ReconftwreconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (+379.8%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (-30.05%)
Recon PipelineAn automated target reconnaissance pipeline.
Stars: ✭ 278 (+36.95%)
MobilehackersweaponsMobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting
Stars: ✭ 170 (-16.26%)
Dalfox🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang
Stars: ✭ 791 (+289.66%)
JaelesThe Swiss Army knife for automated Web Application Testing
Stars: ✭ 1,073 (+428.57%)
BlackwidowA Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (+336.95%)
VhostscanA virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Stars: ✭ 767 (+277.83%)
magicReconMagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.
Stars: ✭ 478 (+135.47%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+3469.46%)
Webhackersweapons⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
Stars: ✭ 1,205 (+493.6%)
Jira-LensFast and customizable vulnerability scanner For JIRA written in Python
Stars: ✭ 185 (-8.87%)
SudomySudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 1,572 (+674.38%)
Awesome-HTTPRequestSmugglingA curated list of awesome blogs and tools about HTTP request smuggling attacks. Feel free to contribute! 🍻
Stars: ✭ 97 (-52.22%)
cf-checkCloudFlare Checker written in Go
Stars: ✭ 147 (-27.59%)
jsleaka Go code to detect leaks in JS files via regex patterns
Stars: ✭ 111 (-45.32%)
CorsmeCross Origin Resource Sharing MisConfiguration Scanner
Stars: ✭ 118 (-41.87%)
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (+150.74%)
XspearPowerfull XSS Scanning and Parameter analysis tool&gem
Stars: ✭ 583 (+187.19%)
nuubiNuubi Tools (Information-ghatering|Scanner|Recon.)
Stars: ✭ 76 (-62.56%)
ResourcesNo description or website provided.
Stars: ✭ 38 (-81.28%)
SudomySudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 859 (+323.15%)
NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+849.75%)
RenginereNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
Stars: ✭ 3,439 (+1594.09%)
monetaMoneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs
Stars: ✭ 384 (+89.16%)
apkizerapkizer is a mass downloader for android applications for all available versions.
Stars: ✭ 40 (-80.3%)
EmissarySend notifications on different channels such as Slack, Telegram, Discord etc.
Stars: ✭ 33 (-83.74%)
N-WEBWEB PENETRATION TESTING TOOL 💥
Stars: ✭ 56 (-72.41%)
micro-sentryTiny Sentry client with idiomatic wrapper for Angular
Stars: ✭ 100 (-50.74%)
rc-scannerRemote control your police scanner
Stars: ✭ 22 (-89.16%)
PSMemoryAutomation Capable Multi Search 64 Bit Windows Memory Scanner
Stars: ✭ 25 (-87.68%)
ICUAn Extended, Modulair, Host Discovery Framework
Stars: ✭ 40 (-80.3%)
rejigTurn your VPS into an attack box
Stars: ✭ 33 (-83.74%)
BugBountyHuntingScriptsI built some bash functions to help me while doing mundane and repetitive tasks using BBRF, Nuclei or other Bug bounty tool.
Stars: ✭ 160 (-21.18%)
pnscanPeter's Parallel Network Scanner
Stars: ✭ 117 (-42.36%)
dontgo403Tool to bypass 40X response codes.
Stars: ✭ 457 (+125.12%)
flydnsRelated subdomains finder
Stars: ✭ 29 (-85.71%)
Bug-HuntingA Collection of Notes, Methodologies, POCs and everything else related to Bug Hunting.
Stars: ✭ 110 (-45.81%)
flex-bison-indentationAn example of how to correctly parse python-like indentation-scoped files using flex (and bison).
Stars: ✭ 32 (-84.24%)
Bugs-feedBug's feed is a local hosted portal where you can search for the latest news, videos, CVEs, vulnerabilities...
Stars: ✭ 90 (-55.67%)
ioc-scannerSearch a filesystem for indicators of compromise (IoC).
Stars: ✭ 31 (-84.73%)
PayloadsAllA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 31 (-84.73%)
sslscannerSSL Scanner written in Crystal
Stars: ✭ 18 (-91.13%)
roboxtractorExtract endpoints marked as disallow in robots files to generate wordlists.
Stars: ✭ 40 (-80.3%)
xssfinderToolset for detecting reflected xss in websites
Stars: ✭ 105 (-48.28%)
sgCheckupsgCheckup generates nmap output based on scanning your AWS Security Groups for unexpected open ports.
Stars: ✭ 77 (-62.07%)
CleanSCANA simple, smart and efficient document scanner for Android
Stars: ✭ 151 (-25.62%)
urldedupePass in a list of URLs with query strings, get back a unique list of URLs and query string combinations
Stars: ✭ 208 (+2.46%)
WhoEnumMass querying whois records
Stars: ✭ 24 (-88.18%)
boxerBoxer: A fast directory bruteforce tool written in Python with concurrency.
Stars: ✭ 15 (-92.61%)
memory signatureA small wrapper class providing an unified interface to search for various memory signatures
Stars: ✭ 69 (-66.01%)
SourceWolfAmazingly fast response crawler to find juicy stuff in the source code! 😎🔥
Stars: ✭ 132 (-34.98%)
DNTScanner.CoreDNTScanner.Core is a .NET 4x and .NET Core 2x+ wrapper for the Windows Image Acquisition library.
Stars: ✭ 54 (-73.4%)
InventusInventus is a spider designed to find subdomains of a specific domain by crawling it and any subdomains it discovers.
Stars: ✭ 80 (-60.59%)
gosintGosint is a distributed asset information collection and vulnerability scanning platform
Stars: ✭ 344 (+69.46%)
bhedakA replacement of "qsreplace", accepts URLs as standard input, replaces all query string values with user-supplied values and stdout.
Stars: ✭ 77 (-62.07%)
ForerunnerFast and extensible network scanning library featuring multithreading, ping probing, and scan fetchers.
Stars: ✭ 39 (-80.79%)
gradejsGradeJS analyzes production Webpack bundles without having access to the source code of a website. Instantly see vulnerabilities, outdated packages, and more just by entering a web application URL.
Stars: ✭ 362 (+78.33%)
pywhatcmsUnofficial WhatCMS API package
Stars: ✭ 42 (-79.31%)