rootDR / ex-paramLinks
ex-param is an automated tool designed for finding reflected parameters for XSS vulnerabilities. It crawls a target website, extracts GET parameters, and tests them for reflected input. The tool helps bug bounty hunters and penetration testers quickly identify potential reflected XSS flaws, offering fast and reliable results.
☆63Updated 11 months ago
Alternatives and similar repositories for ex-param
Users that are interested in ex-param are comparing it to the libraries listed below
Sorting:
- A passive way to find backups/ sensitive information.☆87Updated 6 months ago
- SubOwner - A Simple tool check for subdomain takeovers.☆117Updated last year
- ☆101Updated 9 months ago
- Fback is a tool that helps you create target-specific wordlists using a .json pattern.☆63Updated 2 months ago
- xsschecker tests endpoints for reflected XSS by injecting payloads and checking responses. It prints vulnerable if the payload is reflect…☆36Updated 2 months ago
- A collaborative hub for Nuclei templates. Contribute, share, and explore powerful vulnerability detection tools!☆50Updated 11 months ago
- Unwaf is a Go tool designed to help identify WAF bypasses using passive techniques, such as: SPF records and DNS history. By default, Unw…☆98Updated 6 months ago
- Dnsbruter is a powerful tool designed to perform active subdomain enumeration and discovery. It uses DNS resolution to efficiently brutef…☆124Updated last year
- ParamScan is a chrome extension for finding reflected parameters in a webpage.☆92Updated last year
- Nafeed-Broken-Link: A Python tool designed to check for broken social media links on a given domain. This script crawls all accessible pa…☆66Updated last year
- 🔍 SubWatch – Automated Subdomain Monitoring Script☆39Updated 7 months ago
- Grep subdomains from web pages.☆42Updated 11 months ago
- Backup Files Wordlist Generator - generate a comprehensive list of potential backup file Wordlist based on a given list URL and backup fi…☆88Updated 7 months ago
- ☆184Updated last year
- Bypass Reset Password Code Lead to Account Takeover☆26Updated last year
- Zzl is a reconnaissance tool that collects subdomains from SSL certificates in IP ranges☆44Updated last year
- ☆30Updated 4 months ago
- A collection of slides and presentations from BSides Ahmedabad 2024, held on October 12th and 13th. This repository features key insights…☆38Updated last year
- ☆70Updated 2 years ago
- This script Crawl the website and find the urls that contains html forms.☆72Updated last year
- Welcome to the 403 and 401 Bypass Techniques and Bug Bounty Tips repository! This repo is a collection of methods and strategies to bypas…☆19Updated last year
- Community curated list of templates for the nuclei engine to find security vulnerabilities.☆81Updated 2 months ago
- This repository contains all the GF-Patterns Repositories. All we have to do is just to run the given Shell File and it's Done !!☆21Updated 7 months ago
- A simple browser extension to quickly find interesting security-related information on a webpage.☆168Updated last week
- Oneliner Bug Bounty Collection collected from GitHub to all bug bounty hunters☆35Updated 2 years ago
- This script is used to search for cloud certificate entities such as Amazon, Azure, and others that have been extracted by the kaeferjaeg…☆55Updated 2 months ago
- ☆124Updated 5 months ago
- Private Nuclei Templates☆100Updated 11 months ago
- ☆63Updated last year
- IDOR Scanner is a Burp Suite extension that automates the detection and enumeration of potentially vulnerable numeric fields to identify …☆43Updated 11 months ago