NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+1636.94%)
ResourcesNo description or website provided.
Stars: ✭ 38 (-65.77%)
VhostscanA virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Stars: ✭ 767 (+590.99%)
SudomySudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 1,572 (+1316.22%)
JaelesThe Swiss Army knife for automated Web Application Testing
Stars: ✭ 1,073 (+866.67%)
request smugglerHttp request smuggling vulnerability scanner
Stars: ✭ 203 (+82.88%)
CorsmeCross Origin Resource Sharing MisConfiguration Scanner
Stars: ✭ 118 (+6.31%)
ReconftwreconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (+777.48%)
XspearPowerfull XSS Scanning and Parameter analysis tool&gem
Stars: ✭ 583 (+425.23%)
BlackwidowA Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (+699.1%)
RenginereNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
Stars: ✭ 3,439 (+2998.2%)
Jira-LensFast and customizable vulnerability scanner For JIRA written in Python
Stars: ✭ 185 (+66.67%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+6427.93%)
MobilehackersweaponsMobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting
Stars: ✭ 170 (+53.15%)
SudomySudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 859 (+673.87%)
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (+358.56%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (+27.93%)
Dalfox🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang
Stars: ✭ 791 (+612.61%)
Recon PipelineAn automated target reconnaissance pipeline.
Stars: ✭ 278 (+150.45%)
cf-checkCloudFlare Checker written in Go
Stars: ✭ 147 (+32.43%)
Webhackersweapons⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
Stars: ✭ 1,205 (+985.59%)
magicReconMagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.
Stars: ✭ 478 (+330.63%)
nuubiNuubi Tools (Information-ghatering|Scanner|Recon.)
Stars: ✭ 76 (-31.53%)
HolyTipsA Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
Stars: ✭ 1,210 (+990.09%)
targetsA collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.
Stars: ✭ 85 (-23.42%)
yafingeryet another web fingerprinter
Stars: ✭ 16 (-85.59%)
T1tl3A simple python script which can check HTTP status of branch of URLs/Subdomains and grab URLs/Subdomain title
Stars: ✭ 14 (-87.39%)
lachesis👨💻 A work-in-progress web services mass scanner written in Rust
Stars: ✭ 55 (-50.45%)
docker-testsslhttp://testssl.sh/ in a tiny docker container
Stars: ✭ 19 (-82.88%)
EagleMultithreaded Plugin based vulnerability scanner for mass detection of web-based applications vulnerabilities
Stars: ✭ 85 (-23.42%)
osmedeus-workflowCommunity Workflow for the Osmedeus Engine that describes basic reconnaissance methodology for you to build your own
Stars: ✭ 26 (-76.58%)
ldapconsoleThe ldapconsole script allows you to perform custom LDAP requests to a Windows domain.
Stars: ✭ 25 (-77.48%)
Qr-Code-Scanner-This is simple QR code scanner with Room Database. 100% written in Kotlin.
Stars: ✭ 19 (-82.88%)
pyimgscanTake any phone-taken picture and turn it into a document scan.
Stars: ✭ 48 (-56.76%)
aquatoneA Tool for Domain Flyovers
Stars: ✭ 43 (-61.26%)
shellsumA defense tool - detect web shells in local directories via md5sum
Stars: ✭ 30 (-72.97%)
ksubdomainSubdomain enumeration tool, asynchronous dns packets, use pcap to scan 1600,000 subdomains in 1 second
Stars: ✭ 320 (+188.29%)
hack-pet🐰 Managing command snippets for hackers/bug bounty hunters. with pet.
Stars: ✭ 77 (-30.63%)
DomainkerBugBounty Tool
Stars: ✭ 40 (-63.96%)
PayloadsPayload Arsenal for Pentration Tester and Bug Bounty Hunters
Stars: ✭ 421 (+279.28%)
AndroidSecNotesAn actively maintained, Self curated notes related to android application security for security professionals, bugbounty hunters, pentesters, reverse engineer, and redteamers.
Stars: ✭ 140 (+26.13%)
wiasaneScanner Access Now Easy - WIA Driver
Stars: ✭ 109 (-1.8%)
hinjectHost Header Injection Checker
Stars: ✭ 64 (-42.34%)
VulWebajuVulWebaju is a platform that automates setting up your pen-testing environment for learning purposes.
Stars: ✭ 53 (-52.25%)
daily-commonspeak2commonspeak2 subdomains wordlist generated daily **DEPRECATED** The author(s) of commonspeak2 maintain an official repo with more lists. Please use it instead: https://github.com/assetnote/wordlists
Stars: ✭ 38 (-65.77%)
citrixmash scannerA fast multi threaded scanner for Citrix ADC (NetScaler) CVE-2019-19781 - Citrixmash / Shitrix
Stars: ✭ 36 (-67.57%)
ScanShineScanShine - quickly take shining scans of your documents by using only your android phone. This scanner app takes pictures of docs, trims, enhances, and let you share them to your friends. Everything packed in an optimistic sunshine theme.
Stars: ✭ 19 (-82.88%)
log4shell-finderFastest filesystem scanner for log4shell (CVE-2021-44228, CVE-2021-45046) and other vulnerable (CVE-2017-5645, CVE-2019-17571, CVE-2022-23305, CVE-2022-23307 ... ) instances of log4j library. Excellent performance and low memory footprint.
Stars: ✭ 22 (-80.18%)
aneweranewer appends lines from stdin to a file if they don't already exist in the file. This is a rust version of https://github.com/tomnomnom/anew
Stars: ✭ 46 (-58.56%)
webcocktailAn automatic and lightweight web application scanning tool for CTF.
Stars: ✭ 28 (-74.77%)
CSArp-NetcutAn arpspoof program using Sharppcap
Stars: ✭ 93 (-16.22%)
PastebinMarkdownXSSXSS in pastebin.com and reddit.com via unsanitized markdown output
Stars: ✭ 84 (-24.32%)
PassiveScannera passive scanner based on Mitmproxy and Arachni
Stars: ✭ 108 (-2.7%)
PentestingMisc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (-78.38%)
frida setupOne-click installer for Frida and Burp certs for SSL Pinning bypass
Stars: ✭ 47 (-57.66%)
PSStringScannerProvides lexical scanning operations on a String
Stars: ✭ 45 (-59.46%)