rootDR / ex-paramLinks
ex-param is an automated tool designed for finding reflected parameters for XSS vulnerabilities. It crawls a target website, extracts GET parameters, and tests them for reflected input. The tool helps bug bounty hunters and penetration testers quickly identify potential reflected XSS flaws, offering fast and reliable results.
☆60Updated 4 months ago
Alternatives and similar repositories for ex-param
Users that are interested in ex-param are comparing it to the libraries listed below
Sorting:
- ☆94Updated 3 months ago
- A passive way to find backups/ sensitive information.☆84Updated this week
- SubOwner - A Simple tool check for subdomain takeovers.☆113Updated 8 months ago
- A collection of slides and presentations from BSides Ahmedabad 2024, held on October 12th and 13th. This repository features key insights…☆37Updated 8 months ago
- YesWiki is a wiki system written in PHP. The squelette parameter is vulnerable to path traversal attacks, enabling read access to arbitra…☆12Updated 3 months ago
- ☆135Updated 3 months ago
- Grep subdomains from web pages.☆42Updated 5 months ago
- Dnsbruter is a powerful tool designed to perform active subdomain enumeration and discovery. It uses DNS resolution to efficiently brutef…☆120Updated 6 months ago
- IDOR Forge is an advanced and versatile tool designed to detect Insecure Direct Object Reference (IDOR) vulnerabilities in web applicatio…☆157Updated last month
- Private Nuclei Templates☆100Updated 4 months ago
- ☆23Updated 9 months ago
- Nafeed-Broken-Link: A Python tool designed to check for broken social media links on a given domain. This script crawls all accessible pa…☆63Updated 10 months ago
- Backup Files Wordlist Generator - generate a comprehensive list of potential backup file Wordlist based on a given list URL and backup fi…☆64Updated 2 weeks ago
- shef - extract/scrape IPs from shodan without any API key☆55Updated 6 months ago
- Bypass Reset Password Code Lead to Account Takeover☆25Updated 9 months ago
- ☆66Updated last month
- ☆73Updated 9 months ago
- Unwaf is a Go tool designed to help identify WAF bypasses using passive techniques, such as: SPF records and DNS history. By default, Unw…☆91Updated last week
- ☆166Updated 8 months ago
- ParamScan is a chrome extension for finding reflected parameters in a webpage.☆83Updated 6 months ago
- Find The Admin Panel & SQL Injection Endpoints, Using Google Dorks !!!☆19Updated 7 months ago
- ☆119Updated last year
- ☆27Updated this week
- Oneliner Bug Bounty Collection collected from GitHub to all bug bounty hunters☆33Updated last year
- This script can be used to find html forms in the list of endpoints/urls.☆48Updated last year
- ☆148Updated last year
- my nuclei templates☆41Updated last year
- ☆57Updated 10 months ago
- A Powerful Recon Engine☆66Updated 7 months ago
- Zzl is a reconnaissance tool that collects subdomains from SSL certificates in IP ranges☆39Updated 8 months ago