A tool for testing subdomain takeover possibilities at a mass scale.
☆50May 23, 2021Updated 4 years ago
Alternatives and similar repositories for takeover
Users that are interested in takeover are comparing it to the libraries listed below
Sorting:
- take a list of resolved subdomains and output any corresponding CNAMES en masse.☆18Jan 29, 2026Updated last month
- ☆11Dec 25, 2020Updated 5 years ago
- S3 bucket finder from html,js and bucket misconfiguration testing tool☆34Feb 10, 2020Updated 6 years ago
- Related subdomains finder☆28May 18, 2022Updated 3 years ago
- Suite of programs meant to aid in bug hunting and security assessments☆78Dec 29, 2019Updated 6 years ago
- Python utility to takeover domains vulnerable to AWS NS Takeover☆86Feb 2, 2023Updated 3 years ago
- get the http allowed methods for URLs list☆13Feb 22, 2021Updated 5 years ago
- Credax - Fuzzing Tool with Slack Notifications. Also removes false positive responses.☆10Oct 14, 2021Updated 4 years ago
- CRLFMap is a tool to find HTTP Splitting vulnerabilities☆32Oct 11, 2020Updated 5 years ago
- Multithreaded Plugin based vulnerability scanner for mass detection of web-based applications vulnerabilities☆127Jun 4, 2023Updated 2 years ago
- A fuzzer made in golang for finding issues like xss, lfi, rce, ssti...that detects issues using change in content length and verify it us…☆62Oct 25, 2020Updated 5 years ago
- A tools for JavaScript Recon☆24Jul 25, 2020Updated 5 years ago
- OpenBugBounty - https://www.openbugbounty.org/ programs list☆23Mar 15, 2021Updated 4 years ago
- ☆38Aug 27, 2022Updated 3 years ago
- ☆11May 15, 2020Updated 5 years ago
- Takeover subdomains using AWS dangling elastic ips and have a working POC for Subdomain Takeover.☆93Jul 9, 2025Updated 7 months ago
- Tests for SSRF by injecting a specified location into different headers. This is a Rust port of m4ll0k's tool.☆37Jul 7, 2020Updated 5 years ago
- Directory/Subdomain scanner developed in GoLang.☆48Dec 5, 2020Updated 5 years ago
- Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl and Filter Urls With OpenRedirection or SS…☆174Nov 11, 2020Updated 5 years ago
- #JavascriptRecon #bugbounty☆21Aug 18, 2021Updated 4 years ago
- Turn your VPS into an attack box☆34Mar 17, 2024Updated last year
- Blind spot is a python tool for blind injection vulnerabilities , SQLi time based , Command injection , code injection , SSTI☆27Jan 6, 2021Updated 5 years ago
- This extension provides a central location for viewing all GraphQL requests/responses within a Burp project. It provides a clean UI that …☆15Feb 24, 2022Updated 4 years ago
- ☆16May 3, 2021Updated 4 years ago
- Search for secrets inside user data attached to EC2 instances on multiple AWS accounts☆16Jun 19, 2024Updated last year
- Wraps projectdiscovery's cdncheck library to exclude CDN hosts from input passed over stdin☆45Mar 13, 2023Updated 2 years ago
- A tool to test working urls.☆43Nov 17, 2020Updated 5 years ago
- Wrapper around LinkFinder to quickly determine whether endpoints have been added/removed to JavaScript files.☆41Dec 27, 2019Updated 6 years ago
- Framework to automate Bug Bounty Reconnaissance☆43Jan 4, 2021Updated 5 years ago
- sub domain wild card filtering tool☆40Apr 18, 2020Updated 5 years ago
- Find endpoints in archived versions of robots.txt☆14Nov 21, 2019Updated 6 years ago
- Tool to extract & validate google fcm server keys from apks☆29Jan 20, 2021Updated 5 years ago
- Guide to SSRF☆74Oct 10, 2023Updated 2 years ago
- Techniques / Tips and tricks for finding sensitive data exposures in Github for Penetration Testers / Bug Bounty Hunters☆17Aug 1, 2020Updated 5 years ago
- CloudFlare Checker written in Go☆237May 12, 2024Updated last year
- BurpSuite extension to inject custom cross-site scripting payloads on every form/request submitted to detect blind XSS vulnerabilities☆118Dec 23, 2025Updated 2 months ago
- Sometimes we want to fuzz a set of sub-domain URLs with a common wordlist. Fuzzing them one by one is a tedious task, not to mention the …☆52Jul 14, 2021Updated 4 years ago
- Bash script to automate Bug Bounty Reconnaissance☆45Jan 3, 2021Updated 5 years ago
- Google Chrome Extension automates testing fundamental Web Problems via Chrome☆20Mar 18, 2021Updated 4 years ago