rootDR / ex-param
ex-param is an automated tool designed for finding reflected parameters for XSS vulnerabilities. It crawls a target website, extracts GET parameters, and tests them for reflected input. The tool helps bug bounty hunters and penetration testers quickly identify potential reflected XSS flaws, offering fast and reliable results.
☆53Updated last month
Alternatives and similar repositories for ex-param:
Users that are interested in ex-param are comparing it to the libraries listed below
- Grep subdomains from web pages.☆42Updated last month
- IDOR Forge is an advanced and versatile tool designed to detect Insecure Direct Object Reference (IDOR) vulnerabilities in web applicatio…☆89Updated last week
- A passive way to find backups/ sensitive information.☆72Updated 2 months ago
- A collection of slides and presentations from BSides Ahmedabad 2024, held on October 12th and 13th. This repository features key insights…☆37Updated 5 months ago
- This script is used to search for cloud certificate entities such as Amazon, Azure, and others that have been extracted by the kaeferjaeg…☆42Updated 3 months ago
- Zzl is a reconnaissance tool that collects subdomains from SSL certificates in IP ranges☆39Updated 4 months ago
- URL Fuzzer☆17Updated 4 months ago
- Bypass Reset Password Code Lead to Account Takeover☆23Updated 6 months ago
- shef - extract/scrape IPs from shodan without any API key☆45Updated 2 months ago
- ☆9Updated 5 months ago
- A collaborative hub for Nuclei templates. Contribute, share, and explore powerful vulnerability detection tools!☆24Updated last month
- Morgan is a powerful tool designed to help security researchers, developers, and security auditors identify sensitive information, vulner…☆54Updated last month
- Unwaf is a Go tool designed to help identify WAF bypasses using passive techniques, such as: SPF records and DNS history. By default, Unw…☆85Updated 7 months ago
- A Python tool to resolve domains to IPs, fetch related CVEs, and display open ports☆14Updated 3 months ago
- ☆56Updated 7 months ago
- Dnsbruter is a powerful tool designed to perform active subdomain enumeration and discovery. It uses DNS resolution to efficiently brutef…☆108Updated 3 months ago
- ☆65Updated 6 months ago
- IDOR Scanner is a Burp Suite extension that automates the detection and enumeration of potentially vulnerable numeric fields to identify …☆33Updated last month
- Advanced CORS Header Checker Tool with Vulnerability Detection and Bypass Attempts☆58Updated 5 months ago
- ☆20Updated last year
- Community curated list of nuclei templates for finding "unknown" security vulnerabilities.☆36Updated 8 months ago
- A Series of Tweets☆15Updated last year
- Oneliner Bug Bounty Collection collected from GitHub to all bug bounty hunters☆30Updated last year
- ☆107Updated last week
- CrlfiX☆20Updated last month
- CVE-2024-32640 | Automated SQLi Exploitation PoC☆62Updated 10 months ago
- A comprehensive collection of various techniques and methods for bypassing Two-Factor Authentication (2FA) security mechanisms.☆42Updated 2 months ago
- Private Nuclei Templates☆97Updated last month
- A tool for extract Endpoints, URLs and Secrets from contents☆58Updated 3 weeks ago
- ParamScan is a chrome extension for finding reflected parameters in a webpage.☆76Updated 2 months ago