Alternatives and similar repositories for HostileSubBruteforcer

Users that are interested in HostileSubBruteforcer are comparing it to the libraries listed below

• JordyZomer / autoSubTakeover

  View on GitHub
  A tool used to check if a CNAME resolves to the scope address. If the CNAME resolves to a non-scope address it might be worth checking ou…
  ☆135Aug 14, 2023Updated 2 years ago
• anshumanbh / tko-subs

  View on GitHub
  A tool that can help detect and takeover subdomains with dead DNS records
  ☆773Jan 3, 2021Updated 5 years ago
• GoSecure / ysoserial

  View on GitHub
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆47Mar 22, 2017Updated 8 years ago
• JacobReynolds / ssrfDetector

  View on GitHub
  Server-side request forgery detector
  ☆164Jun 26, 2017Updated 8 years ago
• jobertabma / ground-control

  View on GitHub
  A collection of scripts that run on my web server. Mainly for debugging SSRF, blind XSS, and XXE vulnerabilities.
  ☆550Jun 12, 2017Updated 8 years ago
• TheHackerDev / race-the-web

  View on GitHub
  Tests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.
  ☆628Mar 18, 2022Updated 3 years ago
• RUB-NDS / CORStest

  View on GitHub
  A simple CORS misconfiguration scanner
  ☆423Aug 14, 2020Updated 5 years ago
• mazen160 / bfac

  View on GitHub
  BFAC (Backup File Artifacts Checker): An automated tool that checks for backup artifacts that may disclose the web-application's source c…
  ☆562Aug 25, 2022Updated 3 years ago
• guelfoweb / knock

  View on GitHub
  Knock Subdomain Scan
  ☆4,131Oct 26, 2025Updated 3 months ago
• ZephrFish / GoogD0rker

  View on GitHub
  Note: Going through a full re-write of the tooling so the current versions in the repo do not work!
  ☆416May 18, 2020Updated 5 years ago
• BuffaloWill / oxml_xxe

  View on GitHub
  A tool for embedding XXE/XML exploits into different filetypes
  ☆1,129Dec 16, 2024Updated last year
• nahamsec / JSParser

  View on GitHub
  ☆834Nov 13, 2023Updated 2 years ago
• maK- / parameth

  View on GitHub
  This tool can be used to brute discover GET and POST parameters
  ☆1,390Aug 24, 2019Updated 6 years ago
• anshumanbh / brutesubs

  View on GitHub
  An automation framework for running multiple open sourced subdomain bruteforcing tools (in parallel) using your own wordlists via Docker …
  ☆260Aug 22, 2021Updated 4 years ago
• RedSiege / EyeWitness

  View on GitHub
  EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
  ☆5,638Jan 5, 2026Updated last month
• infosec-au / altdns

  View on GitHub
  Generates permutations, alterations and mutations of subdomains and then resolves them
  ☆2,468Jan 9, 2025Updated last year
• blechschmidt / massdns

  View on GitHub
  A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
  ☆3,528Jul 21, 2025Updated 6 months ago
• Ice3man543 / SubOver

  View on GitHub
  A Powerful Subdomain Takeover Tool
  ☆962Oct 17, 2023Updated 2 years ago
• nahamsec / lazyrecon

  View on GitHub
  This script is intended to automate your reconnaissance process in an organized fashion
  ☆2,007Aug 19, 2021Updated 4 years ago
• mandatoryprogrammer / cloudflare_enum

  View on GitHub
  Cloudflare DNS Enumeration Tool for Pentesters
  ☆524Aug 6, 2022Updated 3 years ago
• nahamsec / recon_profile

  View on GitHub
  ☆435Dec 2, 2022Updated 3 years ago
• jhaddix / domain

  View on GitHub
  Setup script for Regon-ng
  ☆936Nov 17, 2020Updated 5 years ago
• jobertabma / virtual-host-discovery

  View on GitHub
  A script to enumerate virtual hosts on a server.
  ☆691Dec 28, 2017Updated 8 years ago
• haccer / subjack

  View on GitHub
  Subdomain Takeover tool written in Go
  ☆2,026Aug 13, 2023Updated 2 years ago
• debasishm89 / burpy

  View on GitHub
  Portable and flexible web application security assessment tool.It parses Burp Suite log and performs various tests depending on the modul…
  ☆123Apr 4, 2018Updated 7 years ago
• jobertabma / relative-url-extractor

  View on GitHub
  A small tool that extracts relative URLs from a file.
  ☆767Sep 23, 2020Updated 5 years ago
• EdOverflow / can-i-take-over-xyz

  View on GitHub
  "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
  ☆5,550Feb 8, 2025Updated last year
• D35m0nd142 / LFISuite

  View on GitHub
  Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner
  ☆1,910Apr 13, 2022Updated 3 years ago
• enjoiz / XXEinjector

  View on GitHub
  Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.
  ☆1,704Dec 1, 2024Updated last year
• nahamsec / lazys3

  View on GitHub
  ☆625Feb 1, 2024Updated 2 years ago
• Plazmaz / Sublist3r

  View on GitHub
  Fast subdomains enumeration tool for penetration testers
  ☆117Feb 3, 2019Updated 7 years ago
• michenriksen / gitrob

  View on GitHub
  Reconnaissance tool for GitHub organizations
  ☆6,135Sep 20, 2022Updated 3 years ago
• aboul3la / Sublist3r

  View on GitHub
  Fast subdomains enumeration tool for penetration testers
  ☆10,802Aug 2, 2024Updated last year
• epinna / tplmap

  View on GitHub
  Server-Side Template Injection and Code Injection Detection and Exploitation Tool
  ☆4,117Apr 21, 2024Updated last year
• bugbountyforum / XSS-Radar

  View on GitHub
  ☆332Jan 8, 2018Updated 8 years ago
• michenriksen / aquatone

  View on GitHub
  A Tool for Domain Flyovers
  ☆5,897May 22, 2022Updated 3 years ago
• bugcrowd / HUNT

  View on GitHub
  ☆2,315Dec 8, 2023Updated 2 years ago
• rbsec / dnscan

  View on GitHub
  ☆1,252Dec 17, 2024Updated last year
• mandatoryprogrammer / xsshunter

  View on GitHub
  The XSS Hunter service - a portable version of XSSHunter.com
  ☆1,540Dec 7, 2022Updated 3 years ago