This Burp extension extracts various data (path, parameter keys, parameter values, subdomains, etc.) from the sitemap. This data is used to create custom wordlists for directory/dns/parameter brute-forcing.
☆45Sep 9, 2021Updated 4 years ago
Alternatives and similar repositories for Burp-Wordlist-Generator
Users that are interested in Burp-Wordlist-Generator are comparing it to the libraries listed below
Sorting:
- ☆20Apr 5, 2023Updated 2 years ago
- zwatcher is a lightweight bash script for monitoring sub/domains or a list of sub/domains and javascript files. It compares HTTP status c…☆21Nov 23, 2025Updated 3 months ago
- Automated GitHub secret scanning with smart alerting & monitoring.☆30Jan 15, 2026Updated last month
- ☆15May 6, 2023Updated 2 years ago
- ☆15Feb 6, 2025Updated last year
- A fast tool to scan SAAS,PAAS App written in Go☆84Feb 13, 2023Updated 3 years ago
- ShoLister is a tool that collects all available subdomains for specific hostname or organization from Shodan. The tool is designed to be …☆60May 10, 2022Updated 3 years ago
- ☆20Aug 19, 2024Updated last year
- Simple tool to send the json output from HTTPX to BBRF☆11Mar 30, 2023Updated 2 years ago
- Like DLP☆11Jan 27, 2025Updated last year
- HTTP testing platform for security researchers☆20Updated this week
- Automation of KNOXSS extension.☆11Apr 12, 2019Updated 6 years ago
- Reads in a list of domains or subdomains and crawls them for references to S3 buckets☆10Nov 21, 2023Updated 2 years ago
- ☆85Sep 24, 2024Updated last year
- uforall is a fast url crawler this tool crawl all URLs number of different sources, alienvault,WayBackMachine,urlscan,commoncrawl☆52Nov 3, 2025Updated 4 months ago
- A lightweight version of my bug bounty hunting framework designed to be run on Synack's LP+ machines.☆12Jul 11, 2023Updated 2 years ago
- Browser extension that finds HTML comments.☆12Aug 8, 2024Updated last year
- A CLI utility to scan S3 buckets permissions☆14May 14, 2023Updated 2 years ago
- There is my vuln POC and EXP. Some of POC were collected, most of POC and EXP were written by myself.☆13May 28, 2022Updated 3 years ago
- Automated tool for domains & subdomains gathering☆191Jan 30, 2026Updated last month
- All-in Fuzzer. Burp suite extension for auto fuzzing params, headers, body☆36Dec 13, 2025Updated 2 months ago
- ☆11Apr 8, 2024Updated last year
- CORSER is a Golang CLI Application for Advanced CORS Misconfiguration Detection☆60Oct 26, 2024Updated last year
- Nuclei templates which I wrote myself☆10Jan 8, 2022Updated 4 years ago
- IIS shortname scanner + bruteforce☆55Feb 18, 2024Updated 2 years ago
- A basic tool to check for XSS vulnerabilities. It takes a list of URLs and checks if the parameter values appear in the response.☆30Jul 30, 2024Updated last year
- Crawlex is a powerful Chrome extension designed to assist bug bounty hunters in their work by enabling easy crawling of all possible URLs…☆12May 28, 2023Updated 2 years ago
- Bash script to extract data from the Waybackmachine☆11Mar 15, 2021Updated 4 years ago
- A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues☆374Jul 25, 2023Updated 2 years ago
- DepFine Is a tool to find the unregistered dependency based on dependency confusion valunerablility and lead to RCE☆27Nov 28, 2021Updated 4 years ago
- Scripts and other stuff.☆132Nov 22, 2023Updated 2 years ago
- Multithreading loop fuzzing with `ffuf` into your subdomains list with unique results☆31May 12, 2024Updated last year
- ☆12Jan 30, 2025Updated last year
- ♥☆177Sep 7, 2025Updated 6 months ago
- Golang tool which helps dropping the irrelevant entries from your ffuf result file.☆141Sep 16, 2024Updated last year
- ☆18May 18, 2025Updated 9 months ago
- Dorks for Bug Bounty Hunting☆187Jul 16, 2024Updated last year
- Ffuf output browser☆39Feb 25, 2023Updated 3 years ago
- ☆29Dec 13, 2023Updated 2 years ago