Subdomain3A new generation of tool for discovering subdomains( ip , cdn and so on)
Stars: ✭ 605 (-16.32%)
RegisterGrab your own sweet-looking '.is-a.dev' subdomain
Stars: ✭ 470 (-34.99%)
AmassIn-depth Attack Surface Mapping and Asset Discovery
Stars: ✭ 1,693 (+134.16%)
LionLion is a fast HTTP router for building modern scalable modular REST APIs in Go
Stars: ✭ 750 (+3.73%)
SonarsearchA MongoDB importer and API for Project Sonars DNS datasets
Stars: ✭ 297 (-58.92%)
AspnetcoresubdomainSimple usage lib for subdomain routing in ASP.NET Core/Framework MVC
Stars: ✭ 157 (-78.28%)
Bugcrowd Levelup Subdomain EnumerationThis repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference
Stars: ✭ 513 (-29.05%)
cve-2016-1764Extraction of iMessage Data via XSS
Stars: ✭ 52 (-92.81%)
Js.orgDedicated to JavaScript and its awesome community since 2015
Stars: ✭ 3,996 (+452.7%)
ReconftwreconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (+34.72%)
Behold3r👻Behold3r -- 收集指定网站的子域名,并可监控指定网站的子域名更新情况,发送变更报告至指定邮箱
Stars: ✭ 29 (-95.99%)
Can I Take Over Xyz"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
Stars: ✭ 2,808 (+288.38%)
K8cscanK8Cscan大型内网渗透自定义插件化扫描神器,包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用,程序采用多线程批量扫描大型内网多个IP段C段主机,目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本,支持Cobalt Strike联动
Stars: ✭ 693 (-4.15%)
dheaterD(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange.
Stars: ✭ 142 (-80.36%)
Domain hunterA Burp Suite Extension that try to find all sub-domain, similar-domain and related-domain of an organization automatically! 基于流量自动收集整个企业或组织的子域名、相似域名、相关域名的burp插件
Stars: ✭ 594 (-17.84%)
MassdnsA high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
Stars: ✭ 2,093 (+189.49%)
Dictionary Of PentestingDictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
Stars: ✭ 492 (-31.95%)
Tld.jsJavaScript API to work easily with complex domain names, subdomains and well-known TLDs.
Stars: ✭ 399 (-44.81%)
SubtakeAutomatic finder for subdomains vulnerable to takeover. Written in Go, based on @haccer's subjack.
Stars: ✭ 104 (-85.62%)
OneforallOneForAll是一款功能强大的子域收集工具
Stars: ✭ 4,202 (+481.19%)
FIDLA sane API for IDA Pro's decompiler. Useful for malware RE and vulnerability research
Stars: ✭ 421 (-41.77%)
sub404A python tool to check subdomain takeover vulnerability
Stars: ✭ 205 (-71.65%)
DomainkerBugBounty Tool
Stars: ✭ 40 (-94.47%)
Tldextract[DEPRECATED] Library for extraction of domain parts e.g. TLD. Domain parser that uses Public Suffix List
Stars: ✭ 218 (-69.85%)
aemscanAdobe Experience Manager Vulnerability Scanner
Stars: ✭ 161 (-77.73%)
Anubis🔓Subdomain enumeration and information gathering tool
Stars: ✭ 722 (-0.14%)
SuboverA Powerful Subdomain Takeover Tool
Stars: ✭ 607 (-16.04%)
VulnogramVulnogram is a tool for creating and editing CVE information in CVE JSON format
Stars: ✭ 103 (-85.75%)
TeemoA Domain Name & Email Address Collection Tool
Stars: ✭ 595 (-17.7%)
GsdfA domain searcher named GoogleSSLdomainFinder - 基于谷歌SSL透明证书的子域名查询工具
Stars: ✭ 155 (-78.56%)
AmassIn-depth Attack Surface Mapping and Asset Discovery
Stars: ✭ 6,284 (+769.16%)
astam-correlatorVulnerability consolidation and management tool, enhances scan results by merging different findings of the same weakness across multiple static/dynamic scans
Stars: ✭ 22 (-96.96%)
ShufflednsshuffleDNS is a wrapper around massdns written in go that allows you to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard handling and easy input-output support.
Stars: ✭ 498 (-31.12%)
Pigatpigat ( Passive Intelligence Gathering Aggregation Tool ) 被动信息收集聚合工具
Stars: ✭ 140 (-80.64%)
Darkeye渗透测试情报收集工具
Stars: ✭ 467 (-35.41%)
rsGenrsGen is a Reverse Shell Payload Generator for hacking.
Stars: ✭ 71 (-90.18%)
AiodnsbrutePython 3.5+ DNS asynchronous brute force utility
Stars: ✭ 370 (-48.82%)
gvm-toolsRemote control your Greenbone Community Edition or Greenbone Enterprise Appliance
Stars: ✭ 143 (-80.22%)
CelerystalkAn asynchronous enumeration & vulnerability scanner. Run all the tools on all the hosts.
Stars: ✭ 333 (-53.94%)
AcamarA Python3 based single-file subdomain enumerator
Stars: ✭ 89 (-87.69%)
GetaltnameExtract subdomains from SSL certificates in HTTPS sites.
Stars: ✭ 320 (-55.74%)
vrt-rubyRuby library for interacting with Bugcrowd's VRT
Stars: ✭ 15 (-97.93%)
OsmedeusFully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: ✭ 3,391 (+369.02%)
SubjackSubdomain Takeover tool written in Go
Stars: ✭ 1,194 (+65.15%)
k-domainsA simple module to manage multiple subdomains with just one project
Stars: ✭ 41 (-94.33%)
AggressorLadon for Cobalt Strike, Large Network Penetration Scanner, vulnerability / exploit / detection / MS17010 / password/brute-force/psexec/atexec/sshexec/webshell/smbexec/netcat/osscan/netscan/struts2Poc/weblogicExp
Stars: ✭ 228 (-68.46%)
SpoodleA mass subdomain (Subbrute) + poodle vulnerability scanner
Stars: ✭ 66 (-90.87%)
gradejsGradeJS analyzes production Webpack bundles without having access to the source code of a website. Instantly see vulnerabilities, outdated packages, and more just by entering a web application URL.
Stars: ✭ 362 (-49.93%)
ras-fuzzerRAS(RAndom Subdomain) Fuzzer
Stars: ✭ 42 (-94.19%)
koa-subdomainSimple and lightweight Koa middleware to handle multilevel and wildcard subdomains
Stars: ✭ 23 (-96.82%)
DnsprobeDNSProb is a tool built on top of retryabledns that allows you to perform multiple dns queries of your choice with a list of user supplied resolvers.
Stars: ✭ 221 (-69.43%)
FierceA DNS reconnaissance tool for locating non-contiguous IP space.
Stars: ✭ 1,072 (+48.27%)