349 Open source projects that are alternatives of or similar to ksubdomain

A Python3 based single-file subdomain enumerator

A very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.

Subdomain Takeover tool written in Go

OneForAll是一款功能强大的子域收集工具

Fully automated offensive security framework for reconnaissance and vulnerability scanning

A python tool to check subdomain takeover vulnerability

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

RAS(RAndom Subdomain) Fuzzer

A Powerful Subdomain Takeover Tool

BugBounty Tool

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

A MongoDB importer and API for Project Sonars DNS datasets

DNSProb is a tool built on top of retryabledns that allows you to perform multiple dns queries of your choice with a list of user supplied resolvers.

MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.

Bucket Flaws ( S3 Bucket Mass Scanner ): A Simple Lightweight Script to Check for Common S3 Bucket Misconfigurations

The ldap2json script allows you to extract the whole LDAP content of a Windows domain into a JSON file.

mtdevise adds basecamp style user logins to your ruby on rails application.

XSS Payload without Anything.

Simultaneously execute various subdomain enumeration tools and aggregate results.

Para pencari bug / celah kemanan bisa bergabung.

Astra is a tool to find URLs and secrets inside a webpage/files

Signatures for jaeles scanner by @j3ssie

A vulnerability fuzzing tool written in bash, it contains the most commonly used tools to perform vulnerability scan

Collection grep patterns for Tom Hudson a.k.a Tomnomnom tools namely gf

goverview - Get an overview of the list of URLs

Modified Nuclei Templates Version to FUZZ Host Header

A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.

Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty

Tips and Tutorials for Bug Bounty and also Penetration Tests.

Full Nuclei automation script with logic explanation.

Framework for rapid development and reusable of security tools

This document proposes a way of standardising the structure, language, and grammar used in security policies.

🎉 Finally a subdomain localization that works how you want it to work. 🌐

SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.

HTTP fuzzer engine security oriented

Jasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.

This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.

Host Header Injection Checker

sub domain wild card filtering tool

Kubernetes Scanner

Little Bug Bounty & Hacking Tools⚔️

Subcert is an subdomain enumeration tool, that finds all the subdomains from certificate transparency logs.

Scan secrets from Continuous Integration Build Logs

Payload Arsenal for Pentration Tester and Bug Bounty Hunters

Swiftly search FDNS datasets from Rapid7 Open Data

Running nuclei Continuously

Find exposed API keys based on RegEx and get exploitation methods for some of keys that are found

Pentest/BugBounty progress control with scanning modules

Domain availbility checker

It's a Docker Environment for pentesting which having all the required tool for VAPT.

Messy BurpSuite plugin for SQL Truncation vulnerabilities.

Find host header injections and perform Host Header attacks with other kind of bugs like web cache poissoning

Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place

Http request smuggling vulnerability scanner

Intentionally vulnerable Android application.

VulWebaju is a platform that automates setting up your pen-testing environment for learning purposes.

Leverage the ability of Terraform and AWS or GCP to distribute large security scans across numerous cloud instances.

Dumain Bruteforcer - a fast and flexible domain bruteforcer

Pass in a list of URLs with query strings, get back a unique list of URLs and query string combinations