Subdosec is a fast, accurate subdomain takeover scanner with no false positives. It also offers a database of sites vulnerable to subdomain takeover (public results), along with detailed metadata like IP, CNAME, TITLE, and STATUS CODE for reconnaissance to identify potential new vulnerabilities.
☆58Updated this week
Alternatives and similar repositories for subdosec
Users that are interested in subdosec are comparing it to the libraries listed below
Sorting:
- Blind XSS SVG☆10Mar 27, 2023Updated 2 years ago
- Looks for parameters in urls☆34Oct 14, 2024Updated last year
- DomainTrail is a fast subdomain enumeration tool that uses effective passive and active techniques.☆41Apr 18, 2024Updated last year
- Get list of subsidiaries for a selected company☆31Dec 21, 2024Updated last year
- Detect Program Bug Bounty☆42Jun 12, 2025Updated 8 months ago
- All-in Fuzzer. Burp suite extension for auto fuzzing params, headers, body☆36Dec 13, 2025Updated 2 months ago
- A command-line utility for auditing DNS configuration using Zonemaster API☆32Aug 21, 2023Updated 2 years ago
- Reflected XSS Payload List for Vue.js (2 & 3)☆15Jan 12, 2023Updated 3 years ago
- ai-based domain name generation☆120Feb 3, 2025Updated last year
- A passive way to find backups/ sensitive information.☆87Jul 10, 2025Updated 7 months ago
- Template Nuclei SSTI☆34Nov 18, 2025Updated 3 months ago
- bounty collection☆41Sep 1, 2024Updated last year
- Tool for fetching all the available waybackmachine snapshot urls☆24Oct 8, 2024Updated last year
- ParamScan is a chrome extension for finding reflected parameters in a webpage.☆92Jan 11, 2025Updated last year
- Quaithe empowers you to execute multiple commands in parallel for blazing-fast performance.☆28Aug 20, 2023Updated 2 years ago
- Burp Suite extension that enhances Burp Active Scan by adding template engine specific SSTI payloads.☆24Feb 20, 2024Updated 2 years ago
- A python script to automatically dump files and source code of a Symfony server in debug mode.☆13Feb 11, 2025Updated last year
- ☆13Mar 6, 2025Updated 11 months ago
- A powerful Burp Suite extension that automatically detects JavaScript URLs from HTTP traffic, scans them using TruffleHog for secrets det…☆31Oct 23, 2025Updated 4 months ago
- Burp Suite extension to encode an IP address focused to bypass application IP / domain blacklist.☆11Sep 22, 2023Updated 2 years ago
- Acunetix automate telegram bot☆11Jul 19, 2024Updated last year
- Nuclei template and information about the POC for CVE-2024-25600☆31Feb 21, 2024Updated 2 years ago
- CVE-2023-4634☆46Sep 7, 2023Updated 2 years ago
- Scans remote JavaScript files with Trufflehog + Semgrep to detect leaked secrets☆137Jan 21, 2025Updated last year
- This repository contains the best fuzzing wordlist files☆34Dec 2, 2024Updated last year
- COLI (Command Orchestration & Logic Interface) – A visual orchestration layer for EWE, built for bug bounty automation. Create and run CL…☆36Oct 15, 2025Updated 4 months ago
- Sensitive Discoverer, a Burp extension to discovers sensitive information inside HTTP messages.☆50Jan 26, 2026Updated last month
- This python based tool can be used to discover API keys, access tokens, and other sensitive data in JavaScript files. It can scan JavaScr…☆14Oct 18, 2024Updated last year
- ToolShell scanner - CVE-2025-53770 and detection information☆18Dec 7, 2025Updated 2 months ago
- Pler - Domain Probe and Cloudflare Filter Tool. Pler is a simple yet powerful Python script to check whether a domain is using Cloudflare…☆22Aug 12, 2025Updated 6 months ago
- Js File Scanner☆11Mar 30, 2021Updated 4 years ago
- Subdomains scanner Spider☆13Feb 29, 2024Updated 2 years ago
- Bulk scanning tool for ServiceNow CVE-2024-4879 vulnerability☆10Jul 12, 2024Updated last year
- Python Script to Print the name of the companies that are acquired by a Target Company and the Time of Acquisition.☆26Dec 5, 2021Updated 4 years ago
- Get 10k subdomains in securitytrails using cookie without apikey.☆36Oct 23, 2025Updated 4 months ago
- burpsuite extension to analyze javascript files using semgrep☆12Feb 3, 2025Updated last year
- PySec Auditor is an open-source, Python-based tool designed to perform automated, fast, and informative web security audits. It was devel…☆23Nov 14, 2025Updated 3 months ago
- Quickly find all identities someone has used on their Github commits☆17Jul 28, 2024Updated last year
- A utility to fetch and display dns names from the SSL/TLS cert data☆16Aug 11, 2023Updated 2 years ago