Subdomains analysis and generation tool. Reveal the hidden!
☆244Jun 8, 2025Updated 8 months ago
Alternatives and similar repositories for probable_subdomains
Users that are interested in probable_subdomains are comparing it to the libraries listed below
Sorting:
- Automated learning of regexes for DNS discovery☆390Feb 18, 2023Updated 3 years ago
- User-Agent , X-Forwarded-For and Referer SQLI Fuzzer☆382May 19, 2023Updated 2 years ago
- Opensource assets and vulnerability scanning tool☆186Jan 20, 2026Updated last month
- Find subdomains on GitLab.☆106Apr 28, 2024Updated last year
- Never forget where you inject.☆298Aug 15, 2025Updated 6 months ago
- Generate tens of thousands of subdomain combinations in a matter of seconds☆273Sep 25, 2023Updated 2 years ago
- mx-takeover focuses DNS MX records and detects misconfigured MX records.☆357Jul 17, 2023Updated 2 years ago
- Smart context-based SSRF vulnerability scanner.☆360May 5, 2022Updated 3 years ago
- Filter URLs to save your time.☆60Jul 29, 2022Updated 3 years ago
- Gotator is a tool to generate DNS wordlists through permutations.☆506Jul 17, 2022Updated 3 years ago
- i will upload more templates here to share with the comunity.☆567Apr 17, 2024Updated last year
- fuzzuli is a url fuzzing tool that aims to find critical backup files by creating a dynamic wordlist based on the domain.☆937Aug 24, 2023Updated 2 years ago
- Community curated list of nuclei templates for finding "unknown" security vulnerabilities.☆89May 2, 2024Updated last year
- Subdomain enumeration tool, asynchronous dns packets, use pcap to scan 1600,000 subdomains in 1 second☆1,176Feb 27, 2026Updated last week
- A lightweight tool for orchestrating and organizing your bug hunting recon / pentesting command-line workflows☆300Sep 8, 2023Updated 2 years ago
- A python tool used to discover endpoints, potential parameters, a target specific wordlist for a given target and secrets☆1,529Jan 15, 2026Updated last month
- Real world bug bounty wordlists☆116Jul 20, 2023Updated 2 years ago
- De-clutter a list of URLs☆385Feb 3, 2026Updated last month
- Fast and customizable subdomain wordlist generator using DSL☆929Feb 5, 2026Updated last month
- This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contai…☆534Dec 4, 2024Updated last year
- Simple python script supported with BurpBouty profile that helps you to detect SQL injection "Error based" by sending multiple requests w…☆631Feb 22, 2026Updated last week
- Real-world infosec wordlists, updated regularly☆1,642Updated this week
- EndExt is a .go tool for extracting all the possible endpoints from the JS files☆219Jul 14, 2024Updated last year
- Find endpoints on GitHub.☆214Mar 28, 2023Updated 2 years ago
- Find related domains of a given domain.☆104Aug 5, 2023Updated 2 years ago
- 1337 Wordlists for Bug Bounty Hunting☆932Updated this week
- Standalone utility for service discovery on open ports!☆733Jan 13, 2026Updated last month
- Looks for parameters in urls��☆34Oct 14, 2024Updated last year
- Burp Suite's extension to scan and crawl Single Page Applications☆107Apr 14, 2023Updated 2 years ago
- Web cache poisoning vulnerability scanner.☆73May 5, 2022Updated 3 years ago
- jsleak is a tool to find secret , paths or links in the source code during the recon.☆577Sep 25, 2025Updated 5 months ago
- Use favicons to improve your target recon phase. Quickly detect technologies, WAF, exposed panels, known services.☆233Feb 2, 2026Updated last month
- Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!☆978Jan 12, 2024Updated 2 years ago
- jsubfinder searches webpages for javascript & analyzes them for hidden subdomains and secrets (wip).☆280Jan 15, 2025Updated last year
- Help recon of hostnames from specific ASN or CIDR, thanks to Robtex and BGP.HE☆53Oct 25, 2024Updated last year
- Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist☆1,500Jan 8, 2026Updated last month
- An automated tool which can simultaneously crawl, fill forms, trigger error/debug pages and "loot" secrets out of the client-facing code …☆407Jan 22, 2025Updated last year
- A Burp Suite extension for identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violati…☆395Feb 18, 2026Updated 2 weeks ago
- Rockyou for web fuzzing☆3,028Feb 11, 2026Updated 3 weeks ago