ex-param is an automated tool designed for finding reflected parameters for XSS vulnerabilities. It crawls a target website, extracts GET parameters, and tests them for reflected input. The tool helps bug bounty hunters and penetration testers quickly identify potential reflected XSS flaws, offering fast and reliable results.
☆63Feb 22, 2025Updated last year
Alternatives and similar repositories for ex-param
Users that are interested in ex-param are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ParamScan is a chrome extension for finding reflected parameters in a webpage.☆92Jan 11, 2025Updated last year
- SubOwner - A Simple tool check for subdomain takeovers.☆117Oct 18, 2024Updated last year
- Find subdomains on GitLab.☆108Apr 28, 2024Updated 2 years ago
- A high-performance Go-based tool for checking the availability and responsiveness of domains, utilizing both HTTP requests and browser au…☆92Nov 26, 2024Updated last year
- ☆47Jul 31, 2024Updated last year
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- ☆14Nov 8, 2024Updated last year
- Zzl is a reconnaissance tool that collects subdomains from SSL certificates in IP ranges☆44Oct 27, 2024Updated last year
- ☆13Dec 21, 2023Updated 2 years ago
- 🌐 Get Some Useful Info From Domain/IP/ASN 🔥☆19Sep 29, 2024Updated last year
- A passive way to find backups/ sensitive information.☆91Jul 10, 2025Updated 9 months ago
- ☆18Jul 21, 2025Updated 9 months ago
- Extractify extension is a Chrome extension designed for web security testing, enabling users to efficiently extract JavaScript files and …☆30Dec 10, 2024Updated last year
- Dnsbruter is a powerful tool designed to perform active subdomain enumeration and discovery. It uses DNS resolution to efficiently brutef…☆126Dec 17, 2024Updated last year
- N0aziXss Origin Recon 🍓☆23Dec 16, 2025Updated 4 months ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- Subprober is a powerful and efficient subdomain scanning tool written in Python. With the ability to handle large lists of subdomains. Th…☆266Apr 19, 2026Updated last week
- SAPLAR - LFI & Path Traversal Scanner☆15Mar 11, 2025Updated last year
- Bypass-Four03 is a powerful bash tool designed to help testers bypass HTTP 403 forbidden errors through various path and header manipulat…☆209May 22, 2025Updated 11 months ago
- Kubernetes, Clusters and Dockers Enumeration in GCP and AWS environments☆12Nov 23, 2023Updated 2 years ago
- IDOR Scanner is a Burp Suite extension that automates the detection and enumeration of potentially vulnerable numeric fields to identify …☆44Feb 24, 2025Updated last year
- All-in Fuzzer. Burp suite extension for auto fuzzing params, headers, body☆36Apr 9, 2026Updated 3 weeks ago
- A collaborative hub for Nuclei templates. Contribute, share, and explore powerful vulnerability detection tools!☆50Feb 1, 2025Updated last year
- A fast subdomain takeover tool☆86Mar 31, 2026Updated last month
- Enter Morpheus, your advanced IOC detection tool. Powered by expert YARA rules and integrated with VirusTotal, it scans and identifies In…☆54Feb 12, 2025Updated last year
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Repro for Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!☆21Aug 25, 2024Updated last year
- Continues Recon on Public Bug Bounty Program☆16Jun 19, 2024Updated last year
- jshunter is a command-line tool designed for analyzing JavaScript files and extracting endpoints. This tool specializes in identifying se…☆510Jan 22, 2026Updated 3 months ago
- IDOR Forge is an advanced and versatile tool designed to detect Insecure Direct Object Reference (IDOR) vulnerabilities in web applicatio…☆226Sep 25, 2025Updated 7 months ago
- GoogleDorker - Unleash the power of Google dorking for ethical hackers with custom search precision.☆275Dec 23, 2024Updated last year
- SpideyX a multipurpose Web Penetration Testing tool with asynchronous concurrent performance with multiple mode and configurations.☆192Mar 18, 2025Updated last year
- ☆16Jun 23, 2023Updated 2 years ago
- URL Fuzzing Tool.☆28Apr 21, 2025Updated last year
- Proxy Management for Security Professionals☆25Mar 25, 2025Updated last year
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Advanced Time-based Blind SQL Injection fuzzer for HTTP Headers☆312Mar 31, 2024Updated 2 years ago
- Exploits with pwntools library in Python3. ROP, BOF, SHELLCODE.☆20Feb 2, 2024Updated 2 years ago
- SubCerts is a simple tool that uses certificate transparency logs (via crt.sh) to extract subdomains of a given domain.☆75Jan 6, 2026Updated 3 months ago
- Argus is used to test for Blind XSS and SSRF vulnerbilities or any sort of OOB detection☆14Nov 1, 2024Updated last year
- Url scrapper or extractor from alienvault☆39Mar 1, 2025Updated last year
- Robofinder retrieves historical #robots.txt files from #Archive.org, allowing you to collect old directories and paths for any domain whi…☆240Nov 21, 2025Updated 5 months ago
- BetterBugBounty - Here tools are classic, bugs are hunted, and nostalgia is the ultimate weapon!☆30Feb 10, 2024Updated 2 years ago