A collection of useful lists for Penetration Testing & Bug Bounty - Content Discovery, Payloads, Variables, Sandbox Escaping, etc
☆103May 21, 2026Updated last month
Alternatives and similar repositories for fuzzlists
Users that are interested in fuzzlists are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- All-in Fuzzer. Burp suite extension for auto fuzzing params, headers, body☆36Apr 9, 2026Updated 2 months ago
- Template Nuclei SSTI☆34Nov 18, 2025Updated 7 months ago
- A python-based vulnerability scanner designed to identify open redirect flaws in website applications.☆26Mar 15, 2026Updated 3 months ago
- SidePeek.js is a curated set of JavaScript payloads for browser-based recon. Run them in DevTools or as bookmarklets to uncover hidden AP…☆22May 13, 2025Updated last year
- Hand-made Improved Nuclei Templates!🪴☆13Jun 12, 2023Updated 3 years ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- Writeup finder from medium or other☆19Sep 11, 2024Updated last year
- A command-line utility designed to recursively spider webpages for URLs. It works by actively traversing websites - following links embed…☆110Dec 8, 2025Updated 6 months ago
- Extracts URLs from OSINT Archives for Security Insights☆188Updated this week
- WordPress version scanner written in Python.☆15Jun 18, 2024Updated 2 years ago
- quick and dirty proof-of-concept to hide shells in images☆52Jun 27, 2024Updated 2 years ago
- IDOR Scanner is a Burp Suite extension that automates the detection and enumeration of potentially vulnerable numeric fields to identify …☆45Feb 24, 2025Updated last year
- ☆19Apr 5, 2023Updated 3 years ago
- ☆29May 22, 2024Updated 2 years ago
- Ollama AI Analyzer runs directly on your local computer, using Ollama's AI models to analyze your HTTP requests and responses. This means…☆33Mar 1, 2025Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Attempt zone transfers on domains☆18Jul 12, 2021Updated 4 years ago
- MacroExploit use in excel sheet☆20Jun 12, 2023Updated 3 years ago
- ☆14Nov 8, 2024Updated last year
- Advanced Time-based Blind SQL Injection fuzzer for HTTP Headers☆313Mar 31, 2024Updated 2 years ago
- Python tool to generate crafted JWTs, exploiting the algorithm confusion vulnerability in JWT signature validation. Useful for security …☆25Jun 6, 2026Updated 3 weeks ago
- Find All Parameters - Tool to crawl pages, find potential parameters and generate a custom target parameter wordlist☆433Aug 25, 2024Updated last year
- Nuclei Templates☆14Jan 13, 2023Updated 3 years ago
- It contain google dork to find the wsdl file.☆13May 27, 2020Updated 6 years ago
- Arescan is a powerful web directory discovery tool that helps you uncover hidden directories and links on any website. By performing a br…☆32May 8, 2026Updated last month
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- This tool is intended for bounty hunters, the script installs and launches the best set of tools for expanding the attack surface, for W…☆12Apr 22, 2024Updated 2 years ago
- 1337 Wordlists for Bug Bounty Hunting☆968Jun 21, 2026Updated last week
- Exploit for Symfony CVE-2024-50340 (forked eos)☆29Nov 22, 2024Updated last year
- Smart Setup Server For BugBounty☆26Aug 21, 2023Updated 2 years ago
- uforall is a fast url crawler this tool crawl all URLs number of different sources, alienvault,WayBackMachine,urlscan,commoncrawl☆53Nov 3, 2025Updated 7 months ago
- Lightweight reflection scanner☆20Aug 31, 2025Updated 10 months ago
- An XSS exploitation command-line interface and payload generator.☆1,436Jan 19, 2025Updated last year
- 🕵️♂️🔍 A tool with several scanning techniques that extracts live IP addresses from a list of IP addresses or CIDR notations.☆52May 14, 2023Updated 3 years ago
- OpenSSH Pre-Auth Double Free CVE-2023-25136 POC☆47Apr 21, 2023Updated 3 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Filter URLs that match your scope file for bugbounty.☆11May 23, 2023Updated 3 years ago
- Automated HTTP Request Repeating With Burp Suite☆39Apr 3, 2023Updated 3 years ago
- i will upload more templates here to share with the comunity.☆571Apr 17, 2024Updated 2 years ago
- ☆633Dec 19, 2025Updated 6 months ago
- Chameleon Wordlists☆15Sep 13, 2022Updated 3 years ago
- xsschecker tests endpoints for reflected XSS by injecting payloads and checking responses. It prints vulnerable if the payload is reflect…☆38Nov 3, 2025Updated 7 months ago
- A powerful collection of tools designed for social engineering research, penetration testing, and security awareness training. These tool…☆65Jan 25, 2026Updated 5 months ago