Static-Flow / Gofingerprint
GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fingerprints.
Stars: ✭ 120
Projects that are alternatives of or similar to Gofingerprint
Minesweeper
A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (+35%)
Mutual labels: hacking, hacking-tool, bugbounty
Grecon
Your Google Recon is Now Automated
Stars: ✭ 119 (-0.83%)
Mutual labels: hacking, hacking-tool, bugbounty
Redteam Hardware Toolkit
🔺 Red Team Hardware Toolkit 🔺
Stars: ✭ 163 (+35.83%)
Mutual labels: hacking, hacking-tool, bugbounty
Nosqlmap
Automated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+1506.67%)
Mutual labels: hacking, hacking-tool, bugbounty
Crithit
Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (+51.67%)
Mutual labels: hacking, hacking-tool, bugbounty
Awesome Bbht
A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.
Stars: ✭ 190 (+58.33%)
Mutual labels: hacking, hacking-tool, bugbounty
Osmedeus
Fully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: ✭ 3,391 (+2725.83%)
Mutual labels: hacking, hacking-tool, bugbounty
Hosthunter
HostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (+255.83%)
Mutual labels: hacking, hacking-tool, bugbounty
Awesome Hacking Lists
平常看到好的渗透hacking工具和多领域效率工具的集合
Stars: ✭ 311 (+159.17%)
Mutual labels: hacking, hacking-tool, bugbounty
Vhostscan
A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Stars: ✭ 767 (+539.17%)
Mutual labels: hacking, hacking-tool, bugbounty
Interlace
Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Stars: ✭ 760 (+533.33%)
Mutual labels: hacking, hacking-tool, bugbounty
Pentesting Bible
Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
Stars: ✭ 8,981 (+7384.17%)
Mutual labels: hacking, hacking-tool, bugbounty
Cloakify
CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (+846.67%)
Mutual labels: hacking, hacking-tool
Dr0p1t Framework
A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks
Stars: ✭ 1,132 (+843.33%)
Mutual labels: hacking, hacking-tool
Givingstorm
Infection vector that bypasses AV, IDS, and IPS. (For now...)
Stars: ✭ 72 (-40%)
Mutual labels: hacking, hacking-tool
Resources
A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-48.33%)
Mutual labels: hacking, bugbounty
Chaos
🔥 CHAOS is a Remote Administration Tool that allow generate binaries to control remote operating systems.
Stars: ✭ 1,168 (+873.33%)
Mutual labels: hacking, hacking-tool
Sandmap
Nmap on steroids. Simple CLI with the ability to run pure Nmap engine, 31 modules with 459 scan profiles.
Stars: ✭ 1,180 (+883.33%)
Mutual labels: hacking, hacking-tool
gofingerprint
GoFingerprint helps quickly indentify web servers by checking their HTTP responses against a user defined list of fingerprints. Whether it's trying to determine which servers in your recon set are bootspring or testing for a specific response from a payload, gf is the tool for you!
Thanks to @nahamsec https://github.com/nahamsec for the tool idea!
usage options
-badpath string
The intentional 404 path to hit each target with to get a response. (default "/sfdrbdbdb")
-body string
Data to send in the request body
-debug
Enable to see any errors with fetching targets
-fingerprints string
JSON file containing fingerprints to search for.
-method string
which HTTP request to make the request with. (default "GET")
-output string
Directory to output files (default "./")
-timeout int
timeout for connecting to servers (default 10)
-workers int
Number of workers to process urls (default 20)
basic usage
cat targets | gofingerprint -fingerprints ./fingerprints.json
fingerprint file format (example can be found in fingerprints directory)
[
{
"name": "<UNIQUE NAME OF FINGERPRINT>",
"fingerprint" : ["<SEARCH TEXT USED TO ID SERVICE OR PRODUCT>"] #allows multiple fingerprints
}
]
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].