Alternatives and similar repositories for scripts:

Users that are interested in scripts are comparing it to the libraries listed below

• eur0pa / tko-subs
  A tool that can help detect and takeover subdomains with dead DNS records
  ☆12Updated 6 years ago
• gwen001 / testxss
  PHP tool to test XSS
  ☆23Updated 5 years ago
• cornerpirate / iRecon
  Of the thousands of lazy reconnaissance scripts, this one is by far the one in this repository.
  ☆11Updated 3 years ago
• MrTaherAmine / pentest-management
  Simple webinterface combining different recon tools.
  ☆12Updated 6 years ago
• the-bumble / Burp-Scanner-OOB-Checks
  This is a Burp extension for adding additional payloads to active scanner that require out-of-band validation. Works great with XSSHunter
  ☆20Updated 8 years ago
• cosmoscrew / gomassdns
  A better dns bruteforcer written in golang
  ☆13Updated 6 years ago
• BountyMachine / about
  A central place to keep track of relevant BountyMachine talks, blogs, and interesting things!
  ☆33Updated 6 years ago
• rojan-rijal / ReconUI
  Alpha version code of Recon UI
  ☆14Updated 6 years ago
• silentsignal / ActiveScan3Plus
  Modified version of ActiveScan++ Burp Suite extension
  ☆31Updated 8 years ago
• Den1al / pymassdns
  A Pythonic wrapper to MassDNS
  ☆24Updated 6 years ago
• PortSwigger / burp-smart-buster
  A Burp Suite content discovery plugin that add the smart into the Buster!
  ☆31Updated 7 years ago
• eur0pa / goGetBucket
  A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.
  ☆27Updated 6 years ago
• smiegles / certs
  Parse X509 certificates to get the (sub)domains in it.
  ☆28Updated 6 years ago
• NetSPI / crossdomainscanner
  Python tool for expired domain discovery in crossdomain.xml files
  ☆23Updated 7 years ago
• MohitDabas / sastgriper
  A simple grep user interface for searching code which can be used for SAST.
  ☆8Updated 5 years ago
• ShadowHatesYou / whori.sh
  Zone transfers for rwhois
  ☆20Updated 5 years ago
• OpenSecurityResearch / CustomPassiveScanner
  A Custom Scanner for Burp
  ☆30Updated 10 years ago
• PortSwigger / detect-dynamic-js
  The DetectDynamicJS Burp Extension provides an additional passive scanner that tries to find differing content in JavaScript files and ai…
  ☆13Updated 6 years ago
• random-robbie / aquatone-docker
  Docker Version of Aquatone
  ☆13Updated 6 years ago
• laconicwolf / cors-scanner
  A multi-threaded scanner that helps identify CORS flaws/misconfigurations
  ☆19Updated 5 years ago
• Damian89 / extended-baserequest-importer
  Scan and import relevant requests directly to burp!
  ☆9Updated 5 years ago
• snyff / oauthsecurity
  OAuth Security Cheatsheet
  ☆39Updated 10 years ago
• 4ARMED / terraform-burp-collaborator
  Terraform configuration to build a Burp Private Collaborator Server
  ☆25Updated 7 years ago
• lavalamp- / content-discovery-hit-lists
  This repository contains hit lists to use for web application content discovery.
  ☆11Updated 7 years ago
• Cillian-Collins / Recon
  The Recon scanning tool scans websites for open files & directories specified in the custom config file. Default server configuration fil…
  ☆15Updated 6 years ago
• securityidiots / vhost_buster
  A simple tool with the power of "Go" to find the hidden Vhosts defined at the server.
  ☆18Updated 6 years ago
• adityaks / sparty
  Sparty - MS Sharepoint and Frontpage Auditing Tool
  ☆31Updated 10 years ago
• shieldfy / AVWA
  Advanced Vulnerable Web Application (AVWA)
  ☆14Updated 7 years ago
• infosec-au / webappsec-toolkit
  Web Application Security related tools. Includes backdoors, proof of concepts and tricks
  ☆37Updated 10 years ago
• grutz / squirtle
  Squirtle the Browser-based NTLM Attack Toolkit
  ☆18Updated 9 years ago