ReconftwreconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (+92.11%)
flydnsRelated subdomains finder
Stars: ✭ 29 (-94.28%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+1329.19%)
vafVaf is a cross-platform very advanced and fast web fuzzer written in nim
Stars: ✭ 294 (-42.01%)
Dictionary Of PentestingDictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
Stars: ✭ 492 (-2.96%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (-71.99%)
LazyreconAn automated approach to performing recon for bug bounty hunting and penetration testing.
Stars: ✭ 282 (-44.38%)
Pentesterspecialdict渗透测试人员专用精简化字典 Dictionary for penetration testers happy hacker
Stars: ✭ 391 (-22.88%)
Blind-SSRFNuclei Templates to reproduce Cracking the lens's Research
Stars: ✭ 111 (-78.11%)
RenginereNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
Stars: ✭ 3,439 (+578.3%)
WordlistsInfosec Wordlists
Stars: ✭ 271 (-46.55%)
Crlf Injection ScannerCommand line tool for testing CRLF injection on a list of domains.
Stars: ✭ 91 (-82.05%)
fuzzmostall manner of wordlists
Stars: ✭ 23 (-95.46%)
wordlistsAggregated wordlist pulled from commonly used tools for discovery, enumeration, fuzzing, and exploitation.
Stars: ✭ 94 (-81.46%)
BerserkerA list of useful payloads for Web Application Security and Pentest/CTF
Stars: ✭ 212 (-58.19%)
ras-fuzzerRAS(RAndom Subdomain) Fuzzer
Stars: ✭ 42 (-91.72%)
ScanApiSubdomains-enumeration, subdomain-takeover monitoring api and S3 bucket scanner.
Stars: ✭ 34 (-93.29%)
SourceWolfAmazingly fast response crawler to find juicy stuff in the source code! 😎🔥
Stars: ✭ 132 (-73.96%)
roboxtractorExtract endpoints marked as disallow in robots files to generate wordlists.
Stars: ✭ 40 (-92.11%)
nuubiNuubi Tools (Information-ghatering|Scanner|Recon.)
Stars: ✭ 76 (-85.01%)
PayloadsAllA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 31 (-93.89%)
ShadowCloneUnleash the power of cloud
Stars: ✭ 224 (-55.82%)
HolyTipsA Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
Stars: ✭ 1,210 (+138.66%)
AutoreconSimple shell script for automated domain recognition with some tools
Stars: ✭ 244 (-51.87%)
SitedorksSearch Google/Bing/Ecosia/DuckDuckGo/Yandex/Yahoo for a search term with a default set of websites, bug bounty programs or a custom collection.
Stars: ✭ 221 (-56.41%)
Awesome BbhtA bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.
Stars: ✭ 190 (-62.52%)
project-blackPentest/BugBounty progress control with scanning modules
Stars: ✭ 279 (-44.97%)
goverviewgoverview - Get an overview of the list of URLs
Stars: ✭ 93 (-81.66%)
osmedeus-workflowCommunity Workflow for the Osmedeus Engine that describes basic reconnaissance methodology for you to build your own
Stars: ✭ 26 (-94.87%)
ParamspiderMining parameters from dark corners of Web Archives
Stars: ✭ 781 (+54.04%)
GetjsA tool to fastly get all javascript sources/files
Stars: ✭ 190 (-62.52%)
awesome-api-securityA collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
Stars: ✭ 2,079 (+310.06%)
IntruderpayloadsA collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
Stars: ✭ 2,779 (+448.13%)
sx🖖 Fast, modern, easy-to-use network scanner
Stars: ✭ 1,267 (+149.9%)
OffensiveCloudDistributionLeverage the ability of Terraform and AWS or GCP to distribute large security scans across numerous cloud instances.
Stars: ✭ 86 (-83.04%)
nozakiHTTP fuzzer engine security oriented
Stars: ✭ 37 (-92.7%)
3klconAutomation Recon tool which works with Large & Medium scopes. It performs more than 20 tasks and gets back all the results in separated files.
Stars: ✭ 189 (-62.72%)
apkizerapkizer is a mass downloader for android applications for all available versions.
Stars: ✭ 40 (-92.11%)
nclnuclei framework scripts
Stars: ✭ 25 (-95.07%)
WhoEnumMass querying whois records
Stars: ✭ 24 (-95.27%)
magicReconMagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.
Stars: ✭ 478 (-5.72%)
SubWalkerSimultaneously execute various subdomain enumeration tools and aggregate results.
Stars: ✭ 26 (-94.87%)
rbusteryet another dirbuster
Stars: ✭ 21 (-95.86%)
Sub-DrillA very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.
Stars: ✭ 70 (-86.19%)
ICUAn Extended, Modulair, Host Discovery Framework
Stars: ✭ 40 (-92.11%)
centCommunity edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place
Stars: ✭ 315 (-37.87%)
CommandGenInterfaceSimple vueJS based command generator which I developed in order to learn vueJS a little bit more.
Stars: ✭ 17 (-96.65%)
PinaakA vulnerability fuzzing tool written in bash, it contains the most commonly used tools to perform vulnerability scan
Stars: ✭ 69 (-86.39%)
Virtual-HostModified Nuclei Templates Version to FUZZ Host Header
Stars: ✭ 38 (-92.5%)
Reconky-Automated Bash ScriptReconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
Stars: ✭ 167 (-67.06%)
XrcrossXRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing. This tool was built to test (XSS|SSRF|CORS|SSTI|IDOR|RCE|LFI|SQLI) vulnerabilities
Stars: ✭ 175 (-65.48%)
Intrec PackIntelligence and Reconnaissance Package/Bundle installer.
Stars: ✭ 177 (-65.09%)
rejigTurn your VPS into an attack box
Stars: ✭ 33 (-93.49%)
nerdbugFull Nuclei automation script with logic explanation.
Stars: ✭ 153 (-69.82%)
spellbookFramework for rapid development and reusable of security tools
Stars: ✭ 67 (-86.79%)