volkandindar / agarthaView external linksLinks
A Burp Suite extension for identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violations. It supports dynamic payload generation, including BCheck syntax, and can automatically generate Bambdas scripts. Additionally, it offers "Copy as JavaScript" to convert HTTP requests for enhanced XSS testi…
☆394Feb 4, 2026Updated last week
Alternatives and similar repositories for agartha
Users that are interested in agartha are comparing it to the libraries listed below
Sorting:
- Useful "Match and Replace" burpsuite rules☆362Sep 26, 2023Updated 2 years ago
- Hidden parameters discovery suite☆225Nov 14, 2022Updated 3 years ago
- Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist☆1,495Jan 8, 2026Updated last month
- Nuclei plugin for BurpSuite☆1,318Oct 22, 2025Updated 3 months ago
- User-Agent , X-Forwarded-For and Referer SQLI Fuzzer☆382May 19, 2023Updated 2 years ago
- A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.☆185Nov 22, 2021Updated 4 years ago
- An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects☆971Dec 8, 2021Updated 4 years ago
- Simple python script supported with BurpBouty profile that helps you to detect SQL injection "Error based" by sending multiple requests w…☆631Jan 4, 2026Updated last month
- Hidden parameters discovery suite☆2,015Sep 8, 2024Updated last year
- An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and…☆800Jul 4, 2023Updated 2 years ago
- Smart context-based SSRF vulnerability scanner.☆361May 5, 2022Updated 3 years ago
- Jeeves SQLI Finder☆218May 13, 2022Updated 3 years ago
- A repository that includes all the important wordlists used while bug hunting.☆1,375Mar 11, 2023Updated 2 years ago
- 🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.☆427Updated this week
- 🚫 Advanced tool for security researchers to bypass 403/40X restrictions through smart techniques and adaptive request manipulation. Fast…☆1,490Feb 5, 2026Updated last week
- Awesome list of step by step techniques to achieve Remote Code Execution on various apps!☆1,940Oct 7, 2023Updated 2 years ago
- bypass-url-parser☆1,111Feb 7, 2026Updated last week
- declutters url lists for crawling/pentesting☆1,522Feb 23, 2025Updated 11 months ago
- Generate tens of thousands of subdomain combinations in a matter of seconds☆273Sep 25, 2023Updated 2 years ago
- Community curated list of nuclei templates for finding "unknown" security vulnerabilities.☆87May 2, 2024Updated last year
- Astra is a tool to find URLs and secrets inside a webpage/files☆212Mar 14, 2023Updated 2 years ago
- Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hac…☆1,148Jan 21, 2026Updated 3 weeks ago
- For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙☆1,817Jun 9, 2024Updated last year
- fuzzuli is a url fuzzing tool that aims to find critical backup files by creating a dynamic wordlist based on the domain.☆936Aug 24, 2023Updated 2 years ago
- Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load☆297Sep 22, 2024Updated last year
- Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one pl…☆1,038Aug 23, 2025Updated 5 months ago
- A Burp Suite extension to add OpenAI (GPT) on Burp and help you with your Bug Bounty recon to discover endpoints, params, URLs, subdomain…☆886May 3, 2023Updated 2 years ago
- A python tool used to discover endpoints, potential parameters, a target specific wordlist for a given target and secrets☆1,515Jan 15, 2026Updated last month
- Burp extension to create target specific and tailored wordlist from burp history.☆255Dec 8, 2021Updated 4 years ago
- Rockyou for web fuzzing☆3,014Aug 28, 2025Updated 5 months ago
- A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues☆373Jul 25, 2023Updated 2 years ago
- A cheat sheet that contains advanced queries for SQL Injection of all types.☆3,141May 13, 2023Updated 2 years ago
- 1337 Wordlists for Bug Bounty Hunting☆928Feb 9, 2026Updated last week
- Nuclei Templates to reproduce Cracking the lens's Research☆132Jan 8, 2022Updated 4 years ago
- Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!☆975Jan 12, 2024Updated 2 years ago
- Quickly discover exposed hosts on the internet using multiple search engines.☆2,824Jan 7, 2026Updated last month
- De-clutter a list of URLs☆384Feb 3, 2026Updated last week
- A replacement of "qsreplace", accepts URLs as standard input, replaces all query string values with user-supplied values and stdout.☆109Mar 1, 2022Updated 3 years ago
- SSRF plugin for burp Automates SSRF Detection in all of the Request☆610Jan 20, 2021Updated 5 years ago