GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → R0X4R → Pinaak

R0X4R / Pinaak

Licence: MIT license
A vulnerability fuzzing tool written in bash, it contains the most commonly used tools to perform vulnerability scan

Programming Languages

shell
77523 projects

Labels

xss-vulnerabilitynucleivulnerabilitiesbugbountybash-scriptvulnerability-scannerssqlinjectionfind-vulnerabilitiesfastscanner

Projects that are alternatives of or similar to Pinaak

magicRecon
MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.
Stars: ✭ 478 (+592.75%)
Mutual labels:  xss-vulnerability, nuclei, bugbounty, bash-script, vulnerability-scanners
allsafe
Intentionally vulnerable Android application.
Stars: ✭ 135 (+95.65%)
Mutual labels:  vulnerabilities, bugbounty
bhedak
A replacement of "qsreplace", accepts URLs as standard input, replaces all query string values with user-supplied values and stdout.
Stars: ✭ 77 (+11.59%)
Mutual labels:  bugbounty, bash-script
SQLi-Query-Tampering
SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.
Stars: ✭ 123 (+78.26%)
Mutual labels:  bugbounty, sqlinjection
Bugs-feed
Bug's feed is a local hosted portal where you can search for the latest news, videos, CVEs, vulnerabilities...
Stars: ✭ 90 (+30.43%)
Mutual labels:  vulnerabilities, bugbounty
Jira-Lens
Fast and customizable vulnerability scanner For JIRA written in Python
Stars: ✭ 185 (+168.12%)
Mutual labels:  bugbounty, vulnerability-scanners
vulners-agent
Agent scanner for vulners.com
Stars: ✭ 62 (-10.14%)
Mutual labels:  vulnerabilities, vulnerability-scanners
Xss Payload List
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Stars: ✭ 2,617 (+3692.75%)
Mutual labels:  xss-vulnerability, bugbounty
XSS-Payload-without-Anything
XSS Payload without Anything.
Stars: ✭ 74 (+7.25%)
Mutual labels:  xss-vulnerability, bugbounty
nerdbug
Full Nuclei automation script with logic explanation.
Stars: ✭ 153 (+121.74%)
Mutual labels:  nuclei, bugbounty
AttackSurfaceManagement
Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty
Stars: ✭ 45 (-34.78%)
Mutual labels:  bugbounty, vulnerability-scanners
cent
Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place
Stars: ✭ 315 (+356.52%)
Mutual labels:  nuclei, bugbounty
Blind-SSRF
Nuclei Templates to reproduce Cracking the lens's Research
Stars: ✭ 111 (+60.87%)
Mutual labels:  nuclei, bugbounty
Nightingale
It's a Docker Environment for pentesting which having all the required tool for VAPT.
Stars: ✭ 119 (+72.46%)
Mutual labels:  vulnerabilities, bugbounty
inthewilddb
Hourly updated database of exploit and exploitation reports
Stars: ✭ 127 (+84.06%)
Mutual labels:  vulnerabilities, vulnerability-scanners
ochrona-cli
A command line tool for detecting vulnerabilities in Python dependencies and doing safe package installs
Stars: ✭ 46 (-33.33%)
Mutual labels:  vulnerabilities, vulnerability-scanners
leaky-paths
A collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.
Stars: ✭ 507 (+634.78%)
Mutual labels:  nuclei, bugbounty
SecExample
JAVA 漏洞靶场 (Vulnerability Environment For Java)
Stars: ✭ 228 (+230.43%)
Mutual labels:  xss-vulnerability, sqlinjection
scan-cli-plugin
Docker Scan is a Command Line Interface to run vulnerability detection on your Dockerfiles and Docker images
Stars: ✭ 135 (+95.65%)
Mutual labels:  vulnerabilities, vulnerability-scanners
Virtual-Host
Modified Nuclei Templates Version to FUZZ Host Header
Stars: ✭ 38 (-44.93%)
Mutual labels:  nuclei, bugbounty
View All Similar Projects ➔


Pinaak

A vulnerability fuzzing tool written in bash, it contains most commonly used tools to perform vulnerability scans.

A bash script that automatically finds vulnerable paramters on the basis of their patterns and run some most common used tools to find various vulnerabilities and it also uses nuclei which helps to find vulnerabilities on the basis of templates. Overall it helps you to find low hanging bugs.


sqlmapgf patternssmugglerOpenRedireXkxssqsreplacenucleidalfoxanewnotifyurldedupegaupluscrlfuzzffuf

Installation

Requirements: python3 and go-lang

runscan:~ sudo apt-get update
runscan:~ sudo apt-get install python3.8 python3-pip
runscan:~ sudo apt-get install golang-go

Make sure you're root before performing the installation

runscan:~ git clone https://github.com/R0X4R/Pinaak.git && cd Pinaak/ && chmod +x pinaak install.sh && mv pinaak /usr/bin/ && ./install.sh

If you get any error just copy the error and search on google this will make your debugging skills better ;)

Important (add these before using the tool you can do it by: sudo nano /usr/bin/pinaak)

header="" # please add custom header before using pinaak
intServer="" # please add interactsh server before using pinaak (http://test.interact.sh/)

Usage

Please use VPS because it makes a lot of traffic

runscan:~ ./pinaak -h

█▀█ █ █▄░█ ▄▀█ ▄▀█ █▄▀
█▀▀ █ █░▀█ █▀█ █▀█ █░█
coded by @R0X4R in INDIA

Usage: ./pinaak [options] [targetlist]
   -l  List of targets [must have webprobed earlier] (subfinder -d target.com | httpx -silent | anew targets.txt)
   -b  Add your xss server for Blind XSS finding [-b https://test.xss.ht] (you can get it from https://xsshunter.com/)
   -t  Number of threads [-t int] (default 100)

Example: ./pinaak -l [targetlist] -t [threads] -b [blind xss server]
runscan:~ subfinder -d target.com -all -threads 200 -silent | httpx -silent -threads 300 | anew -q targets.txt
runscan:~ pinaak -l ~/targets.txt -t 200 -b https://test.xss.ht

Donate

Thanks to the authors of the tools used in this script.

@tomnomnom @hahwul @projectdiscovery @devanshbatham @defparam @bp0lr @ameenmaali @dwisiswant0 @1ndianl33t @Emoe @sqlmapproject

Warning: This code was originally created for personal use, it generates a substantial amount of traffic, please use with caution

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].