Alternatives and similar repositories for wfuxx

Users that are interested in wfuxx are comparing it to the libraries listed below

• j3ssie / str-replace

  View on GitHub
  Simple tools to handle string and generate subdomain permutations
  ☆15Jun 8, 2022Updated 3 years ago
• Cyb3rMehul / venom

  View on GitHub
  Auto Recon Bash Script
  ☆31Dec 31, 2024Updated last year
• fellchase / flumberboozle

  View on GitHub
  Suite of programs meant to aid in bug hunting and security assessments
  ☆79Dec 29, 2019Updated 6 years ago
• KathanP19 / gaussrf

  View on GitHub
  Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl and Filter Urls With OpenRedirection or SS…
  ☆173Nov 11, 2020Updated 5 years ago
• arbazkiraak / LinksDumper

  View on GitHub
  Extract (links/possible endpoints) from responses & filter them via decoding/sorting
  ☆93Aug 27, 2019Updated 6 years ago
• akhil-reni / ud-peep

  View on GitHub
  Search for secrets inside user data attached to EC2 instances on multiple AWS accounts
  ☆16Jun 19, 2024Updated last year
• yashrs / safecopy

  View on GitHub
  Burp Extension for copying requests safely. It redacts headers like Cookie, Authorization and X-CSRF-Token for now. More support can be a…
  ☆18May 17, 2020Updated 5 years ago
• momenbasel / subScreen

  View on GitHub
  a JS tool that let you take screenshot of many hosts.
  ☆13Aug 2, 2019Updated 6 years ago
• AlfredBerg / dnsline

  View on GitHub
  Tool for making it easy to collect dns results from the CLI
  ☆40Aug 14, 2024Updated last year
• ameenmaali / qsfuzz

  View on GitHub
  qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.
  ☆303Feb 12, 2023Updated 3 years ago
• cybercdh / cnames

  View on GitHub
  take a list of resolved subdomains and output any corresponding CNAMES en masse.
  ☆18Jan 29, 2026Updated 2 weeks ago
• sw33tLie / ugly-scripts

  View on GitHub
  A collection of scripts for bug-bounty related stuff
  ☆39Sep 4, 2020Updated 5 years ago
• xxux11 / http-methods-discloser

  View on GitHub
  ☆44Apr 30, 2021Updated 4 years ago
• hahwul / s3reverse

  View on GitHub
  The format of various s3 buckets is convert in one format. for bugbounty and security testing.
  ☆86May 6, 2023Updated 2 years ago
• ffuf / ffuf-scripts

  View on GitHub
  Scripts to help with different ffuf tasks and workflows
  ☆222Dec 24, 2023Updated 2 years ago
• 0xspade / Automated-Scanner

  View on GitHub
  Trying to make automated recon for bug bounties
  ☆255May 3, 2021Updated 4 years ago
• lc / subjs

  View on GitHub
  Fetches javascript file from a list of URLS or subdomains.
  ☆834Jul 22, 2025Updated 6 months ago
• dwisiswant0 / hinject

  View on GitHub
  Host Header Injection Checker
  ☆84Mar 2, 2022Updated 3 years ago
• Mad-robot / wordpress-exploits

  View on GitHub
  All known and unknown public POC's for wordpress themes and plugins
  ☆78Jun 23, 2021Updated 4 years ago
• praneshn99 / web_security_testing

  View on GitHub
  Repository contains an online education portal filled with web vulnerabilities.
  ☆21Jan 3, 2020Updated 6 years ago
• carbreal / OSCP_Prep

  View on GitHub
  Journey to conquer the OSCP!
  ☆13Apr 18, 2019Updated 6 years ago
• Cillian-Collins / subscraper

  View on GitHub
  Reconnaissance tool which scans javascript files for subdomains and then iterates over all javascript files hosted on subsequent subdomai…
  ☆223Jul 10, 2020Updated 5 years ago
• dark-warlord14 / JSScanner

  View on GitHub
  You can read the writeup on this script here
  ☆274Jul 12, 2020Updated 5 years ago
• anantshri / html5_attack_and_secure

  View on GitHub
  HTML5 Training material for Attack and Secure training sessions.
  ☆44Feb 25, 2023Updated 2 years ago
• spenkk / rapiddns-extractor

  View on GitHub
  Extract subdomains from rapiddns.io
  ☆23Nov 24, 2022Updated 3 years ago
• B3nac / bXSSRequest

  View on GitHub
  Literally spray blind xss payloads everywhere.
  ☆26Feb 22, 2022Updated 3 years ago
• Sh1Yo / rate-limit-checker

  View on GitHub
  Check whether the domain has a rate limit enabled.
  ☆66Aug 6, 2024Updated last year
• dark-warlord14 / ffufplus

  View on GitHub
  You can read the writeup on this script here
  ☆192Sep 30, 2021Updated 4 years ago
• 003random / online

  View on GitHub
  Uses Go net/http library to distinguish alive hosts from a give list of hosts/urls
  ☆12Dec 23, 2019Updated 6 years ago
• YashGoti / gal

  View on GitHub
  Get all possible href | src | url from target url or domain
  ☆40Aug 5, 2020Updated 5 years ago
• shivsahni / The-Grey-Matter-of-Securing-Android-Applications

  View on GitHub
  ☆13Jan 6, 2020Updated 6 years ago
• random-robbie / angularjs-csti-scanner

  View on GitHub
  Automated client-side template injection (sandbox escape/bypass) detection for AngularJS.
  ☆11Dec 14, 2025Updated 2 months ago
• jaeles-project / ui

  View on GitHub
  React UI
  ☆11Jan 4, 2023Updated 3 years ago
• evilsocket / arc-android-wrapper

  View on GitHub
  An Android wrapper for Arc
  ☆11May 13, 2018Updated 7 years ago
• stevemcilwain / quiver

  View on GitHub
  Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.
  ☆214Jun 23, 2020Updated 5 years ago
• proabiral / inception

  View on GitHub
  A highly configurable Framework for easy automated web scanning
  ☆381Jul 13, 2020Updated 5 years ago
• ameenmaali / endpointdiff

  View on GitHub
  Wrapper around LinkFinder to quickly determine whether endpoints have been added/removed to JavaScript files.
  ☆41Dec 27, 2019Updated 6 years ago
• humblelad / open-sesame

  View on GitHub
  A python tool which runs to display random publicly disclosed Hackerone reports when bored. Automatically opens the report in browser.(Ad…
  ☆42Dec 8, 2022Updated 3 years ago
• edduu / Arjun

  View on GitHub
  HTTP parameter discovery suite.
  ☆93Apr 16, 2020Updated 5 years ago