Alternatives and similar repositories for Payloads-and-wordlists

Users that are interested in Payloads-and-wordlists are comparing it to the libraries listed below

• moeinfatehi / Backup-Finder
  A burp suite extension that reviews backup, old, temporary and unreferenced files on web server for sensitive information (OWASP WSTG-CON…
  ☆163Updated last year
• shifa123 / clickjackingpoc
  A Proof of Concept for Clickjacking Attacks
  ☆57Updated 4 years ago
• DevanshRaghav75 / AutomationGuide
  Learn how to automate XSS, SSRF, LFI, SQLI, NoSQLi
  ☆44Updated 4 years ago
• mhmdiaa / waybackrobots
  Enumerate old versions of robots.txt paths using Wayback Machine for content discovery
  ☆53Updated 2 years ago
• tamimhasan404 / FFUF-Tips-And-Tricks
  Describe how to use ffuf different options with examples
  ☆90Updated 3 years ago
• bm402 / apidor
  A tool that automates the search for IDOR vulnerabilities in web apps and APIs
  ☆63Updated 4 years ago
• hueristiq / xsubfind3r
  A command-line utility designed to discover subdomains for a given domain in a simple, efficient way. It works by gathering information f…
  ☆115Updated last month
• dn9uy3n / Check-WP-CVE-2020-35489
  The (WordPress) website test script can be exploited for Unlimited File Upload via CVE-2020-35489
  ☆31Updated last year
• clarkvoss / Nuclei-Templates
  ☆86Updated 3 years ago
• adamjsturge / easy-xsshunter-express
  The fastest way to setup XSSHunter. It has options for the official and Discord/Slack Forks
  ☆45Updated last year
• thehlopster / hfuzz
  Wordlist for web fuzzing, made from a variety of reliable sources including: result from my pentests, git.rip, ChatGPT, Lex, nuclei templ…
  ☆104Updated 2 months ago
• cve-sandbox / jquery
  CVE Collection of jQuery XSS Payloads
  ☆75Updated 3 years ago
• Akokonunes / Private-Nuclei-Templates
  ☆174Updated last month
• ethicalhackingplayground / pathbuster
  A path-normalization pentesting tool.
  ☆135Updated 3 months ago
• byt3hx / 403-bypass
  403-bypass tool to bypass 403 responses.
  ☆124Updated 2 years ago
• kaanatmacaa / pdf-injection
  Tool to create XSS PDF files
  ☆67Updated last year
• gwen001 / gitlab-subdomains
  Find subdomains on GitLab.
  ☆103Updated last year
• Mostafa-Elguerdawi / Automation_Bug_Hunting
  ☆67Updated 2 years ago
• e1abrador / Burp-Encode-IP
  Burp Suite extension to encode an IP address focused to bypass application IP / domain blacklist.
  ☆46Updated last year
• zapstiko / Bug-Bounty
  Here Are Some Bug Bounty Resource From Twitter
  ☆105Updated 7 months ago
• kljunowsky / XXElixir
  This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.
  ☆83Updated 2 years ago
• PushpenderIndia / Log4jScanner
  Log4jScanner is a Log4j Related CVEs Scanner, Designed to Help Penetration Testers to Perform Black Box Testing on given subdomains.
  ☆49Updated 4 months ago
• Stonzyy / dumpxss
  Scanner Tool For XSS Vulnerability
  ☆83Updated 3 years ago
• ShutdownRepo / httpmethods
  HTTP verb tampering & methods enumeration
  ☆65Updated 5 months ago
• mathis2001 / ParamFirstCheck
  ParamFirstCheck identifies in a list of urls those containing a parameter of the top 25 of the most vulnerable parameters for SQLi, LFI, …
  ☆34Updated 2 years ago
• darklotuskdb / sd-goo
  Enumerate Subdomains Through Google Dorks (Bypassed Page Filter)
  ☆125Updated 6 months ago
• 0xElkot / Bug-Bounty-Automation
  ☆117Updated 3 years ago
• emadshanab / BChecks-Collection
  BChecks collection for Burp Suite Professional
  ☆101Updated last year
• Dancas93 / SSRF-Scanner
  A Complete SSRF (Server Side Request Forgery) Scanner.
  ☆41Updated last month
• kursadalsan / fastbugbounty
  Fast Bug Bounty Script
  ☆40Updated 11 months ago