Alternatives and similar repositories for bruteforce-lists:

Users that are interested in bruteforce-lists are comparing it to the libraries listed below

• KathanP19 / JSFScan.sh
  Automation for javascript recon in bug bounty.
  ☆969Updated last year
• robotshell / magicRecon
  MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilitie…
  ☆940Updated 8 months ago
• m4ll0k / BBTz
  BBT - Bug Bounty Tools (examples💡)
  ☆1,779Updated 11 months ago
• hakluke / weaponised-XSS-payloads
  XSS payloads designed to turn alert(1) into P1
  ☆1,347Updated last year
• 1ndianl33t / Gf-Patterns
  GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep
  ☆1,273Updated 6 months ago
• ksharinarayanan / SSRFire
  An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects
  ☆955Updated 3 years ago
• assetnote / wordlists
  Automated & Manual Wordlists provided by Assetnote
  ☆1,404Updated 8 months ago
• r0075h3ll / Oralyzer
  Open Redirection Analyzer
  ☆768Updated 2 years ago
• devanshbatham / FavFreak
  Making Favicon.ico based Recon Great again !
  ☆1,167Updated last year
• dwisiswant0 / findom-xss
  A fast DOM based XSS vulnerability scanner with simplicity.
  ☆786Updated 2 years ago
• m4ll0k / SecretFinder
  SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files
  ☆2,129Updated 10 months ago
• dwisiswant0 / go-dork
  The fastest dork scanner written in Go.
  ☆1,186Updated last year
• AlephNullSK / dnsgen
  DNSGen is a powerful and flexible DNS name permutation tool designed for security researchers and penetration testers. It generates intel…
  ☆954Updated 2 months ago
• devanshbatham / OpenRedireX
  A fuzzer for detecting open redirect vulnerabilities
  ☆736Updated 9 months ago
• PentestPad / subzy
  Subdomain takeover vulnerability checker
  ☆1,165Updated 6 months ago
• ghsec / webHunt
  Web App bug hunting
  ☆561Updated 3 weeks ago
• MindPatch / scant3r
  ScanT3r - Module based Bug Bounty Automation Tool ( use Lotus instead github.com/bugBlocker/lotus )
  ☆681Updated last year
• s0md3v / uro
  declutters url lists for crawling/pentesting
  ☆1,321Updated last month
• eslam3kl / 3klCon
  Automation Recon tool which works with Large & Medium scopes. It performs a lot of tasks and gets back all the results in separated files…
  ☆682Updated 8 months ago
• nsonaniya2010 / SubDomainizer
  A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.
  ☆1,787Updated 10 months ago
• tomnomnom / unfurl
  Pull out bits of URLs provided on stdin
  ☆1,137Updated last year
• ayoubfathi / leaky-paths
  A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..e…
  ☆966Updated 9 months ago
• s0md3v / Parth
  Heuristic Vulnerable Parameter Scanner
  ☆584Updated last year
• 003random / getJS
  A tool to fastly get all javascript sources/files
  ☆771Updated 8 months ago
• j3ssie / metabigor
  OSINT tools and more but without API key
  ☆1,312Updated 11 months ago
• capture0x / XSS-LOADER
  Xss Payload Generator ~ Xss Scanner ~ Xss Dork Finder
  ☆577Updated last year
• 0xInfection / XSRFProbe
  The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.
  ☆1,193Updated last month
• arkadiyt / bounty-targets
  This project crawls bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) hourly and dumps them into the bounty-targets-data…
  ☆659Updated last month
• gwen001 / github-subdomains
  Find subdomains on GitHub.
  ☆711Updated 2 years ago
• chrislockard / api_wordlist
  A wordlist of API names for web application assessments
  ☆801Updated last month