ex-param is an automated tool designed for finding reflected parameters for XSS vulnerabilities. It crawls a target website, extracts GET parameters, and tests them for reflected input. The tool helps bug bounty hunters and penetration testers quickly identify potential reflected XSS flaws, offering fast and reliable results.
☆61Feb 22, 2025Updated last year
Alternatives and similar repositories for ex-param
Users that are interested in ex-param are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ParamScan is a chrome extension for finding reflected parameters in a webpage.☆92Jan 11, 2025Updated last year
- SubOwner - A Simple tool check for subdomain takeovers.☆118Oct 18, 2024Updated last year
- Find subdomains on GitLab.☆106Apr 28, 2024Updated 2 years ago
- A high-performance Go-based tool for checking the availability and responsiveness of domains, utilizing both HTTP requests and browser au…☆93Nov 26, 2024Updated last year
- ☆50Jul 31, 2024Updated last year
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- ☆14Nov 8, 2024Updated last year
- Zzl is a reconnaissance tool that collects subdomains from SSL certificates in IP ranges☆43Oct 27, 2024Updated last year
- ☆13Dec 21, 2023Updated 2 years ago
- 🌐 Get Some Useful Info From Domain/IP/ASN 🔥☆19Sep 29, 2024Updated last year
- A passive way to find backups/ sensitive information.☆92Jul 10, 2025Updated last year
- ☆17Jul 21, 2025Updated 11 months ago
- Extractify extension is a Chrome extension designed for web security testing, enabling users to efficiently extract JavaScript files and …☆30Dec 10, 2024Updated last year
- Dnsbruter is a powerful tool designed to perform active subdomain enumeration and discovery. It uses DNS resolution to efficiently brutef…☆127Dec 17, 2024Updated last year
- N0aziXss Origin Recon 🍓☆22Dec 16, 2025Updated 6 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Subprober is a powerful and efficient subdomain scanning tool written in Python. With the ability to handle large lists of subdomains. Th…☆266May 17, 2026Updated last month
- Bypass-Four03 is a powerful bash tool designed to help testers bypass HTTP 403 forbidden errors through various path and header manipulat…☆216May 22, 2025Updated last year
- Kubernetes, Clusters and Dockers Enumeration in GCP and AWS environments☆12Nov 23, 2023Updated 2 years ago
- IDOR Scanner is a Burp Suite extension that automates the detection and enumeration of potentially vulnerable numeric fields to identify …☆45Feb 24, 2025Updated last year
- All-in Fuzzer. Burp suite extension for auto fuzzing params, headers, body☆36Apr 9, 2026Updated 3 months ago
- A collaborative hub for Nuclei templates. Contribute, share, and explore powerful vulnerability detection tools!☆49Jun 22, 2026Updated 2 weeks ago
- A fast subdomain takeover tool☆87May 21, 2026Updated last month
- Enter Morpheus, your advanced IOC detection tool. Powered by expert YARA rules and integrated with VirusTotal, it scans and identifies In…☆53Feb 12, 2025Updated last year
- Repro for Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!☆21Aug 25, 2024Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Continues Recon on Public Bug Bounty Program☆15Jun 19, 2024Updated 2 years ago
- jshunter is a command-line tool designed for analyzing JavaScript files and extracting endpoints. This tool specializes in identifying se…☆527May 16, 2026Updated last month
- IDOR Forge is an advanced and versatile tool designed to detect Insecure Direct Object Reference (IDOR) vulnerabilities in web applicatio…☆236Sep 25, 2025Updated 9 months ago
- GoogleDorker - Unleash the power of Google dorking for ethical hackers with custom search precision.☆285Dec 23, 2024Updated last year
- SpideyX a multipurpose Web Penetration Testing tool with asynchronous concurrent performance with multiple mode and configurations.☆198Mar 18, 2025Updated last year
- URL Fuzzing Tool.☆27Apr 21, 2025Updated last year
- ☆16Jun 23, 2023Updated 3 years ago
- Proxy Management for Security Professionals☆25Mar 25, 2025Updated last year
- Advanced Time-based Blind SQL Injection fuzzer for HTTP Headers☆313Mar 31, 2024Updated 2 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Exploits with pwntools library in Python3. ROP, BOF, SHELLCODE.☆20Feb 2, 2024Updated 2 years ago
- SubCerts is a simple tool that uses certificate transparency logs (via crt.sh) to extract subdomains of a given domain.☆75Jan 6, 2026Updated 6 months ago
- Argus is used to test for Blind XSS and SSRF vulnerbilities or any sort of OOB detection☆14Nov 1, 2024Updated last year
- Url scrapper or extractor from alienvault☆39Mar 1, 2025Updated last year
- Robofinder fetches historical robots.txt files from Archive.org to uncover old directories, hidden paths, and valuable OSINT data for rec…☆265Jun 13, 2026Updated 3 weeks ago
- BetterBugBounty - Here tools are classic, bugs are hunted, and nostalgia is the ultimate weapon!☆30Feb 10, 2024Updated 2 years ago
- 🤖 The Modern, Blazing Fast Port Scanner 🤖☆28Dec 29, 2024Updated last year