Alternatives and similar repositories for payloads:

Users that are interested in payloads are comparing it to the libraries listed below

• merttasci / weapons4pentester
  this repo contains required files for web application pentests
  ☆186Updated 8 years ago
• zseano / JS-Scan
  a .js scanner, built in php. designed to scrape urls and other info
  ☆213Updated 7 years ago
• jhaddix / XSS.png
  A XSS mind map ;)
  ☆86Updated 8 years ago
• Dhamuharker / Xss-
  Awesome XSS Payloads
  ☆84Updated 8 years ago
• cujanovic / CRLF-Injection-Payloads
  Payloads for CRLF Injection
  ☆223Updated 4 months ago
• ahmetgurel / Pentest-Hints
  Tips for Penetration Testing
  ☆107Updated last year
• zseano / InputScanner
  ☆241Updated 6 years ago
• danilabs / tools-tbhm
  Tools of "The Bug Hunters Methodology V2 by @jhaddix"
  ☆198Updated 7 years ago
• secdec / attack-surface-detector-burp
  The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
  ☆100Updated last year
• daeken / SSRFTest
  SSRF testing tool
  ☆245Updated 2 years ago
• appsecco / practical-recon-levelup0x02
  This repository contains all the material from the talk "Practical recon techniques for bug hunters & pentesters" given at Bugcrowd Level…
  ☆60Updated 6 years ago
• ethicalhackingplayground / Bug-Bounty-Tools
  The tools I have programmed to help me with bugbounty's
  ☆114Updated 5 years ago
• nahamsec / crtndstry
  Yet another subdomain finder
  ☆202Updated 5 years ago
• cihanmehmet / sub.sh
  Multiprocessing(Parallel)Subdomain Detect Script
  ☆333Updated last year
• jbarone / xxelab
  A simple web app with a XXE vulnerability.
  ☆225Updated 3 years ago
• random-robbie / bugbountydork
  Bug Bounty Dork
  ☆71Updated 3 years ago
• JordyZomer / autoSubTakeover
  A tool used to check if a CNAME resolves to the scope address. If the CNAME resolves to a non-scope address it might be worth checking ou…
  ☆135Updated last year
• R0X4R / D4rkXSS
  A list of useful payloads and Bypass for Web Application Security and Bug Bounty/CTF
  ☆165Updated 4 years ago
• ghostlulzhacks / waybackSqliScanner
  ☆191Updated 5 years ago
• 0xspade / Automated-Scanner
  Trying to make automated recon for bug bounties
  ☆252Updated 3 years ago
• rastating / dnmasscan
  A script that can resolve an input file of domains and scan them with masscan
  ☆157Updated 4 years ago
• In3tinct / See-SURF
  Python based scanner to find potential SSRF parameters
  ☆309Updated 10 months ago
• securityidiots / CollabOzark
  CollabOzark is a simple tool which helps the researchers track SSRF, RCE, Blind XSS, XXE, External Resource Access payloads triggers.
  ☆138Updated 5 years ago
• melvinsh / subresolve
  Resolve and quickly portscan a list of (sub)domains.
  ☆86Updated 8 years ago
• shiblisec / Rekon
  The project contains multiple shell scripts for automating the tasks during recon.
  ☆176Updated last year
• PortSwigger / xss-validator
  This is a burp intruder extender that is designed for automation and validation of XSS vulnerabilities.
  ☆87Updated 3 years ago
• gwen001 / BB-datas
  Tools and datas related to Bug Bounty.
  ☆231Updated 2 years ago
• EdOverflow / proof-of-concepts
  A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.
  ☆164Updated 5 years ago
• JGillam / burp-paramalyzer
  Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.
  ☆154Updated 2 years ago
• emadshanab / facebook-bug-bounty-writeups
  Facebook Bug Bounties
  ☆102Updated 3 years ago