Trickest Workflow for discovering log4j vulnerabilities and gathering the newest community payloads.
☆112Feb 16, 2022Updated 4 years ago
Alternatives and similar repositories for log4j
Users that are interested in log4j are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Automated Recon Tool Installer☆16Jun 29, 2022Updated 3 years ago
- parse ffuf & map endpoints to wordlists☆21Feb 25, 2021Updated 5 years ago
- Combine words from two wordlist files and concatenate them with an optional delimiter☆39Sep 25, 2023Updated 2 years ago
- Create your own recon & vulnerability scanner with Trickest and GitHub☆48Sep 25, 2023Updated 2 years ago
- Magic Header Blind Xss tool (deliver blind xss payloads in request headers).☆25May 30, 2021Updated 4 years ago
- Generate tens of thousands of subdomain combinations in a matter of seconds☆273Sep 25, 2023Updated 2 years ago
- Filter and enrich a list of subdomains by level☆210Sep 25, 2023Updated 2 years ago
- Archive of Potential Insider Threats☆153Sep 25, 2023Updated 2 years ago
- A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.☆184Nov 22, 2021Updated 4 years ago
- Basic implementation of certstream to print new subdomains and domains☆36Jul 6, 2021Updated 4 years ago
- Find CVE PoCs on GitHub☆161Aug 1, 2025Updated 7 months ago
- Top level domain scanner in Go☆30Sep 24, 2023Updated 2 years ago
- Python Script to Print the name of the companies that are acquired by a Target Company and the Time of Acquisition.☆26Dec 5, 2021Updated 4 years ago
- GET-ACQ is a python tool used to gather all companies acquired by a given company domain name. It is done by calling SecurityTrails API.☆12Nov 10, 2021Updated 4 years ago
- This includes all the templates of nuclei collected from different sources☆18Dec 30, 2022Updated 3 years ago
- Burp Suite Extensions☆12Oct 19, 2021Updated 4 years ago
- Asset inventory of over 800 public bug bounty programs.☆1,525Feb 14, 2025Updated last year
- Finding XSS during recon☆272Sep 13, 2022Updated 3 years ago
- Nuclei templates for K8S security scanning☆101Dec 2, 2021Updated 4 years ago
- security.txt collection of most popular world-wide domains☆56Sep 25, 2023Updated 2 years ago
- List all public repositories for (valid) GitHub usernames☆77Sep 25, 2023Updated 2 years ago
- ⚡ Golang library for quick make pentest tools☆15Apr 7, 2025Updated 11 months ago
- VMware Workspace ONE Access and Identity Manager RCE via SSTI - Test script for shodan, file or manual.☆16Feb 13, 2024Updated 2 years ago
- ☆12Jan 4, 2022Updated 4 years ago
- Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one pl…☆1,039Aug 23, 2025Updated 7 months ago
- ☆27Mar 18, 2020Updated 6 years ago
- Find unicode codepoints to use in normalisation and transformation attacks.☆11Mar 15, 2021Updated 5 years ago
- Scripts/tools to destroy things☆17Sep 13, 2021Updated 4 years ago
- A tool to perform permutations, mutations and alteration of subdomains in golang.☆156Nov 24, 2023Updated 2 years ago
- ☆18Apr 7, 2022Updated 3 years ago
- Tool for CVE-2022-1388☆14May 13, 2022Updated 3 years ago
- A burp-suite plugin that extract all parameter names from in-scope requests☆29Nov 9, 2021Updated 4 years ago
- Mine URLs from Browser's Heap Snapshot for fun and profit☆64Aug 9, 2023Updated 2 years ago
- A modular URL deduplication tool.☆19Feb 19, 2025Updated last year
- Easy discovery of assets☆13Jun 22, 2022Updated 3 years ago
- Passively check for XSS character encodings☆18Mar 9, 2026Updated 2 weeks ago
- My Custom made Nuceli-Templates☆22Aug 5, 2025Updated 7 months ago
- Manage attack surface data on Elasticsearch☆25Nov 20, 2023Updated 2 years ago
- Advanced reconnaissance framework for bug bounty hunters - Automate subdomain enumeration, vulnerability scanning, and security reconnais…☆58Updated this week