☄️ParamScan is a simple Chrome extension for web security enthusiasts and pen testers. It helps you find URL parameters in a webpage's source code and check if any of them are reflected on the page. This is super useful for spotting potential XSS vulnerabilities and other security issues.

🔖https://github.com/ch1y0w0/ParamScan

☄️URLFinder is a high-speed, passive URL discovery tool designed to simplify and accelerate web asset discovery, ideal for penetration testers, security researchers, and developers looking to gather URLs without active scanning.

⚡️https://github.com/projectdiscovery/urlfinder

☄️ TLDFinder - A focused tool designed for discovering private TLDs, making it an essential resource for security researchers. Simplify your exploration with precision and efficiency!

⚠️https://github.com/projectdiscovery/tldfinder

Do give reaction on the post guys, it helped me to stay motivated and to post content like this.🥸

⚡️Zzl - A powerful reconnaissance tool for subdomain discovery through SSL certificates.

✨Key Feature:
Zzl scans IP ranges and extracts subdomains from SSL certificates, making it an essential tool for thorough reconnaissance and security research.

☄️https://github.com/DEMON1A/zzl

⭐Find open redirect vulnerabilities with gf
By @ofjaaah

🚫Here’s a cool one-liner to help find open redirect vulnerabilities. All you need is to provide the target domain name:

echo "tesla.com" | waybackurls | httpx -silent -timeout 2 -threads 100 | gf redirect | anew

🔵This is what the command does in detail:
1. Collect all URLs of the target domain from the Wayback Machine
2. Attempt to download all the URLs quickly in 100 parallel threads in order to identify working URLs
3. For all working URLs, match any potentially vulnerable parameters to open redirect
4. Print out only unique, potentially vulnerable URLs

🚫Add the file appsettings.jsont to your wordlist, and you might discover some juicy data. Enjoy! ❓ @NoRed0x