This tool aims at accumulating javascript files from a given set of subdomains to discover hidden endpoints. It swims through JS files to find more JS files. It also creates a target-specific wordlist from the JS-files for further content discovery and dumps all the discovered JS files neatly in a folder for static analysis.
☆71Dec 28, 2022Updated 3 years ago
Alternatives and similar repositories for Fu-JS
Users that are interested in Fu-JS are comparing it to the libraries listed below
Sorting:
- #JavascriptRecon #bugbounty☆21Aug 18, 2021Updated 4 years ago
- IIS shortname scanner + bruteforce☆56Feb 18, 2024Updated 2 years ago
- Crawlex is a powerful Chrome extension designed to assist bug bounty hunters in their work by enabling easy crawling of all possible URLs…☆12May 28, 2023Updated 2 years ago
- The project aims at creating target-specific wordlists for any web application that you are testing.☆66May 28, 2022Updated 3 years ago
- I will share my bug bounty tips here☆32Mar 6, 2023Updated 3 years ago
- ☆32Dec 30, 2022Updated 3 years ago
- ☆14Feb 7, 2024Updated 2 years ago
- Script for monitoring changes in javascript files on WebApps for offensive reconnaissance.☆28Aug 4, 2021Updated 4 years ago
- ☆57Sep 2, 2020Updated 5 years ago
- ☆27Mar 18, 2020Updated 6 years ago
- Hidden input parameters finder☆19Jul 10, 2023Updated 2 years ago
- ☆12Jun 15, 2022Updated 3 years ago
- Automated Subdomain Enumeration and Scanning Tool☆116Oct 5, 2023Updated 2 years ago
- BugBounty , sort and delete duplicates param value without missing original value☆22Jul 31, 2021Updated 4 years ago
- List of custom Nuclei templates☆16Nov 4, 2023Updated 2 years ago
- Extracting api keys and secrets by requesting each url at the your list.☆20Jul 5, 2024Updated last year
- Framework to automate Bug Bounty Reconnaissance☆43Jan 4, 2021Updated 5 years ago
- VMware Workspace ONE Access and Identity Manager RCE via SSTI - Test script for shodan, file or manual.☆16Feb 13, 2024Updated 2 years ago
- ☆96Oct 1, 2021Updated 4 years ago
- A tool for testing subdomain takeover possibilities at a mass scale.☆50May 23, 2021Updated 4 years ago
- This extension provides a central location for viewing all GraphQL requests/responses within a Burp project. It provides a clean UI that …☆15Feb 24, 2022Updated 4 years ago
- Match and Replace script used to automatically generate JSON option file to BurpSuite☆215May 13, 2019Updated 6 years ago
- Passive reconnaissance/enumeration of interesting targets by watching for SSL certificates being issued☆69Oct 11, 2022Updated 3 years ago
- Nuclei Templates - Here you will find the templates I use while hunting☆120Sep 27, 2021Updated 4 years ago
- Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load☆296Sep 22, 2024Updated last year
- JS Finding can be used to extract JavaScript (JS) files from either a single domain URL or a list of domains. The tool supports various e…☆48Apr 29, 2024Updated last year
- You can find hardcoded Api-Key,Secret,Token Etc..☆77Sep 3, 2022Updated 3 years ago
- ☆59Apr 8, 2021Updated 4 years ago
- These Repositories About My Recon Methodology To Give Some Idea For Other Hunter How To Do Recon☆44Oct 15, 2022Updated 3 years ago
- This repository contains links to all the 100 days tweets that I posted during the #100DaysOfHacking challenge.☆17Apr 11, 2022Updated 3 years ago
- ☆437Jun 1, 2021Updated 4 years ago
- ☆12Jan 4, 2022Updated 4 years ago
- Sometimes we want to fuzz a set of sub-domain URLs with a common wordlist. Fuzzing them one by one is a tedious task, not to mention the …☆52Jul 14, 2021Updated 4 years ago
- Most of the Google Acquisitions for Bug Bounty Hunter.☆64Sep 3, 2022Updated 3 years ago
- This tool allows you to find ssti vulnerability with ease!☆22Sep 3, 2022Updated 3 years ago
- QUESTER is a Web Pentesting & Bug Bounty Recon tool which queries URLs / Subdomains from the given list of URLs or subdomains.☆15Aug 2, 2021Updated 4 years ago
- ☆13Jul 12, 2021Updated 4 years ago
- TProx is a fast reverse proxy path traversal detector and directory bruteforcer.☆30Sep 16, 2021Updated 4 years ago
- Simple tools to handle string and generate subdomain permutations☆15Jun 8, 2022Updated 3 years ago