narfindustries/http-garden external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

narfindustries/http-garden

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/narfindustries/http-garden)

Close

narfindustries / http-gardenView on GitHubMore

• External links
• Readme badge

Differential testing framework for HTTP implementations

☆929Jan 21, 2026Updated 2 months ago

Alternatives and similar repositories for http-garden

Users that are interested in http-garden are comparing it to the libraries listed below

• kevin-mizu / domloggerpp

  View on GitHub
  A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.
  ☆778Dec 9, 2025Updated 3 months ago
• 0xacb / recollapse

  View on GitHub
  REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications
  ☆1,297Aug 7, 2025Updated 7 months ago
• AethliosIK / reset-tolkien

  View on GitHub
  Unsecure time-based secret exploitation and Sandwich attack implementation Resources
  ☆148Dec 9, 2024Updated last year
• BishopFox / jsluice

  View on GitHub
  Extract URLs, paths, secrets, and other interesting bits from JavaScript
  ☆1,782May 22, 2024Updated last year
• avlidienbrunn / archivealchemist

  View on GitHub
  Archive Alchemist is a tool for creating specially crafted archives to test extraction vulnerabilities.
  ☆227Jul 24, 2025Updated 7 months ago
• assetnote / surf

  View on GitHub
  Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …
  ☆755Dec 19, 2023Updated 2 years ago
• sw33tLie / bbscope

  View on GitHub
  Scope aggregation tool for HackerOne, Bugcrowd, Intigriti, YesWeHack, and Immunefi!
  ☆1,337Mar 5, 2026Updated 2 weeks ago
• fransr / postMessage-tracker

  View on GitHub
  A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon
  ☆1,296Jan 26, 2024Updated 2 years ago
• Moopinger / smugglefuzz

  View on GitHub
  A rapid HTTP downgrade smuggling scanner written in Go.
  ☆313May 16, 2024Updated last year
• 0x999-x / jsluicepp

  View on GitHub
  jsluice++ is a Burp Suite extension designed for passive and active scanning of JavaScript traffic using the CLI tool jsluice
  ☆293Apr 9, 2024Updated last year
• BishopFox / sj

  View on GitHub
  A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.
  ☆795Updated this week
• BlackFan / client-side-prototype-pollution

  View on GitHub
  Prototype Pollution and useful Script Gadgets
  ☆1,601Jan 27, 2024Updated 2 years ago
• KTH-LangSec / server-side-prototype-pollution

  View on GitHub
  A collection of Server-Side Prototype Pollution gadgets and exploits
  ☆228Feb 6, 2025Updated last year
• defparam / smuggler

  View on GitHub
  Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3
  ☆2,063Jan 2, 2024Updated 2 years ago
• bitquark / shortscan

  View on GitHub
  An IIS short filename enumeration tool
  ☆1,131Nov 25, 2024Updated last year
• assetnote / nowafpls

  View on GitHub
  Burp Plugin to Bypass WAFs through the insertion of Junk Data
  ☆1,428Jul 14, 2025Updated 8 months ago
• nikitastupin / clairvoyance

  View on GitHub
  Obtain GraphQL API schema even if the introspection is disabled
  ☆1,407Dec 5, 2025Updated 3 months ago
• BlackFan / content-type-research

  View on GitHub
  Content-Type Research
  ☆658Jun 29, 2025Updated 8 months ago
• g0ldencybersec / gungnir

  View on GitHub
  CT Log Scanner
  ☆526Dec 26, 2025Updated 2 months ago
• nxenon / h2spacex

  View on GitHub
  HTTP/2 Last Frame Synchronization (also known as Single Packet Attack) low Level Library / Tool based on Scapy‌ + Exploit Timing Attacks
  ☆219Feb 18, 2026Updated last month
• assetnote / blind-ssrf-chains

  View on GitHub
  An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability
  ☆959Dec 31, 2021Updated 4 years ago
• sysdig / wafer

  View on GitHub
  ☆219May 20, 2024Updated last year
• GrrrDog / weird_proxies

  View on GitHub
  Reverse proxies cheatsheet
  ☆1,855Nov 4, 2023Updated 2 years ago
• iangcarroll / cookiemonster

  View on GitHub
  🍪 CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.
  ☆968Jan 10, 2025Updated last year
• xnl-h4ck3r / XnlReveal

  View on GitHub
  A Chrome/Firefox browser extension to show alerts for reflected query params, show Wayback archive links for the current path, show hidde…
  ☆436Mar 6, 2026Updated 2 weeks ago
• midoxnet / mapperplus

  View on GitHub
  MapperPlus facilitates the extraction of source code from a collection of targets that have publicly exposed .js.map files.
  ☆298Oct 5, 2024Updated last year
• fyoorer / ShadowClone

  View on GitHub
  Unleash the power of cloud
  ☆816Nov 19, 2024Updated last year
• ngalongc / AuthzAI

  View on GitHub
  ☆181Oct 15, 2024Updated last year
• xnl-h4ck3r / xnLinkFinder

  View on GitHub
  A python tool used to discover endpoints, potential parameters, a target specific wordlist for a given target and secrets
  ☆1,533Mar 8, 2026Updated 2 weeks ago
• Brum3ns / firefly

  View on GitHub
  Black box fuzzer for web applications
  ☆436Jul 20, 2025Updated 8 months ago
• doyensec / CSPTPlayground

  View on GitHub
  CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).
  ☆154Mar 31, 2025Updated 11 months ago
• renniepak / CSPBypass

  View on GitHub
  CSPBypass.com, a tool designed to help ethical hackers bypass restrictive Content Security Policies (CSP) and exploit XSS (Cross-Site Scr…
  ☆623Updated this week
• robre / jsmon

  View on GitHub
  a javascript change monitoring tool for bugbounties
  ☆713Jul 31, 2024Updated last year
• PortSwigger / bambdas

  View on GitHub
  Bambdas collection for Burp Suite Professional and Community.
  ☆503Mar 12, 2026Updated last week
• doyensec / CSPTBurpExtension

  View on GitHub
  CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.
  ☆163Jul 2, 2024Updated last year
• xnl-h4ck3r / urless

  View on GitHub
  De-clutter a list of URLs
  ☆385Mar 8, 2026Updated 2 weeks ago
• xnl-h4ck3r / waymore

  View on GitHub
  Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan, VirusTotal, GhostArchive & Intelligence X!
  ☆2,568Mar 8, 2026Updated 2 weeks ago
• sleepyeinstein / lemma

  View on GitHub
  Remote CLI tools at your fingertips
  ☆102Jul 31, 2024Updated last year
• mschwager / route-detect

  View on GitHub
  Find authentication (authn) and authorization (authz) security bugs in web application routes.
  ☆281Sep 11, 2025Updated 6 months ago