ldcvanderpoel / Burp-Wordlist-Generator
This Burp extension extracts various data (path, parameter keys, parameter values, subdomains, etc.) from the sitemap. This data is used to create custom wordlists for directory/dns/parameter brute-forcing.
☆34Updated 3 years ago
Alternatives and similar repositories for Burp-Wordlist-Generator:
Users that are interested in Burp-Wordlist-Generator are comparing it to the libraries listed below
- This tool checks if the given Url/File has Swagger Ui, That can be tested later..☆35Updated 2 years ago
- ☆33Updated 2 years ago
- DepFine Is a tool to find the unregistered dependency based on dependency confusion valunerablility and lead to RCE☆28Updated 3 years ago
- ☆16Updated 3 months ago
- A collection of useful grep patterns and tools by Tomnomnom for extracting specific values from text.☆45Updated last month
- Burp-suite Extension For finding .map files☆46Updated last year
- Repo containing walkthroughs to possibly pwn Admin Panels and Exposed Consoles☆17Updated 7 months ago
- Legitimate bug bounty programs value ethical practices and provide clear rewards to researchers for identifying security flaws☆36Updated 7 months ago
- ☆95Updated 2 years ago
- A collection of awesome one-liner scripts especially for bug bounty tips.☆10Updated 3 years ago
- ☆24Updated 10 months ago
- My custom created nuclei for SQLi, bugbounty, pentesting☆25Updated 7 months ago
- ☆7Updated last year
- ☆95Updated 3 years ago
- All About BB☆13Updated 4 years ago
- It grep subdomains, email/username, build custom wordlist etc from gau results☆48Updated 2 years ago
- ☆17Updated last year
- Some wordlists collected form github to all bug bounty hunters.☆30Updated 3 years ago
- Automated blind-xss search for Burp Suite☆23Updated 3 years ago
- Simple tool to gather domains from crt.sh using the organization name☆100Updated 3 years ago
- BetterBugBounty - Here tools are classic, bugs are hunted, and nostalgia is the ultimate weapon!☆29Updated last year
- Authorization-Nuclei-Templates☆39Updated 7 months ago
- JSSCM detects expired domains for Stored XSS exploitation during browsing.☆44Updated last month
- ☆32Updated 4 years ago
- XSS payloads for bypassing WAF. This repository is updating continuously.☆10Updated 3 years ago
- ☆69Updated 7 months ago
- ☆34Updated 4 years ago
- Tool for collect subdomains from different websites but the unique in tool collect subdomains from subdomainfinder.c99 and collect all su…☆26Updated 2 years ago
- IIS shortname scanner + bruteforce☆52Updated last year
- ☆133Updated 3 years ago