a recon tool that allows searching on URLs that are exposed via shortener services
☆1,664Jan 23, 2025Updated last year
Alternatives and similar repositories for urlhunter
Users that are interested in urlhunter are comparing it to the libraries listed below
Sorting:
- Making Favicon.ico based Recon Great again !☆1,266Aug 29, 2023Updated 2 years ago
- BBT - Bug Bounty Tools (examples💡)☆1,883Apr 5, 2024Updated last year
- OSINT tools and more but without API key☆1,482Feb 15, 2026Updated 2 weeks ago
- reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and findin…☆7,259Updated this week
- Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing☆3,012Jun 24, 2024Updated last year
- Gotator is a tool to generate DNS wordlists through permutations.☆506Jul 17, 2022Updated 3 years ago
- Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application☆5,000Dec 21, 2024Updated last year
- The Swiss Army knife for automated Web Application Testing☆2,323May 8, 2024Updated last year
- GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep☆1,401Sep 13, 2024Updated last year
- 🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.☆4,859Updated this week
- The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, f…☆4,350Sep 30, 2024Updated last year
- Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.☆4,837Jan 1, 2025Updated last year
- declutters url lists for crawling/pentesting☆1,531Feb 23, 2025Updated last year
- A Python program to scrape secrets from GitHub through usage of a large repository of dorks.☆2,489Aug 3, 2024Updated last year
- Contextual Content Discovery Tool☆3,096Apr 29, 2024Updated last year
- Automation for javascript recon in bug bounty.☆1,069Sep 9, 2023Updated 2 years ago
- MassDNS wrapper written in go to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard filtering…☆1,598Updated this week
- Quickly discover exposed hosts on the internet using multiple search engines.☆2,827Updated this week
- Fetches javascript file from a list of URLS or subdomains.☆837Jul 22, 2025Updated 7 months ago
- reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via E…☆8,497Nov 16, 2025Updated 3 months ago
- a javascript change monitoring tool for bugbounties☆711Jul 31, 2024Updated last year
- A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.☆1,851May 20, 2024Updated last year
- A fast tool to scan CRLF vulnerability written in Go☆1,519Feb 23, 2026Updated last week
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆303Feb 12, 2023Updated 3 years ago
- A collection of hacks and one-off scripts☆2,424Mar 13, 2025Updated 11 months ago
- Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned ent…☆2,126Feb 23, 2026Updated last week
- Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.☆559Mar 8, 2025Updated 11 months ago
- DNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover☆852Feb 13, 2023Updated 3 years ago
- Hidden parameters discovery suite☆2,027Sep 8, 2024Updated last year
- gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, G…☆2,250Jun 10, 2025Updated 8 months ago
- An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and…☆802Jul 4, 2023Updated 2 years ago
- A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..e…☆1,024Feb 22, 2026Updated last week
- DNSGen is a powerful and flexible DNS name permutation tool designed for security researchers and penetration testers. It generates intel…☆1,053Jan 3, 2025Updated last year
- Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.☆6,082Aug 14, 2024Updated last year
- Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.☆2,029Jul 12, 2025Updated 7 months ago
- The fastest and complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, su…☆3,690Feb 20, 2026Updated last week
- Find endpoints on GitHub.☆214Mar 28, 2023Updated 2 years ago
- Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hu…☆2,339Jun 27, 2024Updated last year
- The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices☆641Jul 7, 2025Updated 7 months ago