thehlopster / hfuzz
Wordlist for web fuzzing, made from a variety of reliable sources including: result from my pentests, git.rip, ChatGPT, Lex, nuclei templates, web-scanners, seclist, bo0m, and more.
☆91Updated 3 months ago
Related projects ⓘ
Alternatives and complementary repositories for hfuzz
- CVE Collection of jQuery UI XSS Payloads☆115Updated last year
- A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing☆140Updated last year
- Simplify your life with leak detection in JavaScript. NipeJS streamlines the use of regex, making it effortless to uncover potential leak…☆87Updated 3 months ago
- Private Nuclei Templates☆88Updated last year
- ☆110Updated 9 months ago
- CVE Collection of jQuery XSS Payloads☆68Updated last year
- Burp Suite extension to encode an IP address focused to bypass application IP / domain blacklist.☆42Updated 8 months ago
- ☆68Updated last year
- Go scanner to find web cache poisoning vulnerabilities in a list of URLs☆127Updated 9 months ago
- ☆235Updated 3 years ago
- Describe how to use ffuf different options with examples☆80Updated last year
- Automated Subdomain Enumeration and Scanning Tool☆110Updated last year
- This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.☆68Updated 10 months ago
- This Burp Suite extension allows for the automatic creation and deletion of an upstream SOCKS5 proxy on popular cloud services.☆237Updated last year
- ☆130Updated last week
- Blinks is a powerful Burp Suite extension that automates active scanning with Burp Suite Pro and enhances its functionality. With the int…☆106Updated last week
- Nodesub is a command-line tool for finding subdomains in bug bounty programs☆136Updated 3 months ago
- Here Are Some Bug Bounty Resource From Twitter☆85Updated 6 months ago
- WPXStrike is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's criticals…☆60Updated 10 months ago
- "XSS automation tool helps hackers identify and exploit cross-site scripting vulnerabilities in web apps. Tests for reflected and persist…☆89Updated 3 months ago
- Make URL path combinations using a wordlist☆172Updated last year
- A path-normalization pentesting tool.☆115Updated last year
- This is a Burp Suite extension that allows users to easily add web addresses to the Burp Suite scope.☆96Updated last month
- ☆69Updated 6 months ago
- 403-bypass tool to bypass 403 responses.☆114Updated last year
- All Type of Payloads☆126Updated 7 months ago
- Python tool to test known techniques to bypass 403 and 401 HTTP responses.☆35Updated last year
- Parse FFUF results in GUI with option to sort based by response code , size , keyword☆87Updated 2 months ago
- ☆66Updated last year
- Help recon of hostnames from specific ASN or CIDR, thanks to Robtex and BGP.HE☆52Updated 3 weeks ago