ldcvanderpoel / Burp-Wordlist-GeneratorView external linksLinks
This Burp extension extracts various data (path, parameter keys, parameter values, subdomains, etc.) from the sitemap. This data is used to create custom wordlists for directory/dns/parameter brute-forcing.
☆43Sep 9, 2021Updated 4 years ago
Alternatives and similar repositories for Burp-Wordlist-Generator
Users that are interested in Burp-Wordlist-Generator are comparing it to the libraries listed below
Sorting:
- ☆20Apr 5, 2023Updated 2 years ago
- zwatcher is a lightweight bash script for monitoring sub/domains or a list of sub/domains and javascript files. It compares HTTP status c…☆21Nov 23, 2025Updated 2 months ago
- Automated GitHub secret scanning with smart alerting & monitoring.☆29Jan 15, 2026Updated last month
- ☆15May 6, 2023Updated 2 years ago
- ☆15Feb 6, 2025Updated last year
- A fast tool to scan SAAS,PAAS App written in Go☆84Feb 13, 2023Updated 3 years ago
- ShoLister is a tool that collects all available subdomains for specific hostname or organization from Shodan. The tool is designed to be …☆60May 10, 2022Updated 3 years ago
- ☆20Aug 19, 2024Updated last year
- Automation of KNOXSS extension.☆11Apr 12, 2019Updated 6 years ago
- Simple tool to send the json output from HTTPX to BBRF☆11Mar 30, 2023Updated 2 years ago
- Reads in a list of domains or subdomains and crawls them for references to S3 buckets☆10Nov 21, 2023Updated 2 years ago
- Like DLP☆11Jan 27, 2025Updated last year
- HTTP testing platform for security researchers☆19Jan 14, 2026Updated last month
- ☆85Sep 24, 2024Updated last year
- uforall is a fast url crawler this tool crawl all URLs number of different sources, alienvault,WayBackMachine,urlscan,commoncrawl☆52Nov 3, 2025Updated 3 months ago
- There is my vuln POC and EXP. Some of POC were collected, most of POC and EXP were written by myself.☆13May 28, 2022Updated 3 years ago
- Browser extension that finds HTML comments.☆12Aug 8, 2024Updated last year
- A lightweight version of my bug bounty hunting framework designed to be run on Synack's LP+ machines.☆12Jul 11, 2023Updated 2 years ago
- A CLI utility to scan S3 buckets permissions☆14May 14, 2023Updated 2 years ago
- Automated tool for domains & subdomains gathering☆191Jan 30, 2026Updated 2 weeks ago
- All-in Fuzzer. Burp suite extension for auto fuzzing params, headers, body☆36Dec 13, 2025Updated 2 months ago
- CORSER is a Golang CLI Application for Advanced CORS Misconfiguration Detection☆60Oct 26, 2024Updated last year
- IIS shortname scanner + bruteforce☆54Feb 18, 2024Updated last year
- ☆11Apr 8, 2024Updated last year
- A basic tool to check for XSS vulnerabilities. It takes a list of URLs and checks if the parameter values appear in the response.☆30Jul 30, 2024Updated last year
- Bash script to extract data from the Waybackmachine☆11Mar 15, 2021Updated 4 years ago
- Crawlex is a powerful Chrome extension designed to assist bug bounty hunters in their work by enabling easy crawling of all possible URLs…☆12May 28, 2023Updated 2 years ago
- A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues☆373Jul 25, 2023Updated 2 years ago
- DepFine Is a tool to find the unregistered dependency based on dependency confusion valunerablility and lead to RCE☆27Nov 28, 2021Updated 4 years ago
- Scripts and other stuff.☆132Nov 22, 2023Updated 2 years ago
- Multithreading loop fuzzing with `ffuf` into your subdomains list with unique results☆31May 12, 2024Updated last year
- Golang tool which helps dropping the irrelevant entries from your ffuf result file.☆141Sep 16, 2024Updated last year
- ♥☆176Sep 7, 2025Updated 5 months ago
- ☆12Jan 30, 2025Updated last year
- ☆18May 18, 2025Updated 8 months ago
- Dorks for Bug Bounty Hunting☆187Jul 16, 2024Updated last year
- Ffuf output browser☆39Feb 25, 2023Updated 2 years ago
- Gathers urls from common crawl☆35Nov 9, 2019Updated 6 years ago
- ☆29Dec 13, 2023Updated 2 years ago