Alternatives and similar repositories for Gau-Expose

Users that are interested in Gau-Expose are comparing it to the libraries listed below

• 0xRTH / IISRecon
  IIS shortname scanner + bruteforce
  ☆54Updated last year
• clarkvoss / Nuclei-Templates
  ☆82Updated 3 years ago
• six2dez / resolvers_reconftw
  Resolvers updated daily for reconftw
  ☆47Updated 2 years ago
• emadshanab / DIR-WORDLISTS
  Some wordlists collected form github to all bug bounty hunters.
  ☆35Updated 4 years ago
• NitinYadav00 / gf-patterns
  Some of the gf patterns which i use
  ☆44Updated 3 years ago
• hakluke / hakfindinternaldomains
  Feed it a list of subdomains, it will resolve them and tell you which ones are internal
  ☆93Updated 3 years ago
• adrianlarion / pegaxss
  Magic Header Blind Xss tool (deliver blind xss payloads in request headers).
  ☆26Updated 4 years ago
• Ravirajrao / HackerOne-Reports
  Cool HackerOne Reports
  ☆22Updated 2 years ago
• ethicalhackingplayground / aem-eye
  A very simple AEM detector written in rust.🦀
  ☆20Updated 2 years ago
• clarkvoss / AEM-List
  ☆95Updated 4 years ago
• Dheerajmadhukar / subzzZ
  SubzzZ to find possible subdomains using passive recon. Tool also support Permutations, Mutations, Alterations.
  ☆38Updated 4 years ago
• vitorfhc / queryxss
  Tool for testing reflections in the HTTP responses
  ☆60Updated 2 years ago
• emadshanab / femida
  Automated blind-xss search for Burp Suite
  ☆23Updated 3 years ago
• emadshanab / Blind-XSS-burp-match-and-replace
  ☆29Updated last year
• iustin24 / SSRF
  ☆33Updated 4 years ago
• vikrantbatra05 / HuntTheBug
  Basic Recon For Bug Bounty Hunter - "HuntTheBug" is Basic Scripts For Sub Domain Enumeration> Live Domain Enumeration > Sub Domain Hijack…
  ☆55Updated 3 years ago
• gwen001 / bxss
  Alternative to XSS Hunter for blind XSS.
  ☆51Updated 2 years ago
• Dheerajmadhukar / karma_v1
  KARMA is a simple bash script automation that can hit Shodan Premium API and find active IPs, ASN, Common Vulnerabilities, CVEs & Open Po…
  ☆59Updated 4 years ago
• diego95root / h1-templates
  ☆47Updated 2 years ago
• akshaysharma016 / aem-detector
  ☆21Updated 2 years ago
• ph4nt0m-py / login-panel-wordlist
  ☆32Updated 2 years ago
• panch0r3d / nuclei-templates
  ☆89Updated 3 years ago
• k4k4r07 / CertSubDumb
  Basic Bash Script to scrape all subdomains from crtsh in a single run
  ☆19Updated 3 years ago
• elfarsaouiomar / monitor-new-subdomain
  MNS is a security and reconnaissance tool for monitoring new subdomains
  ☆69Updated last month
• akshukatkar / bbtools
  basic bbtools , buggy , not recommended to use
  ☆35Updated 8 months ago
• Ph33rr / cirrusgo
  A fast tool to scan SAAS,PAAS App written in Go
  ☆84Updated 2 years ago
• Lu3ky13 / Authorization-Nuclei-Templates
  Authorization-Nuclei-Templates
  ☆40Updated last year
• eslam3kl / ShoLister
  ShoLister is a tool that collects all available subdomains for specific hostname or organization from Shodan. The tool is designed to be …
  ☆61Updated 3 years ago
• MR-pentestGuy / nuclei-templates
  My own Custom nuclei templates
  ☆25Updated 3 years ago
• BitTheByte / BitMapper
  Burp-suite Extension For finding .map files
  ☆50Updated last year