thehlopster / hfuzzLinks
Wordlist for web fuzzing, made from a variety of reliable sources including: result from my pentests, git.rip, ChatGPT, Lex, nuclei templates, web-scanners, seclist, bo0m, and more.
☆101Updated 2 months ago
Alternatives and similar repositories for hfuzz
Users that are interested in hfuzz are comparing it to the libraries listed below
Sorting:
- CVE Collection of jQuery UI XSS Payloads☆119Updated 2 years ago
- ☆133Updated 6 months ago
- This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.☆77Updated last year
- A path-normalization pentesting tool.☆127Updated last year
- Simplify your life with leak detection in JavaScript. NipeJS streamlines the use of regex, making it effortless to uncover potential leak…☆94Updated 9 months ago
- This Burp Suite extension allows for the automatic creation and deletion of an upstream SOCKS5 proxy on popular cloud services.☆243Updated 2 months ago
- A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing☆140Updated last year
- Self-hosted passive subdomain continous monitoring tool.☆163Updated last year
- Private Nuclei Templates☆99Updated 3 months ago
- Parse FFUF results in GUI with option to sort based by response code , size , keyword☆97Updated 8 months ago
- CVE Collection of jQuery XSS Payloads☆71Updated 2 years ago
- Custom scan profiles for use with Burp Suite Pro☆143Updated last year
- ☆119Updated last year
- Automated Tool for Testing Header Based Blind SQL Injection☆280Updated last year
- ☆242Updated 4 years ago
- BChecks collection for Burp Suite Professional☆99Updated 11 months ago
- CVE-2024-21893: SSRF Vulnerability in Ivanti Connect Secure☆90Updated last year
- Backup Files Wordlist Generator - generate a comprehensive list of potential backup file Wordlist based on a given list URL and backup fi…☆61Updated 7 months ago
- EndExt is a .go tool for extracting all the possible endpoints from the JS files☆205Updated 10 months ago
- A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues☆360Updated last year
- Community curated list of nuclei templates for finding "unknown" security vulnerabilities.☆37Updated 10 months ago
- Make URL path combinations using a wordlist☆173Updated last year
- All Type of Payloads☆137Updated last year
- ☆68Updated 2 years ago
- ☆164Updated 7 months ago
- A command-line utility designed to discover subdomains for a given domain in a simple, efficient way. It works by gathering information f…☆111Updated this week
- A collection oneliner scripts for bug bounty☆178Updated last year
- ☆158Updated 2 years ago
- Describe how to use ffuf different options with examples☆87Updated 2 years ago
- A burp suite extension that reviews backup, old, temporary and unreferenced files on web server for sensitive information (OWASP WSTG-CON…☆162Updated last year