xqd-ai
Follow
Stars
Taken urls and match words => return urls which true or false matched
403Bypasser is a simple plugin that lets you bypass 403 status code by transforming HTTP requests with custom templates.
An insane list of all dorks taken from everywhere from various different sources.
Automated way to extract juicy info with subfinder and waybackurls
Semi-automatic OSINT framework and package manager
IntelOwl: manage your Threat Intelligence at scale
E-mails, subdomains and names Harvester - OSINT
🔥 Web-application firewalls (WAFs) from security standpoint.
Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org https://twitter.com/owtfp
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
A multi-platform bug bounty toolkit that can be installed on Debian/Ubuntu or set up with Docker.
Automated Tool for Testing Header Based Blind SQL Injection
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Academic purposes only. Attack against Salesforce lightning with guest privilege.
Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.
Bug Bounty Methodology 2025: Tools, techniques, and steps to guide you through reconnaissance, enumeration, and testing.
Fetches javascript file from a list of URLS or subdomains.
Quickly generate context-specific wordlists for content discovery from lists of URLs or paths
Extract URLs, paths, secrets, and other interesting bits from JavaScript
Parse source code directories and output list of URLs that are then sent through a proxy.
Port of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.
A high performance go implementation of Wappalyzer Technology Detection Library
swagroutes is a command-line tool that extracts and lists API routes from Swagger files in YAML or JSON format.
Kaue-Navarro / CloudFlair
Forked from christophetd/CloudFlair🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.