thehlopster / hfuzzLinks
Wordlist for web fuzzing, made from a variety of reliable sources including: result from my pentests, git.rip, ChatGPT, Lex, nuclei templates, web-scanners, seclist, bo0m, and more.
☆102Updated this week
Alternatives and similar repositories for hfuzz
Users that are interested in hfuzz are comparing it to the libraries listed below
Sorting:
- A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing☆140Updated 2 years ago
- Simplify your life with leak detection in JavaScript. NipeJS streamlines the use of regex, making it effortless to uncover potential leak…☆96Updated last year
- This Burp Suite extension allows for the automatic creation and deletion of an upstream SOCKS5 proxy on popular cloud services.☆244Updated 7 months ago
- CVE Collection of jQuery UI XSS Payloads☆118Updated 2 years ago
- A path-normalization pentesting tool.☆132Updated last month
- BChecks collection for Burp Suite Professional☆101Updated last year
- ☆135Updated 11 months ago
- CVE Collection of jQuery XSS Payloads☆74Updated 2 years ago
- Self-hosted passive subdomain continous monitoring tool.☆168Updated last year
- 403-bypass tool to bypass 403 responses.☆121Updated 2 years ago
- Fetches JavaScript files quickly and comprehensively.☆125Updated 2 years ago
- Custom wordlist, updated regularly☆108Updated this week
- ☆124Updated 2 months ago
- Parse FFUF results in GUI with option to sort based by response code , size , keyword☆98Updated last year
- Automatic Bug finder with buprsuite☆166Updated 2 years ago
- This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.☆81Updated last year
- Make URL path combinations using a wordlist☆170Updated 2 years ago
- A collection of useful lists for Penetration Testing & Bug Bounty - Content Discovery, Payloads, Variables, Sandbox Escaping, etc☆103Updated 7 months ago
- A burp suite extension that reviews backup, old, temporary and unreferenced files on web server for sensitive information (OWASP WSTG-CON…☆161Updated last year
- Go scanner to find web cache poisoning vulnerabilities in a list of URLs☆144Updated last year
- ☆249Updated 4 years ago
- A Lightning-Fast DNS Resolver written in Rust 🦀☆67Updated 11 months ago
- A powerful bash script for massive XSS scanning leveraging Brute Logic's KNOXSS API☆75Updated 9 months ago
- EndExt is a .go tool for extracting all the possible endpoints from the JS files☆216Updated last year
- ☆166Updated 2 years ago
- Describe how to use ffuf different options with examples☆89Updated 2 years ago
- A fast, minimalistic scanner for time-based SQL injection (SQLi) detection – built in Go.☆132Updated 5 months ago
- Bypass 403 pages☆117Updated last year
- All Type of Payloads☆134Updated last year
- Firebase_Checker is Python tool to analyze APK files and web applications for Firebase-related vulnerabilities. This tool identifies secu…☆47Updated last month