subdomain takeover tool
  ☆85Updated 2 years ago
• EmperialX / XSS-Automation-Tool
  "XSS automation tool helps hackers identify and exploit cross-site scripting vulnerabilities in web apps. Tests for reflected and persist…
  ☆92Updated last year
• SharokhAtaie / extractify
  A tool for extract Endpoints, URLs and Secrets from contents
  ☆69Updated 2 months ago
• 0xJin / SubCerts
  SubCerts is a simple tool that uses certificate transparency logs (via crt.sh) to extract subdomains of a given domain.
  ☆74Updated 5 months ago
• huseyinstif / Nuclei-AI-Prompts
  ☆100Updated 10 months ago
• nazmul-ethi / Bypass-Four03
  Bypass-Four03 is a powerful bash tool designed to help testers bypass HTTP 403 forbidden errors through various path and header manipulat…
  ☆164Updated 7 months ago
• rix4uni / WordList
  Custom wordlist, updated regularly
  ☆122Updated 2 weeks ago
• TheHermione / DorkFinder
  Automatic tool to find Google Dorks
  ☆36Updated last year
• seed1337 / CVE-2024-24919-POC
  ☆47Updated last year
• nu11pointer / fuzzlists
  A collection of useful lists for Penetration Testing & Bug Bounty - Content Discovery, Payloads, Variables, Sandbox Escaping, etc
  ☆102Updated 9 months ago
• HernanRodriguez1 / SQLi_Sleeps
  ☆124Updated 4 months ago