17 repository-uri
Tools for finding hidden files, directories, and endpoints.
Explore 17 awesome GitHub repositories matching part of an awesome list · Content Discovery. Refine with filters or upvote what's useful.
Katana is a web crawler and spider designed for security reconnaissance and web application mapping. It functions as a utility for identifying endpoints, forms, and API structures across web targets by combining standard HTTP request traversal with headless browser automation to render dynamic, JavaScript-heavy content. The tool distinguishes itself through its ability to maintain authenticated sessions and handle complex web interactions, such as automated form submission and captcha resolution. It provides granular control over the discovery process, allowing users to define specific crawl
Next-generation crawling and spidering framework.
dirsearch is a command-line security tool and web path scanner used for discovering hidden directories and files on web servers. It functions as a recursive directory fuzzer and brute-force utility that identifies undocumented paths and sensitive files using wordlists and HTTP status codes. The tool distinguishes itself through template-driven path generation and an automated HTTP response filter that uses status codes, content length, and regex patterns to isolate valid targets. It supports recursive directory crawling to map complex web structures and provides state-persistence serializatio
Web path scanning utility.
Gobuster is a command-line security utility designed for brute-force discovery of hidden infrastructure and content. It operates by systematically testing wordlists against target network services to identify files, directories, subdomains, and cloud storage buckets. The tool utilizes a concurrent worker pool to execute these requests in parallel, ensuring efficient scanning across various network environments. The project distinguishes itself through a modular plugin architecture that supports multiple discovery modes, including HTTP, DNS, and TFTP. This design allows for protocol-agnostic r
Directory, file, DNS, and VHost busting tool.
ViewPagerIndicator is a set of reusable Android UI components designed to synchronize visual paging indicators with paginated view containers. It provides widgets that track a ViewPager to display the current page position and total page count. The project enables the customization of these indicators through themes, XML layout attributes, and direct method calls to align the visual appearance with an application's design. These components handle the dynamic generation of view elements based on page count and use scroll-position interpolation to animate transitions between active indicators.
Helps users discover the total amount of available pages via a persistent visual progress tracker.
Nikto is an open-source HTTP security auditing tool and web server vulnerability scanner. It functions as a reconnaissance engine designed to identify insecure server options, outdated software, and common vulnerabilities by analyzing HTTP responses. The project differentiates itself through capabilities for intrusion detection evasion and web server fingerprinting. It uses request-level encoding and timing spacers to bypass security filters and employs signature-based identification to determine specific server software versions and misconfigurations. The scanner covers broad capability are
Finds unlinked files and directory names through dictionary attacks and brute forcing to uncover hidden content.
Feroxbuster is an HTTP directory brute forcer and web resource enumerator designed to discover hidden files and directories on web servers. It functions as a recursive URL scanner that identifies unlinked endpoints and API resources by combining wordlist-based scanning with automated crawling. The tool operates as a proxy-aware fuzzer, allowing network requests to be routed through HTTP or SOCKS proxies for traffic interception or anonymity. It utilizes recursive directory crawling to automatically queue discovered paths and find nested content. The system includes capabilities for discovery
Fast, recursive content discovery tool.
Hakrawler is a command-line web spider tool designed for security reconnaissance, built to crawl target websites and extract hyperlinks along with JavaScript file references. As a focused reconnaissance utility, it collects every discoverable URL and script source from a given domain, mapping the attack surface for penetration testing and vulnerability assessment. The tool differentiates itself through its concurrent architecture: a fixed-size goroutine pool fetches pages in parallel, while CSS selectors parse HTML to extract anchor and script references. A depth-aware recursion limiter preve
Simple web crawler for endpoint and asset discovery.
Contextual Content Discovery Tool
Fast API endpoint brute-forcer.
Quickly discover exposed hosts on the internet using multiple search engines.
Discovers exposed hosts using search engine APIs.
Gospider - Fast web spider written in Go
Fast web spider written in Go.
Modern alternative to dirbuster/dirb
Modern alternative to traditional directory brute-forcers.
dirbuster-ng is C CLI implementation of the Java dirbuster tool
C-based CLI implementation of directory busting.
Vaf is a cross-platform very advanced and fast web fuzzer written in nim
Advanced web fuzzer written in Nim.
A Go implementation of dirsearch.
Go implementation of a web path scanner.
rapid content discovery tool for recursively querying webservers, handy in pentesting and web application assessments
Rapid recursive content discovery tool.
An extremely fast and flexible web fuzzer
Fast and flexible web fuzzer.