Alternatives and similar repositories for sub404

Users that are interested in sub404 are comparing it to the libraries listed below

• M4DM0e / DirDar
  DirDar is a tool that searches for (403-Forbidden) directories to break it and get dir listing on it
  ☆454Updated last year
• anshumanpattnaik / http-request-smuggling
  HTTP Request Smuggling Detection Tool
  ☆520Updated last year
• geeknik / the-nuclei-templates
  Nuclei templates written by geeknik. Claude is my co-pilot. 🤖
  ☆274Updated 3 weeks ago
• s0md3v / Parth
  Heuristic Vulnerable Parameter Scanner
  ☆595Updated last year
• ARPSyndicate / kenzer
  automated web assets enumeration & scanning [DEPRECATED]
  ☆289Updated 2 years ago
• pikpikcu / XRCross
  XRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing. This tool was built to test (XSS|SSRF|CORS|SSTI|ID…
  ☆341Updated 2 years ago
• bp0lr / gauplus
  ☆297Updated 3 years ago
• iamthefrogy / nerdbug
  Full Nuclei automation script with logic explanation.
  ☆245Updated 3 years ago
• In3tinct / See-SURF
  Python tool to find potential Server Side Reqest Forgery (SSRF) vulnerability parameters.
  ☆329Updated 3 weeks ago
• hash3liZer / Subrake
  🚀 A DNS automated scanner and tool 🖱️ (Zone Transfer, DNS Zone Takeover, Subdomain Takeover).
  ☆299Updated 10 months ago
• vsec7 / BurpSuite-Xkeys
  A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.
  ☆302Updated last year
• BitTheByte / Monitorizer
  Monitoring framework to detect and report newly found subdomains on a specific target using various scanning tools
  ☆278Updated last year
• MindPatch / lorsrf
  Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load
  ☆296Updated 11 months ago
• theinfosecguy / QuickXSS
  Automating XSS using Bash
  ☆358Updated last year
• luisfontes19 / xxexploiter
  Tool to help exploit XXE vulnerabilities
  ☆565Updated 2 years ago
• ethicalhackingplayground / bxss
  Blind XSS Scanner is a tool that can be used to scan for blind XSS vulnerabilities in web applications.
  ☆331Updated 3 months ago
• hackerspider1 / EchoPwn
  Recon Automation for hackers by hackers
  ☆254Updated 5 years ago
• kleiton0x00 / ppmap
  A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.
  ☆511Updated 3 years ago
• mlcsec / headi
  Customisable and automated HTTP header injection
  ☆261Updated last year
• PortSwigger / ip-rotate
  Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.
  ☆260Updated 2 years ago
• KathanP19 / Gxss
  A tool to check a bunch of URLs that contain reflecting params.
  ☆589Updated last year
• Josue87 / gotator
  Gotator is a tool to generate DNS wordlists through permutations.
  ☆487Updated 3 years ago
• ghsec / webHunt
  Web App bug hunting
  ☆570Updated 5 months ago
• jaeles-project / jaeles-signatures
  Default signature for Jaeles Scanner
  ☆324Updated 3 years ago
• Josue87 / AnalyticsRelationships
  Get related domains / subdomains by looking at Google Analytics IDs
  ☆250Updated 3 years ago
• Impact-I / x8-Burp
  Hidden parameters discovery suite
  ☆225Updated 2 years ago
• TheBinitGhimire / NtHiM
  Now, the Host is Mine! - Super Fast Sub-domain Takeover Detection!
  ☆363Updated 2 years ago
• MindPatch / scant3r
  ScanT3r - Module based Bug Bounty Automation Tool ( use Lotus instead github.com/bugBlocker/lotus )
  ☆689Updated 3 weeks ago
• ThreatUnknown / jsubfinder
  jsubfinder searches webpages for javascript & analyzes them for hidden subdomains and secrets (wip).
  ☆275Updated 7 months ago
• daxAKAhackerman / XSS-Catcher
  A blind XSS detection and XSS data capture framework
  ☆172Updated 3 weeks ago