rootDR / ex-param
ex-param is an automated tool designed for finding reflected parameters for XSS vulnerabilities. It crawls a target website, extracts GET parameters, and tests them for reflected input. The tool helps bug bounty hunters and penetration testers quickly identify potential reflected XSS flaws, offering fast and reliable results.
☆57Updated 2 months ago
Alternatives and similar repositories for ex-param:
Users that are interested in ex-param are comparing it to the libraries listed below
- ☆87Updated last month
- YesWiki is a wiki system written in PHP. The squelette parameter is vulnerable to path traversal attacks, enabling read access to arbitra…☆12Updated last month
- A passive way to find backups/ sensitive information.☆77Updated this week
- Grep subdomains from web pages.☆42Updated 2 months ago
- ☆69Updated 7 months ago
- ☆21Updated 7 months ago
- This script is used to search for cloud certificate entities such as Amazon, Azure, and others that have been extracted by the kaeferjaeg…☆42Updated 4 months ago
- Zzl is a reconnaissance tool that collects subdomains from SSL certificates in IP ranges☆39Updated 6 months ago
- ☆22Updated last year
- Oneliner Bug Bounty Collection collected from GitHub to all bug bounty hunters☆31Updated last year
- A Series of Tweets☆16Updated last year
- Bypass Reset Password Code Lead to Account Takeover☆25Updated 7 months ago
- Backup Files Wordlist Generator - generate a comprehensive list of potential backup file Wordlist based on a given list URL and backup fi…☆41Updated 6 months ago
- A tool for extract Endpoints, URLs and Secrets from contents☆60Updated this week
- ParamScan is a chrome extension for finding reflected parameters in a webpage.☆78Updated 3 months ago
- A collaborative hub for Nuclei templates. Contribute, share, and explore powerful vulnerability detection tools!☆25Updated 3 months ago
- Morgan is a powerful tool designed to help security researchers, developers, and security auditors identify sensitive information, vulner…☆54Updated 3 months ago
- Gather results of dorks across a number of search engines☆118Updated last week
- my nuclei templates☆39Updated last year
- This script can be used to find html forms in the list of endpoints/urls.☆47Updated last year
- A collection of slides and presentations from BSides Ahmedabad 2024, held on October 12th and 13th. This repository features key insights…☆37Updated 6 months ago
- ☆27Updated this week
- IDOR Forge is an advanced and versatile tool designed to detect Insecure Direct Object Reference (IDOR) vulnerabilities in web applicatio…☆98Updated 3 weeks ago
- URL Fuzzer☆19Updated 5 months ago
- Find The Admin Panel & SQL Injection Endpoints, Using Google Dorks !!!☆19Updated 5 months ago
- Unwaf is a Go tool designed to help identify WAF bypasses using passive techniques, such as: SPF records and DNS history. By default, Unw…☆90Updated 8 months ago
- A comprehensive collection of various techniques and methods for bypassing Two-Factor Authentication (2FA) security mechanisms.☆43Updated 4 months ago
- CVE-2024-32640 | Automated SQLi Exploitation PoC☆64Updated 11 months ago
- shef - extract/scrape IPs from shodan without any API key☆48Updated 3 months ago
- SubOwner - A Simple tool check for subdomain takeovers.☆112Updated 6 months ago