Alternatives and similar repositories for shapeshifter:

Users that are interested in shapeshifter are comparing it to the libraries listed below

• cablej / FileChangeMonitor
  Continuous monitoring for JavaScript files
  ☆219Updated 5 years ago
• LewisArdern / metasecjs
  MetaSec.js combines all the free open-source security tools to identify issues with JavaScript and automates the boring parts
  ☆80Updated last year
• codingo / crithit
  Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures t…
  ☆205Updated 4 years ago
• Abss0x7tbh / bass
  Bass grabs you those "extra resolvers" you are missing out on when performing Active DNS enumeration. Add anywhere from 100-6k resolvers …
  ☆141Updated 9 months ago
• trufflesecurity / of-CORS
  ☆149Updated last year
• RhinoSecurityLabs / Swagger-EZ
  A tool geared towards pentesting APIs using OpenAPI definitions.
  ☆172Updated 2 years ago
• Static-Flow / gofingerprint
  GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fing…
  ☆201Updated last year
• subfinder / goaltdns
  A permutation generation tool written in golang
  ☆209Updated 5 years ago
• zseano / JS-Scan
  a .js scanner, built in php. designed to scrape urls and other info
  ☆212Updated 7 years ago
• orlyjamie / asnrecon
  ASN reconnaissance script
  ☆124Updated last year
• Regala / burp-scope-monitor
  Burp Suite Extension to monitor new scope
  ☆197Updated 3 years ago
• dark-warlord14 / ffufplus
  You can read the writeup on this script here
  ☆191Updated 3 years ago
• PatrikFehrenbach / amass-tools
  ☆108Updated 4 years ago
• teknogeek / ssrf-sheriff
  A simple SSRF-testing sheriff written in Go
  ☆322Updated 2 months ago
• fellchase / flumberboozle
  Suite of programs meant to aid in bug hunting and security assessments
  ☆77Updated 5 years ago
• In3tinct / Taken
  Takeover AWS ips and have a working POC for Subdomain Takeover.
  ☆90Updated 10 months ago
• ameenmaali / wordlistgen
  Quickly generate context-specific wordlists for content discovery from lists of URLs or paths
  ☆216Updated 2 years ago
• wallarm / jwt-heartbreaker
  The Burp extension to check JWT (JSON Web Tokens) for using keys from known from public sources
  ☆128Updated 4 years ago
• tdr130 / assetnote
  Push notifications for passive DNS data
  ☆107Updated 8 years ago
• ZephrFish / Wordlists
  Various Payload wordlists
  ☆235Updated 4 years ago
• forcesunseen / graphquail
  Burp Suite extension that offers a toolkit for testing GraphQL endpoints.
  ☆188Updated 5 months ago
• daeken / SSRFTest
  SSRF testing tool
  ☆243Updated 2 years ago
• Shivangx01b / CorsMe
  Cross Origin Resource Sharing MisConfiguration Scanner
  ☆171Updated 3 years ago
• dwisiswant0 / slackcat
  A simple way of sending messages from the CLI output to your Slack with webhook.
  ☆116Updated last year
• andresriancho / mongo-objectid-predict
  Predict Mongo ObjectIds
  ☆127Updated 6 years ago
• ameenmaali / qsfuzz
  qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.
  ☆297Updated last year
• putsi / privatecollaborator
  A script for installing private Burp Collaborator with free Let's Encrypt SSL-certificate
  ☆205Updated 7 months ago
• michael1026 / trashcompactor
  ☆65Updated 2 years ago
• PortSwigger / stepper
  A natural evolution of Burp Suite's Repeater tool
  ☆92Updated last year
• defparam / h1passets
  List HackerOne private program assets
  ☆150Updated 3 years ago