Alternatives and similar repositories for XnlReveal

Users that are interested in XnlReveal are comparing it to the libraries listed below

• xnl-h4ck3r / xnldorker

  View on GitHub
  Gather results of dorks across a number of search engines
  ☆198Jan 22, 2026Updated 3 weeks ago
• kevin-mizu / domloggerpp

  View on GitHub
  A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.
  ☆769Dec 9, 2025Updated 2 months ago
• xnl-h4ck3r / GAP-Burp-Extension

  View on GitHub
  Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist
  ☆1,495Jan 8, 2026Updated last month
• xnl-h4ck3r / urless

  View on GitHub
  De-clutter a list of URLs
  ☆384Feb 3, 2026Updated 2 weeks ago
• xnl-h4ck3r / xnLinkFinder

  View on GitHub
  A python tool used to discover endpoints, potential parameters, a target specific wordlist for a given target and secrets
  ☆1,519Jan 15, 2026Updated last month
• xnl-h4ck3r / waymore

  View on GitHub
  Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan, VirusTotal, GhostArchive & Intelligence X!
  ☆2,533Feb 7, 2026Updated last week
• BishopFox / jsluice

  View on GitHub
  Extract URLs, paths, secrets, and other interesting bits from JavaScript
  ☆1,755May 22, 2024Updated last year
• xnl-h4ck3r / knoxnl

  View on GitHub
  This is a python wrapper around the amazing KNOXSS API by Brute Logic
  ☆279Jan 12, 2026Updated last month
• midoxnet / mapperplus

  View on GitHub
  MapperPlus facilitates the extraction of source code from a collection of targets that have publicly exposed .js.map files.
  ☆286Oct 5, 2024Updated last year
• robre / jsmon

  View on GitHub
  a javascript change monitoring tool for bugbounties
  ☆710Jul 31, 2024Updated last year
• 0x999-x / jsluicepp

  View on GitHub
  jsluice++ is a Burp Suite extension designed for passive and active scanning of JavaScript traffic using the CLI tool jsluice
  ☆292Apr 9, 2024Updated last year
• fransr / postMessage-tracker

  View on GitHub
  A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon
  ☆1,285Jan 26, 2024Updated 2 years ago
• projectmonke / shortnameguesser

  View on GitHub
  A tool to guess the rest of the shortnames provided by vulnerable IIS instances.
  ☆42Aug 12, 2023Updated 2 years ago
• bitquark / shortscan

  View on GitHub
  An IIS short filename enumeration tool
  ☆1,109Nov 25, 2024Updated last year
• orwagodfather / WordList

  View on GitHub
  ☆852Dec 26, 2025Updated last month
• sw33tLie / bbscope

  View on GitHub
  Scope aggregation tool for HackerOne, Bugcrowd, Intigriti, YesWeHack, and Immunefi!
  ☆1,264Updated this week
• wdahlenburg / VhostFinder

  View on GitHub
  Identify virtual hosts by similarity comparison
  ☆137Aug 12, 2024Updated last year
• hisxo / JSpector

  View on GitHub
  A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues
  ☆374Jul 25, 2023Updated 2 years ago
• 0xacb / recollapse

  View on GitHub
  REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications
  ☆1,288Aug 7, 2025Updated 6 months ago
• nullenc0de / paramhunter

  View on GitHub
  Looks for parameters in urls
  ☆34Oct 14, 2024Updated last year
• assetnote / surf

  View on GitHub
  Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …
  ☆749Dec 19, 2023Updated 2 years ago
• jthack / ffufai

  View on GitHub
  AI-powered ffuf wrapper
  ☆644Dec 4, 2025Updated 2 months ago
• xhzeem / toxicache

  View on GitHub
  Go scanner to find web cache poisoning vulnerabilities in a list of URLs
  ☆149Feb 21, 2024Updated last year
• Anof-cyber / ParaForge

  View on GitHub
  A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing
  ☆143Jun 27, 2023Updated 2 years ago
• edoardottt / csprecon

  View on GitHub
  Discover new target domains using Content Security Policy
  ☆501Feb 7, 2026Updated last week
• hakluke / hakoriginfinder

  View on GitHub
  Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!
  ☆973Jan 12, 2024Updated 2 years ago
• g0ldencybersec / sus_params

  View on GitHub
  ☆211Jul 11, 2024Updated last year
• s0md3v / uro

  View on GitHub
  declutters url lists for crawling/pentesting
  ☆1,524Feb 23, 2025Updated 11 months ago
• g0ldencybersec / gungnir

  View on GitHub
  CT Log Scanner
  ☆513Dec 26, 2025Updated last month
• francisconeves97 / jxscout

  View on GitHub
  jxscout superpowers JavaScript analysis for security researchers
  ☆372Feb 10, 2026Updated last week
• xnl-h4ck3r / ScriptView-Burp-Extension

  View on GitHub
  A Burp Extension that makes it easier to view all script code on a Response.
  ☆17Nov 12, 2023Updated 2 years ago
• Sh1Yo / x8

  View on GitHub
  Hidden parameters discovery suite
  ☆2,015Sep 8, 2024Updated last year
• ayadim / Nuclei-bug-hunter

  View on GitHub
  i will upload more templates here to share with the comunity.
  ☆567Apr 17, 2024Updated last year
• six2dez / OneListForAll

  View on GitHub
  Rockyou for web fuzzing
  ☆3,017Feb 11, 2026Updated last week
• BishopFox / sj

  View on GitHub
  A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.
  ☆721Feb 3, 2026Updated 2 weeks ago
• g0ldencybersec / CloudRecon

  View on GitHub
  ☆520Apr 29, 2024Updated last year
• KathanP19 / JSFScan.sh

  View on GitHub
  Automation for javascript recon in bug bounty.
  ☆1,067Sep 9, 2023Updated 2 years ago
• Dheerajmadhukar / 4-ZERO-3

  View on GitHub
  403/401 Bypass Methods + Bash Automation + Your Support ;)
  ☆1,567Jun 6, 2022Updated 3 years ago
• assetnote / nowafpls

  View on GitHub
  Burp Plugin to Bypass WAFs through the insertion of Junk Data
  ☆1,417Jul 14, 2025Updated 7 months ago