Alternatives and similar repositories for hacks

Users that are interested in hacks are comparing it to the libraries listed below

• cujanovic / Virtual-host-wordlist
  Virtual host wordlist
  ☆51Updated 4 years ago
• ameenmaali / endpointdiff
  Wrapper around LinkFinder to quickly determine whether endpoints have been added/removed to JavaScript files.
  ☆41Updated 5 years ago
• dwisiswant0 / wadl-dumper
  Dump all available paths and/or endpoints on WADL file.
  ☆93Updated 2 weeks ago
• ameenmaali / qsinject
  qsinject (Query String Inject) is a tool that allows you to quickly substitute query string values with regex matches, one-at-a-time.
  ☆30Updated 5 years ago
• dwisiswant0 / bounty-targets-alert
  It's an watcher for new scopes added to bounty-targets-data and send you alert to Slack.
  ☆58Updated 3 years ago
• thelikes / gwdomains
  sub domain wild card filtering tool
  ☆41Updated 5 years ago
• dwisiswant0 / hinject
  Host Header Injection Checker
  ☆81Updated 3 years ago
• defparam / h1stats
  a tool that compiles a csv of all h1 program stats
  ☆47Updated last year
• th3hack3rwiz / Lazy-FuzzZ
  Sometimes we want to fuzz a set of sub-domain URLs with a common wordlist. Fuzzing them one by one is a tedious task, not to mention the …
  ☆51Updated 3 years ago
• ethicalhackingplayground / linkJS
  ☆56Updated 4 years ago
• ethicalhackingplayground / Zin
  A Payload Injector for bugbounties written in go
  ☆70Updated 4 years ago
• gwen001 / myrecon.py
  My recon script
  ☆50Updated 5 years ago
• Cgboal / exclude-cdn
  Wraps projectdiscovery's cdncheck library to exclude CDN hosts from input passed over stdin
  ☆44Updated 2 years ago
• YashGoti / gal
  Get all possible href | src | url from target url or domain
  ☆41Updated 4 years ago
• cqsd / daily-commonspeak2
  commonspeak2 subdomains wordlist generated daily **DEPRECATED** The author(s) of commonspeak2 maintain an official repo with more lists. …
  ☆41Updated 4 years ago
• 1ndianl33t / 1ndi-hacks
  Bug Bounty Tools
  ☆34Updated 4 years ago
• payloadartist / recon
  NodeJS script to extract assets for the Apple bug bounty program from their security acknowledgments page for bug bounty recon.
  ☆78Updated 2 years ago
• z3dc0ps / 0x0p1n3r
  0x0p1n3r is set of combination of other tools and one line scripts to find subdomains easily and to check subdomain takeover
  ☆57Updated 4 years ago
• emadshanab / 971-MB-content_discovery_wordlist
  Collection of content discovery wordlists in one wordlist.
  ☆38Updated 3 years ago
• Sambal0x / Recon-tools
  Some of my bug bounty tools
  ☆51Updated 5 years ago
• sw33tLie / ugly-scripts
  A collection of scripts for bug-bounty related stuff
  ☆38Updated 4 years ago
• Damian89 / simple-oob-scanner
  Simple tool to test for SSRF/OOB HTTP Read within the Path of a request
  ☆30Updated 5 years ago
• mzfr / takeover
  A tool for testing subdomain takeover possibilities at a mass scale.
  ☆49Updated 4 years ago
• humblelad / Needle
  Instant access to you bug bounty submission dashboard on various platforms + publicly disclosed reports + #bugbountytip
  ☆22Updated 5 years ago
• R0X4R / ssrf-tool
  An SSRF detector tool written in golang. I have fixed some errors and added some more payloads to it. But the tool credits go to z0idsec.
  ☆44Updated 4 years ago
• caffeinedoom / Subvenkon
  Subvenkon is a subdomain enumerator from Venkon
  ☆23Updated 5 years ago
• tedmdelacruz / recon-scripts
  A simple reconnaissance framework for bug bounty hunting
  ☆36Updated 4 years ago
• darkc0d37 / wordlistsbyNahamsec
  ☆36Updated 5 years ago
• tomnomnom / burl
  A Broken-URL Checker
  ☆79Updated 7 years ago
• dwisiswant0 / continuous-nuclei
  Running nuclei Continuously
  ☆55Updated 2 years ago