Search
Collection
Category
Tag
Blog
Pricing
Submit

Newsletter

Join the Community

Subscribe to our newsletter for the latest news and updates

Email

AISecKit

Curated AI security tools & LLM safety resources for cybersecurity professionals

Product

Search
Collection
Category
Tag

Resources

Blog
Pricing
Submit

Tools

🔥Marathons Tools

Company

About Us
Privacy Policy
Terms of Service
Sitemap

Copyright © 2026 All Rights Reserved.

Home
Category
P1.Urls.sh

P1.Urls.sh

A fully automated, aggressive URL discovery and vulnerability scanning script for Bug Bounty & Penetration Testing.

Introduction

Information

Publisher
AISecKit
Websitegithub.com
Published date2025/04/28

Categories

Penetration Testing
Vulnerability Scanners
Bug Bounty Platforms

Tags

Open Source
Vulnerability Scanning
Bug Bounty
Penetration Testing

More Products

image of Phantom

DevSecOps ToolsPenetration TestingVulnerability Scanners

Phantom

A browser extension for SRC vulnerability mining, collecting sensitive information and suspicious clues from web pages.

Security Auditing Open Source Incident Response Vulnerability Scanning API Security+1

Exploiting AI

An introductory class on understanding AI security risks and mitigation strategies.

Prompt Injection Generative AI Red Team Testing Data Poisoning

Folly

Open-source LLM Prompt-Injection and Jailbreaking Playground for testing LLM security vulnerabilities.

Prompt Injection Open Source API Security Security Testing LLM Security+1

P1.Urls.sh

P1.Urls.sh is a high-performance, automated URL discovery and vulnerability scanning tool designed for penetration testers, bug bounty hunters, and security researchers.

Key Features:

Advanced URL Discovery: Extracts URLs from diverse sources like gau, katana, and waymore, ensuring comprehensive coverage of the target’s attack surface.
Smart URL Filtering & Validation: Merges and deduplicates URLs, removes unnecessary files, and verifies live endpoints using httpx.
Aggressive Vulnerability Detection: Classifies URLs by vulnerability type (XSS, SQLi, LFI, SSRF, Open Redirect) and scans for high-severity exploits using nuclei.
Real-Time Alerts: Sends detailed Telegram notifications when vulnerabilities are found, providing immediate action alerts.

Benefits:

Fast & Automated: Leverages multi-threading and rapid processing for high-speed scanning.
Deep URL Discovery: Reveals hidden and forgotten endpoints for thorough reconnaissance.
Open-Source & Customizable: Modify and enhance the script to fit your security research needs.

Highlights:

Supports single-domain scanning, batch processing of multiple domains, and subdomain enumeration.
Designed for speed and efficiency, making it a powerful tool for offensive security professionals and ethical hackers.