ruby-web-vulnerability-tester

ruby-web-vulnerability-tester 🔎 Ruby Web Application Vulnera...

Haklistgen - Turns Any Junk Text Into A Usable Wordlist For Brute-Forcing

Turns any junk text into a usable wordlist for brute-forcing. Installation go install github.com/hakluke/haklistgen@latest Usage Examples Scrape all words out of an HTTP response to build a directory bruteforce wordlist: curl https://wikipedia.org | haklistgen Pipe a list of subdomains to it to...

Lazyrecon - Tool To Automate Your Reconnaissance Process In An Organized Fashion

Lazyrecon is a subdomain discovery tool that finds and resolves valid subdomains then performs SSRF/LFI/SQLi fuzzing, brute-force and port scanning. It has a simple modular architecture and is optimized for speed while working with github and wayback machine. Features Super fast asynchronous...

Spraygen - Password List Generator For Password Spraying

Password list generator for password spraying - prebaked with goodies Version 1.4 Generates permutations of Months, Seasons, Years, Sports Teams NFL, NBA, MLB, NHL, Sports Scores, "Password", and even Iterable Keyspaces of a specified size. All permutations are generated with common attributes...

Open Sesame - A Tool Which Runs To Display Random Publicly Disclosed Hackerone Reports When Bored

A python tool which runs to display random publicly disclosed Hackerone reports when bored. Automatically opens the report in browser. Contains Over 8k Publicly disclosed Hackerone reports and addtl. wordlist of 700 bug bounty writeups. This is a productivity tool for security enthusiasts and bug...

goGetBucket - A Penetration Testing Tool To Enumerate And Analyse Amazon S3 Buckets Owned By A Domain

When performing a recon on a domain - understanding assets they own is very important. AWS S3 bucket permissions have been confused time and time again, and have allowed for the exposure of sensitive material. What this tool does, is enumerate S3 bucket names using common patterns I have identifi...

Mentalist - Graphical Tool For Custom Wordlist Generation

Mentalist is a graphical tool for custom wordlist generation. It utilizes common human paradigms for constructing passwords and can output the full wordlist as well as rules compatible with Hashcat and John the Ripper. Install from Source Prerequisites Linux APT package manager Check if Python 3 ...

Doork - Google Dorks Passive Vulnerability Auditor

doork is a open-source passive vulnerability auditor tool that automates the process of searching on Google information about specific website based on dorks. doork can update his own database from ghdb and use it for find flaws without even contact the target endpoint. You can provide your custo...