Gourlex is a simple tool that can be used to extract URLs and paths from web pages.
☆247Mar 28, 2024Updated last year
Alternatives and similar repositories for gourlex
Users that are interested in gourlex are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- The perfect butler for pentesters, bug-bounty hunters and security researchers☆93Feb 20, 2026Updated last month
- Ultimate Tasks Automation Framework for Hackers, DevSecOps, Pentesters, and Bug-bounty hunters!☆154Sep 23, 2025Updated 6 months ago
- Burp extension to track your current IP address. Extension focused for red teams where the attacker needs to log all used IP addresses.☆26Nov 2, 2025Updated 4 months ago
- The Most Advanced Client-Side Prototype Pollution Scanner☆248Updated this week
- ☆20Jun 26, 2024Updated last year
- SubDominator helps you discover subdomains associated with a target domain efficiently and with minimal impact for your Bug Bounty☆740Jan 25, 2026Updated last month
- DockerSpy searches for images on Docker Hub and extracts sensitive information such as authentication secrets, private keys, and more.☆244Jul 31, 2024Updated last year
- A PoC code for JSON Smuggling technique to smuggle arbitrary files through JSON☆115Mar 27, 2024Updated last year
- NucleiFuzzer is a robust automation tool that efficiently detects web application vulnerabilities, including XSS, SQLi, SSRF, and Open Re…☆1,826Aug 20, 2025Updated 7 months ago
- SubCerts is a simple tool that uses certificate transparency logs (via crt.sh) to extract subdomains of a given domain.☆75Jan 6, 2026Updated 2 months ago
- ☆569Mar 28, 2024Updated last year
- Advanced Time-based Blind SQL Injection fuzzer for HTTP Headers☆312Mar 31, 2024Updated last year
- Gouge is a simple Burp extension to extract or gouge all URLs which are seen in JS files as you visit different websites/webpages in Burp…☆28Jul 21, 2024Updated last year
- Header Exploitation HTTP☆723Updated this week
- LogSnare: A playground for testing, preventing, and logging IDOR vulnerabilities.☆33Mar 4, 2024Updated 2 years ago
- Chiasmodon is an OSINT tool designed to assist in the process of gathering information about a target domain. Its primary functionality …☆664May 10, 2025Updated 10 months ago
- 📲 Apepe is a project developed to help to capture informations from a Android app through his APK file. It can be used to extract the co…☆140Oct 15, 2025Updated 5 months ago
- hauditor is a tool designed to analyze the security headers returned by a web page.☆177Jul 6, 2024Updated last year
- A rapid HTTP downgrade smuggling scanner written in Go.☆313May 16, 2024Updated last year
- This is a python wrapper around the amazing KNOXSS API by Brute Logic☆284Mar 6, 2026Updated 2 weeks ago
- All-sources tool to search websites by favicons☆188Nov 9, 2024Updated last year
- how to look for Leaked Credentials !☆1,035May 6, 2024Updated last year
- HTTP 403 bypass tool☆615Mar 16, 2024Updated 2 years ago
- Exploit for CVE-2024-3273, supports single and multiple hosts☆13Apr 7, 2024Updated last year
- Process URLs and remove duplicate query parameters.☆27Mar 19, 2024Updated 2 years ago
- subBruter is a tool designed to efficiently probe for alive subdomins from a provided wordlist.☆27Jan 29, 2024Updated 2 years ago
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…☆166Oct 28, 2025Updated 4 months ago
- Morgan is a powerful tool designed to help security researchers, developers, and security auditors identify sensitive information, vulner…☆56Feb 2, 2025Updated last year
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …☆755Dec 19, 2023Updated 2 years ago
- LEAKEY is a bash script which checks and validates for leaked credentials. The idea behind LEAKEY is to make it highly customizable and e…☆377Dec 5, 2023Updated 2 years ago
- Tool to parse subdomains from dmarc.live☆150Apr 19, 2024Updated last year
- SAPLAR - LFI & Path Traversal Scanner☆15Mar 11, 2025Updated last year
- fuzzuli is a url fuzzing tool that aims to find critical backup files by creating a dynamic wordlist based on the domain.☆936Aug 24, 2023Updated 2 years ago
- A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing☆143Jun 27, 2023Updated 2 years ago
- The IoT security toolkit to help identify IoT related dashboards and scan them for default passwords and vulnerabilities.☆194Nov 26, 2024Updated last year
- OSINT tool to crawl a site and extract useful recon info.☆459Aug 13, 2025Updated 7 months ago
- Passively check for XSS character encodings☆18Mar 9, 2026Updated 2 weeks ago
- jsleak is a tool to find secret , paths or links in the source code during the recon.☆581Sep 25, 2025Updated 5 months ago
- Automated OSINT on SwaggerHub☆251Jan 16, 2024Updated 2 years ago