Alternatives and similar repositories for secret-magpie

Users that are interested in secret-magpie are comparing it to the libraries listed below

• dhn / udon

  View on GitHub
  A simple tool that helps to find assets/domains based on the Google Analytics ID.
  ☆179Jan 12, 2026Updated last month
• punk-security / writehat

  View on GitHub
  A pentest reporting tool written in Python. Free yourself from Microsoft Word.
  ☆13Jun 13, 2023Updated 2 years ago
• dsecuredcom / vhost-fuzzer

  View on GitHub
  Tool to fuzz for interesting vhost.
  ☆23Jan 8, 2025Updated last year
• punk-security / dnsReaper

  View on GitHub
  dnsReaper - subdomain takeover tool for attackers, bug bounty hunters and the blue team!
  ☆2,194Oct 6, 2025Updated 4 months ago
• punk-security / smbeagle

  View on GitHub
  SMBeagle - Fileshare auditing tool.
  ☆744Nov 4, 2025Updated 3 months ago
• gwen001 / gitlab-subdomains

  View on GitHub
  Find subdomains on GitLab.
  ☆106Apr 28, 2024Updated last year
• zzzteph / probable_subdomains

  View on GitHub
  Subdomains analysis and generation tool. Reveal the hidden!
  ☆244Jun 8, 2025Updated 8 months ago
• random-robbie / wayback-saver

  View on GitHub
  Saves pages to Wayback machine
  ☆13Dec 2, 2024Updated last year
• j3ssie / durl

  View on GitHub
  Remove duplicate URLs by retaining only the unique combinations of hostname, path, and parameter names
  ☆40May 5, 2024Updated last year
• edoardottt / csprecon

  View on GitHub
  Discover new target domains using Content Security Policy
  ☆501Feb 7, 2026Updated last week
• daxAKAhackerman / XSS-Catcher

  View on GitHub
  A blind XSS detection and XSS data capture framework
  ☆175Dec 6, 2025Updated 2 months ago
• boringtools / git-alerts

  View on GitHub
  Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files
  ☆228Updated this week
• dwisiswant0 / secpat2gf

  View on GitHub
  convert secret patterns to gf compatible.
  ☆38Feb 11, 2023Updated 3 years ago
• nodyhub / zipslipper

  View on GitHub
  Create tar/zip archives that try to exploit zipslip vulnerability.
  ☆48Sep 20, 2024Updated last year
• cramppet / dank

  View on GitHub
  a deterministic finite automata ranker
  ☆72Feb 6, 2022Updated 4 years ago
• UndeadSec / SwaggerSpy

  View on GitHub
  Automated OSINT on SwaggerHub
  ☆243Jan 16, 2024Updated 2 years ago
• owasp-noir / noir

  View on GitHub
  Hunt every Endpoint in your code, expose Shadow APIs, map the Attack Surface.
  ☆1,097Updated this week
• Impact-I / x8-Burp

  View on GitHub
  Hidden parameters discovery suite
  ☆225Nov 14, 2022Updated 3 years ago
• c3l3si4n / godeclutter

  View on GitHub
  Declutters URLs in a fast and flexible way, for improving input for web hacking automations such as crawlers and vulnerability scans.
  ☆59Jan 22, 2023Updated 3 years ago
• sepehrdaddev / zap-scripts

  View on GitHub
  Zed Attack Proxy Scripts for finding CVEs and Secrets.
  ☆128Jun 2, 2022Updated 3 years ago
• musana / mx-takeover

  View on GitHub
  mx-takeover focuses DNS MX records and detects misconfigured MX records.
  ☆357Jul 17, 2023Updated 2 years ago
• stark0de / ocr-recon

  View on GitHub
  This tool is useful to find a particular string in a list of URLs using tesseract's OCR (Optical Character Recognition) capabilities
  ☆32Jan 17, 2022Updated 4 years ago
• dwisiswant0 / cf-check

  View on GitHub
  CloudFlare Checker written in Go
  ☆237May 12, 2024Updated last year
• hahwul / RegexPassive

  View on GitHub
  🔭 Collection of regexp pattern for security passive scanning
  ☆116Feb 18, 2023Updated 2 years ago
• j3ssie / json-cleaner

  View on GitHub
  The utility aims to clean up output generated by popular tools by calculating a hash based on specific JSON values to removing junk data.
  ☆16Apr 5, 2024Updated last year
• BishopFox / sj

  View on GitHub
  A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.
  ☆719Feb 3, 2026Updated last week
• iustin24 / chameleon

  View on GitHub
  ☆383May 17, 2023Updated 2 years ago
• cramppet / regulator

  View on GitHub
  Automated learning of regexes for DNS discovery
  ☆389Feb 18, 2023Updated 2 years ago
• hahwul / authz0

  View on GitHub
  🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.
  ☆427Updated this week
• trickest / find-gh-poc

  View on GitHub
  Find CVE PoCs on GitHub
  ☆160Aug 1, 2025Updated 6 months ago
• xnl-h4ck3r / xnLinkFinder

  View on GitHub
  A python tool used to discover endpoints, potential parameters, a target specific wordlist for a given target and secrets
  ☆1,515Jan 15, 2026Updated last month
• xnl-h4ck3r / urless

  View on GitHub
  De-clutter a list of URLs
  ☆384Feb 3, 2026Updated last week
• gwen001 / related-domains

  View on GitHub
  Find related domains of a given domain.
  ☆103Aug 5, 2023Updated 2 years ago
• 0xsha / CloudBrute

  View on GitHub
  Awesome cloud enumerator
  ☆1,092Mar 9, 2025Updated 11 months ago
• edoardottt / missing-cve-nuclei-templates

  View on GitHub
  Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration test…
  ☆423Feb 9, 2026Updated last week
• c3l3si4n / subsift

  View on GitHub
  experimental wildcard subdomain filtering prototype
  ☆16Aug 5, 2023Updated 2 years ago
• blacklanternsecurity / badsecrets

  View on GitHub
  A library for detecting known secrets across many web frameworks
  ☆765Feb 4, 2026Updated last week
• eslam3kl / SQLiDetector

  View on GitHub
  Simple python script supported with BurpBouty profile that helps you to detect SQL injection "Error based" by sending multiple requests w…
  ☆631Jan 4, 2026Updated last month
• Josue87 / roboxtractor

  View on GitHub
  Extract endpoints marked as disallow in robots files to generate wordlists.
  ☆58Mar 2, 2022Updated 3 years ago