61 matches found
bugbounty-toolkit
šÆ Bug Bounty Recon Toolkit Automated recon toolkit for author...
v3nomEyE
The All-in-One P1 Bug Bounty Reconnaissance & Exploitation...
vulnscanx_v2
ā” VulnScanX Advanced Vulnerability Scanning & Penetration...
reconauto
reconauto Automated b...
Exploit for OS Command Injection in Php
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā...
claude-code-pentest
claude-code-pentest 6 Claude Code skills that automate th...
Penetration-testing-toolkit
Python Penetration Testing Toolkit A Python-based penetration t...
HackTheBox-Penetration-Testing-Methodology
HackTheBox Penetration Testing Methodology by 9mmpterodacty...
ReconPi
This is a reconnaissance tool called ReconPi, designed for use on a Raspberry Pi or a VPS. The tool is written in Bash and uses various scripts to perform extensive reconnaissance on a target domain. The tool's primary function is to gather information about a target domain, including subdomains,...
awesome-termux-hacking
This is an awesome list of Termux hacking tools. It appears to be a collection of various tools and frameworks for penetration testing, vulnerability assessment, and exploitation. The list includes tools for tasks such as: Subdomain enumeration e.g., Sublist3r Vulnerability scanning e.g., w3af,...
DNSSEC NSEC. The accidental treasure map to your subdomains
TL;DR: DNSSEC secures DNS but may unintentionally expose domain structures via NSEC/NSEC3 records, enabling zone walking to enumerate subdomains. NSEC openly lists domain names, making enumeration easy. NSEC3 hashes names, making enumeration harder, but attackers can still crack weak...
Nodesub - Command-Line Tool For Finding Subdomains In Bug Bounty Programs
Nodesub is a command-line tool for finding subdomains in bug bounty programs. It supports various subdomain enumeration techniques and provides flexible options for customization. Features Perform subdomain enumeration using CIDR notation Support input list. Perform subdomain enumeration using AS...
Columbus-Server - API first subdomain discovery service, blazingly fast subdomain enumeration service with advanced features
Columbus Project is an API first subdomain discovery service, blazingly fast subdomain enumeration service with advanced features. Columbus returned 638subdomains of tesla.com in 0.231 sec. Usage By default Columbus returns only the subdomains in a JSON string array: curl...
Scriptkiddi3 - Streamline Your Recon And Vulnerability Detection Process With SCRIPTKIDDI3, A Recon And Initial Vulnerability Detection Tool Built Using Shell Script And Open Source Tools
Streamline your recon and vulnerability detection process with SCRIPTKIDDI3, A recon and initial vulnerability detection tool built using shell script and open source tools. How it works ā¢ Installation ā¢ Usage ā¢ MODES ā¢ For Developers ā¢ Credits Introducing SCRIPTKIDDI3, a powerful recon and initi...
Bbot - OSINT Automation For Hackers
BEEĀ·bot OSINT automation for hackers. BBOT is a recursive , modular OSINT framework written in Python. It is capable of executing the entire OSINT process in a single command, including subdomain enumeration, port scanning, web screenshots with its gowitness module, vulnerability scanning with...
LiveTargetsFinder - Generates Lists Of Live Hosts And URLs For Targeting, Automating The Usage Of MassDNS, Masscan And Nmap To Filter Out Unreachable Hosts And Gather Service Information
Generates lists of live hosts and URLs for targeting, automating the usage of Massdns, Masscan and nmap to filter out unreachable hosts Given an input file of domain names, this script will automate the usage of MassDNS to filter out unresolvable hosts, and then pass the results on to Masscan to...
GooFuzz - Tool To Perform Fuzzing With An OSINT Approach, Managing To Enumerate Directories, Files, Subdomains Or Parameters Without Leaving Evidence On The Target's Server With Google Dorking
Credits Author: M3n0sD0n4ld Twitter: @DavidUton Description: GooFuzz is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files or directories without making requests to the web server. Download and install: $ git clone...
Sub3Suite - A Free, Open Source, Cross Platform Intelligence Gathering Tool
Sub3 Suite is a research-grade suite of tools for Subdomain Enumeration, OSINT Information gathering & Attack Surface Mapping. Supports both manual and automated analysis on variety of target types with many available features & tools. For more information checkout the documentation Screenshots...
Jfscan - A Super Fast And Customisable Port Scanner, Based On Masscan And NMap
Killing features Scan with nmap fast! Allows you to scan targets with Masscan and run Nmap on discovered ports with possibility of custom options. Nmap on steroids. Allows to scan targets in multiple formats. Can output results in domain:port format. Works in stdin/stdout mode, so you can pipe...
Web-Attack-Cheat-Sheet
It is an offensive tool for web application security testing. The repository contains a comprehensive web attack cheat sheet, covering various techniques for discovering, enumerating, scanning, and monitoring web applications. The tool covers topics such as IP and subdomain enumeration, cache and...