Alternatives and similar repositories for of-CORS

Users that are interested in of-CORS are comparing it to the libraries listed below

• AethliosIK / reset-tolkien

  View on GitHub
  Unsecure time-based secret exploitation and Sandwich attack implementation Resources
  ☆148Dec 9, 2024Updated last year
• fyoorer / ShadowClone

  View on GitHub
  Unleash the power of cloud
  ☆821Nov 19, 2024Updated last year
• trickest / dsieve

  View on GitHub
  Filter and enrich a list of subdomains by level
  ☆210Sep 25, 2023Updated 2 years ago
• BishopFox / sj

  View on GitHub
  A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.
  ☆721Feb 3, 2026Updated 2 weeks ago
• resyncgg / ripgen

  View on GitHub
  Rust-based high performance domain permutation generator.
  ☆297Dec 2, 2023Updated 2 years ago
• fransr / hot-jar-swapping-urlclassloader

  View on GitHub
  Demo of the URLClassLoader JAR-swapping showing the ability to replace and exploit an already loaded JAR with inner classes
  ☆32Dec 10, 2022Updated 3 years ago
• 0xacb / recollapse

  View on GitHub
  REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications
  ☆1,288Aug 7, 2025Updated 6 months ago
• c3l3si4n / godeclutter

  View on GitHub
  Declutters URLs in a fast and flexible way, for improving input for web hacking automations such as crawlers and vulnerability scans.
  ☆59Jan 22, 2023Updated 3 years ago
• dsecuredcom / yataf

  View on GitHub
  yataf extracts secrets and paths from files or urls - its best used against javascript files
  ☆52Sep 11, 2024Updated last year
• hakluke / hakoriginfinder

  View on GitHub
  Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!
  ☆973Jan 12, 2024Updated 2 years ago
• matanber / mnmlsm

  View on GitHub
  A cybersecurity challenge, based on a real world finding
  ☆12Jul 11, 2024Updated last year
• forcesunseen / graphquail

  View on GitHub
  Burp Suite extension that offers a toolkit for testing GraphQL endpoints.
  ☆203Aug 5, 2024Updated last year
• xnl-h4ck3r / XnlReveal

  View on GitHub
  A Chrome/Firefox browser extension to show alerts for reflected query params, show Wayback archive links for the current path, show hidde…
  ☆434Oct 16, 2025Updated 4 months ago
• nccgroup / UninstalledAppCanary

  View on GitHub
  A Canary which fires when uninstalled
  ☆34Mar 16, 2021Updated 4 years ago
• s0md3v / uro

  View on GitHub
  declutters url lists for crawling/pentesting
  ☆1,524Feb 23, 2025Updated 11 months ago
• g0ldencybersec / CloudRecon

  View on GitHub
  ☆520Apr 29, 2024Updated last year
• devanshbatham / FavFreak

  View on GitHub
  Making Favicon.ico based Recon Great again !
  ☆1,261Aug 29, 2023Updated 2 years ago
• xnl-h4ck3r / urless

  View on GitHub
  De-clutter a list of URLs
  ☆384Feb 3, 2026Updated 2 weeks ago
• gwen001 / related-domains

  View on GitHub
  Find related domains of a given domain.
  ☆103Aug 5, 2023Updated 2 years ago
• dsecuredcom / ffufPostprocessing

  View on GitHub
  Golang tool which helps dropping the irrelevant entries from your ffuf result file.
  ☆141Sep 16, 2024Updated last year
• sw33tLie / bbscope

  View on GitHub
  Scope aggregation tool for HackerOne, Bugcrowd, Intigriti, YesWeHack, and Immunefi!
  ☆1,264Updated this week
• dillonfranke / protoburp

  View on GitHub
  Encode and Fuzz Custom Protobuf Messages in Burp Suite
  ☆36Mar 4, 2025Updated 11 months ago
• ZephrFish / PotUtils

  View on GitHub
  ☆16Dec 7, 2025Updated 2 months ago
• assetnote / surf

  View on GitHub
  Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …
  ☆749Dec 19, 2023Updated 2 years ago
• ZephrFish / ChunkyIngress

  View on GitHub
  Leverages B64 chunks to split files and save to clipboard
  ☆26Dec 7, 2025Updated 2 months ago
• Moopinger / smugglefuzz

  View on GitHub
  A rapid HTTP downgrade smuggling scanner written in Go.
  ☆313May 16, 2024Updated last year
• Sh1Yo / x8

  View on GitHub
  Hidden parameters discovery suite
  ☆2,015Sep 8, 2024Updated last year
• nccgroup / jwt-reauth

  View on GitHub
  ☆105Jan 3, 2023Updated 3 years ago
• Th0h0 / autopoisoner

  View on GitHub
  Web cache poisoning vulnerability scanner.
  ☆72May 5, 2022Updated 3 years ago
• edoardottt / csprecon

  View on GitHub
  Discover new target domains using Content Security Policy
  ☆501Feb 7, 2026Updated last week
• BishopFox / jsluice

  View on GitHub
  Extract URLs, paths, secrets, and other interesting bits from JavaScript
  ☆1,755May 22, 2024Updated last year
• MindPatch / lorsrf

  View on GitHub
  Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load
  ☆297Sep 22, 2024Updated last year
• BBhacKing / jwt_secrets

  View on GitHub
  A list of "secrets" from JWT sample code and readme files.
  ☆57Oct 28, 2020Updated 5 years ago
• nikitastupin / orgs-data

  View on GitHub
  Mapping from bug bounty and vulnerability disclosure programs to respective GitHub organizations
  ☆85Updated this week
• xnl-h4ck3r / waymore

  View on GitHub
  Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan, VirusTotal, GhostArchive & Intelligence X!
  ☆2,533Feb 7, 2026Updated last week
• projectdiscovery / fuzzing-templates

  View on GitHub
  Community curated list of nuclei templates for finding "unknown" security vulnerabilities.
  ☆87May 2, 2024Updated last year
• hahwul / RegexPassive

  View on GitHub
  🔭 Collection of regexp pattern for security passive scanning
  ☆116Feb 18, 2023Updated 2 years ago
• JetP1ane / Affinis

  View on GitHub
  Recurrent Neural Network SubDomain Discovery Tool
  ☆95Sep 20, 2022Updated 3 years ago
• mschwager / route-detect

  View on GitHub
  Find authentication (authn) and authorization (authz) security bugs in web application routes.
  ☆282Sep 11, 2025Updated 5 months ago