Lists (9)
Sort Name ascending (A-Z)
Stars
Scan for misconfigured S3 buckets across S3-compatible APIs!
Dorks Eye Google Hacking Dork Scraping and Searching Script. Dorks Eye is a script I made in python 3. With this tool, you can easily find Google Dorks. Dork Eye collects potentially vulnerable web…
EndExt is a .go tool for extracting all the possible endpoints from the JS files
retrive metadata endpoint data with these one liners.
Collection of Scripts for shodan searching stuff.
aquatone results for sites with bug bountys
LazyHunter is an automated reconnaissance tool designed for bug hunters, leveraging Shodan's InternetDB and CVEDB APIs
CORSER is a Golang CLI Application for Advanced CORS Misconfiguration Detection
Scan for secrets, endpoints, and other sensitive data after decompiling and deobfuscating Android files. (.apk, .xapk, .dex, .jar, .class, .smali, .zip, .aar, .arsc, .aab, .jadx.kts).
This repository contains a simple vulnerability scanner for the Terrapin attack present in the paper "Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation".
DNSGen is a powerful and flexible DNS name permutation tool designed for security researchers and penetration testers. It generates intelligent domain name variations to assist in subdomain discove…
Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.
A curated list wordlists for bruteforcing and fuzzing
NucleiFuzzer is a robust automation tool that efficiently detects web application vulnerabilities, including XSS, SQLi, SSRF, and Open Redirects, leveraging advanced scanning and URL enumeration te…
ReconX is a powerful and user-friendly reconnaissance tool designed for security researchers and penetration testers. It provides a comprehensive suite of features for gathering information about t…
A tool designed to process dirsearch output and filter out duplicate or false positive URLs.
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static a…
AutoAR is a comprehensive web-based security scanning and vulnerability management platform that automates the process of reconnaissance and vulnerability assessment across multiple domains.
An enhanced OWASP Testing Guide v4.2 with tips, tricks, and new vulnerabilities not in the OWASP list. Features modular testing, actionable examples, and real-world scenarios for beginners and adva…
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.