mandatoryprogrammer/xsshunter

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/mandatoryprogrammer/xsshunter)

mandatoryprogrammer / xsshunter

The XSS Hunter service - a portable version of XSSHunter.com

☆1,541

Alternatives and similar repositories for xsshunter

Users that are interested in xsshunter are comparing it to the libraries listed below

Sorting:

maK- / parameth
View on GitHub
This tool can be used to brute discover GET and POST parameters
☆1,393Aug 24, 2019Updated 6 years ago
ssl / ezXSS
View on GitHub
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
☆2,244Jan 8, 2026Updated last month
mandatoryprogrammer / xsshunter_client
View on GitHub
Correlated injection proxy tool for XSS Hunter
☆260Dec 26, 2022Updated 3 years ago
EdOverflow / can-i-take-over-xyz
View on GitHub
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
☆5,565Feb 8, 2025Updated last year
michenriksen / aquatone
View on GitHub
A Tool for Domain Flyovers
☆5,906May 22, 2022Updated 3 years ago
infosec-au / altdns
View on GitHub
Generates permutations, alterations and mutations of subdomains and then resolves them
☆2,474Jan 9, 2025Updated last year
mandatoryprogrammer / xsshunter-express
View on GitHub
An easy-to-setup version of XSS Hunter. Sets up in five minutes and requires no maintenance!
☆2,257Mar 7, 2024Updated last year
GerbenJavado / LinkFinder
View on GitHub
A python script that finds endpoints in JavaScript files
☆4,286Apr 13, 2024Updated last year
epinna / tplmap
View on GitHub
Server-Side Template Injection and Code Injection Detection and Exploitation Tool
☆4,120Apr 21, 2024Updated last year
blechschmidt / massdns
View on GitHub
A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
☆3,541Jul 21, 2025Updated 7 months ago
bugcrowd / HUNT
View on GitHub
☆2,316Dec 8, 2023Updated 2 years ago
cujanovic / SSRF-Testing
View on GitHub
SSRF (Server Side Request Forgery) testing resources
☆2,483Oct 12, 2024Updated last year
RedSiege / EyeWitness
View on GitHub
EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
☆5,644Jan 5, 2026Updated last month
s0md3v / Arjun
View on GitHub
HTTP parameter discovery suite.
☆6,091Feb 20, 2025Updated last year
mandatoryprogrammer / cloudflare_enum
View on GitHub
Cloudflare DNS Enumeration Tool for Pentesters
☆523Aug 6, 2022Updated 3 years ago
haccer / subjack
View on GitHub
Subdomain Takeover tool written in Go
☆2,028Aug 13, 2023Updated 2 years ago
jhaddix / tbhm
View on GitHub
The Bug Hunters Methodology
☆4,242Aug 1, 2023Updated 2 years ago
Ice3man543 / SubOver
View on GitHub
A Powerful Subdomain Takeover Tool
☆963Oct 17, 2023Updated 2 years ago
EdOverflow / bugbounty-cheatsheet
View on GitHub
A list of interesting payloads, tips and tricks for bug bounty hunters.
☆6,379Sep 14, 2023Updated 2 years ago
LewisArdern / bXSS
View on GitHub
bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
☆566Mar 4, 2023Updated 2 years ago
jhaddix / domain
View on GitHub
Setup script for Regon-ng
☆938Nov 17, 2020Updated 5 years ago
streaak / keyhacks
View on GitHub
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
☆6,075Aug 14, 2024Updated last year
jobertabma / ground-control
View on GitHub
A collection of scripts that run on my web server. Mainly for debugging SSRF, blind XSS, and XXE vulnerabilities.
☆550Jun 12, 2017Updated 8 years ago
0xSobky / HackVault
View on GitHub
A container repository for my public web hacks!
☆2,018Oct 12, 2022Updated 3 years ago
1N3 / IntruderPayloads
View on GitHub
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…
☆3,901Sep 27, 2021Updated 4 years ago
lc / gau
View on GitHub
Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
☆4,837Jan 1, 2025Updated last year
sa7mon / S3Scanner
View on GitHub
Scan for misconfigured S3 buckets across S3-compatible APIs!
☆2,997Dec 11, 2025Updated 2 months ago
enjoiz / XXEinjector
View on GitHub
Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.
☆1,710Dec 1, 2024Updated last year
wagiro / BurpBounty
View on GitHub
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…
☆1,773Apr 26, 2024Updated last year
aboul3la / Sublist3r
View on GitHub
Fast subdomains enumeration tool for penetration testers
☆10,830Aug 2, 2024Updated last year
swisskyrepo / SSRFmap
View on GitHub
Automatic SSRF fuzzer and exploitation tool
☆3,487Sep 4, 2025Updated 5 months ago
tomnomnom / waybackurls
View on GitHub
Fetch all the URLs that the Wayback Machine knows about for a domain
☆4,330May 1, 2024Updated last year
nahamsec / lazyrecon
View on GitHub
This script is intended to automate your reconnaissance process in an organized fashion
☆2,014Aug 19, 2021Updated 4 years ago
guelfoweb / knockpy
View on GitHub
Knock Subdomain Scan
☆4,134Feb 19, 2026Updated last week
mandatoryprogrammer / xssless
View on GitHub
An automated XSS payload generator written in python.
☆314Jun 2, 2016Updated 9 years ago
s0md3v / XSStrike
View on GitHub
Most advanced XSS scanner.
☆14,773Apr 26, 2025Updated 10 months ago
hahwul / dalfox
View on GitHub
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
☆4,851Updated this week
tomnomnom / meg
View on GitHub
Fetch many paths for many hosts - without killing the hosts
☆1,693Feb 3, 2024Updated 2 years ago
nahamsec / JSParser
View on GitHub
☆830Nov 13, 2023Updated 2 years ago