Alternatives and similar repositories for proto-find

Users that are interested in proto-find are comparing it to the libraries listed below

• kleiton0x00 / ppmap

  View on GitHub
  A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.
  ☆519Jun 22, 2022Updated 3 years ago
• sAjibuu / Burp_Collector

  View on GitHub
  A Multi-Processing Tool for collecting and extracting information to an Excel file from a Burp Suite output file.
  ☆10Apr 8, 2024Updated last year
• Lupin-Holmes / sandwich

  View on GitHub
  ☆78Mar 26, 2024Updated last year
• projectmonke / shortnameguesser

  View on GitHub
  A tool to guess the rest of the shortnames provided by vulnerable IIS instances.
  ☆42Aug 12, 2023Updated 2 years ago
• BlackFan / cspp-tools

  View on GitHub
  Client-Side Prototype Pollution Tools
  ☆86Sep 21, 2021Updated 4 years ago
• 0xDexter0us / Scavenger

  View on GitHub
  Burp extension to create target specific and tailored wordlist from burp history.
  ☆255Dec 8, 2021Updated 4 years ago
• defparam / haptyc

  View on GitHub
  ☆95Sep 18, 2021Updated 4 years ago
• ethicalhackingplayground / tprox

  View on GitHub
  TProx is a fast reverse proxy path traversal detector and directory bruteforcer.
  ☆30Sep 16, 2021Updated 4 years ago
• hisxo / JSpector

  View on GitHub
  A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues
  ☆373Jul 25, 2023Updated 2 years ago
• daffainfo / all-about-apikey

  View on GitHub
  Detailed information about API key / OAuth token (Description, Request, Response, Regex, Example)
  ☆287Sep 26, 2023Updated 2 years ago
• honoki / burp-pac-server

  View on GitHub
  Generate a dynamic PAC script that will route traffic to your Burp proxy only if it matches the scope defined in your Burp target.
  ☆34Nov 8, 2021Updated 4 years ago
• riramar / h2rs

  View on GitHub
  Detects request smuggling via HTTP/2 downgrades.
  ☆94Jul 30, 2022Updated 3 years ago
• yavolo / eventlistener-xss-recon

  View on GitHub
  ☆148Dec 23, 2022Updated 3 years ago
• akincibor / 403-bypass

  View on GitHub
  Enhanced 403 bypass header
  ☆21Sep 12, 2022Updated 3 years ago
• KathanP19 / protoscan

  View on GitHub
  Prototype Pollution Scanner
  ☆138Apr 11, 2021Updated 4 years ago
• PalindromeLabs / STEWS

  View on GitHub
  A Security Tool for Enumerating WebSockets
  ☆366Jan 10, 2022Updated 4 years ago
• silentsignal / burp-piper

  View on GitHub
  Piper Burp Suite Extender plugin
  ☆129Jan 14, 2026Updated last month
• assetnote / batchql

  View on GitHub
  GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations
  ☆404Dec 24, 2022Updated 3 years ago
• defparam / tiscripts

  View on GitHub
  Turbo Intruder Scripts
  ☆228Jun 11, 2020Updated 5 years ago
• ambalabanov / cswsh-scanner

  View on GitHub
  Scanner for Cross-Site WebSocket Hijacking
  ☆42Jul 31, 2020Updated 5 years ago
• bp0lr / wurl

  View on GitHub
  A tool to test working urls.
  ☆43Nov 17, 2020Updated 5 years ago
• ameenmaali / qsinject

  View on GitHub
  qsinject (Query String Inject) is a tool that allows you to quickly substitute query string values with regex matches, one-at-a-time.
  ☆30May 6, 2020Updated 5 years ago
• tomnomnom / burl

  View on GitHub
  A Broken-URL Checker
  ☆82Nov 2, 2017Updated 8 years ago
• ferreiraklet / nilo

  View on GitHub
  Responser
  ☆55Apr 18, 2022Updated 3 years ago
• n0psn0ps / FernbachAPI

  View on GitHub
  Fernbach is a vulnerable API written in the Flask micro web framework. The intent of this API is for testing the OWASP top ten vulnerabil…
  ☆30Feb 4, 2022Updated 4 years ago
• ferreiraklet / Jeeves

  View on GitHub
  Jeeves SQLI Finder
  ☆218May 13, 2022Updated 3 years ago
• hahwul / authz0

  View on GitHub
  🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.
  ☆427Updated this week
• hoodoer / postBasedXSS

  View on GitHub
  Demo of various ways to exploit post based reflected XSS
  ☆18Jul 6, 2023Updated 2 years ago
• RealLinkers / cookieless

  View on GitHub
  ☆27Mar 18, 2020Updated 5 years ago
• KaanBicaklar / nuclei-MonaCodeScanner

  View on GitHub
  Nuclei templates for source code analysis. Detects hardcoded secrets, config leaks, debug endpoints. Also helps identify OWASP Top 10 iss…
  ☆82Jun 11, 2025Updated 8 months ago
• 0xAwali / UnkeyInput

  View on GitHub
  ☆18Jul 21, 2025Updated 6 months ago
• forcesunseen / graphquail

  View on GitHub
  Burp Suite extension that offers a toolkit for testing GraphQL endpoints.
  ☆205Aug 5, 2024Updated last year
• vavkamil / wp-update-confusion

  View on GitHub
  WordPress Plugin Update Confusion
  ☆67Dec 7, 2021Updated 4 years ago
• hakluke / hakfindinternaldomains

  View on GitHub
  Feed it a list of subdomains, it will resolve them and tell you which ones are internal
  ☆93Nov 21, 2021Updated 4 years ago
• gwen001 / gitlab-subdomains

  View on GitHub
  Find subdomains on GitLab.
  ☆104Apr 28, 2024Updated last year
• riramar / h2csmuggler-proxy

  View on GitHub
  This script just implement a proxy over h2cSmuggler so you can navigate in your browser making requests to the back-end server.
  ☆36May 14, 2022Updated 3 years ago
• bp0lr / dmut

  View on GitHub
  A tool to perform permutations, mutations and alteration of subdomains in golang.
  ☆155Nov 24, 2023Updated 2 years ago
• MayankPandey01 / Jira-Lens

  View on GitHub
  Fast and customizable vulnerability scanner For JIRA written in Python
  ☆344Dec 31, 2024Updated last year
• dwisiswant0 / huntr-hacktivity

  View on GitHub
  huntr.dev public disclosures/hacktivity watcher
  ☆16Nov 5, 2023Updated 2 years ago