lc / subjs

Related projects ⓘ

Alternatives and complementary repositories for subjs

• tomnomnom / qsreplace
  Accept URLs on stdin, replace all query string values with a user-supplied value
  ☆767Updated last year
• KathanP19 / JSFScan.sh
  Automation for javascript recon in bug bounty.
  ☆900Updated last year
• AlephNullSK / dnsgen
  Generates combination of domain names from the provided input.
  ☆901Updated 4 months ago
• KathanP19 / Gxss
  A tool to check a bunch of URLs that contain reflecting params.
  ☆536Updated 3 months ago
• honoki / bbrf-client
  The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices
  ☆615Updated this week
• 1ndianl33t / Gf-Patterns
  GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep
  ☆1,218Updated 2 months ago
• projectdiscovery / chaos-client
  Go client to communicate with Chaos DB API.
  ☆641Updated this week
• assetnote / commonspeak2-wordlists
  Wordlists that have been compiled using Commonspeak2. This repo is updated every time new wordlists are generated.
  ☆524Updated 6 years ago
• devanshbatham / OpenRedireX
  A fuzzer for detecting open redirect vulnerabilities
  ☆712Updated 4 months ago
• robre / jsmon
  a javascript change monitoring tool for bugbounties
  ☆589Updated 3 months ago
• tomnomnom / fff
  The Fairly Fast Fetcher. Requests a bunch of URLs provided on stdin fairly quickly.
  ☆387Updated 7 months ago
• jaeles-project / jaeles-signatures
  Default signature for Jaeles Scanner
  ☆319Updated 2 years ago
• Emoe / kxss
  This a adaption of tomnomnom's kxss tool with a different output format
  ☆426Updated last year
• cujanovic / Open-Redirect-Payloads
  Open Redirect Payloads
  ☆583Updated last month
• hakluke / hakcheckurl
  Takes a list of URLs and returns their HTTP response codes
  ☆391Updated last year
• devanshbatham / FavFreak
  Making Favicon.ico based Recon Great again !
  ☆1,127Updated last year
• ayoubfathi / leaky-paths
  A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..e…
  ☆935Updated 4 months ago
• ghsec / webHunt
  Web App bug hunting
  ☆553Updated 5 months ago
• zricethezav / h1domains
  HackerOne "in scope" domains
  ☆400Updated this week
• assetnote / blind-ssrf-chains
  An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability
  ☆804Updated 2 years ago
• 003random / getJS
  A tool to fastly get all javascript sources/files
  ☆712Updated 3 months ago
• harsh-bothra / Bheem
  ☆367Updated 3 years ago
• xm1k3 / cent
  Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one pl…
  ☆876Updated 5 months ago
• ksharinarayanan / SSRFire
  An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects
  ☆944Updated 2 years ago
• Josue87 / gotator
  Gotator is a tool to generate DNS wordlists through permutations.
  ☆457Updated 2 years ago
• mhmdiaa / second-order
  Second-order subdomain takeover scanner
  ☆377Updated last year
• s0md3v / uro
  declutters url lists for crawling/pentesting
  ☆1,203Updated 2 weeks ago
• kleiton0x00 / ppmap
  A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.
  ☆496Updated 2 years ago
• assetnote / commonspeak2
  Leverages publicly available datasets from Google BigQuery to generate content discovery and subdomain wordlists
  ☆695Updated last year
• ameenmaali / urldedupe
  Pass in a list of URLs with query strings, get back a unique list of URLs and query string combinations
  ☆338Updated 4 years ago