snallygaster by hannob

Tool to scan for secret files on HTTP servers

created at April 10, 2018, 12:01 p.m.

74 +0

2,076 +2

228 +0

pwngitmanager by allyshka

Git manager for pentesters

created at Feb. 25, 2016, 6:14 a.m.

6 +0

107 +0

22 +0

CSS-Keylogging by maxchehab

Chrome extension and Express server that exploits keylogging abilities of CSS.

created at Feb. 20, 2018, 6:19 p.m.

97 +0

3,216 +1

432 +0

GitMiner by UnkL4b

Tool for advanced mining for content on Github

created at Feb. 27, 2016, 12:30 p.m.

108 +0

2,092 +2

426 +0

DVCS-Pillage by evilpacket

Pillage web accessible GIT, HG and BZR repositories

created at June 18, 2011, 8:04 p.m.

16 +0

314 +0

60 +0

dvcs-ripper by kost

Rip web accessible (distributed) version control systems: SVN/GIT/HG...

created at Oct. 23, 2012, 4:55 a.m.

51 +0

1,706 +4

313 +0

HTTPLeaks by cure53

HTTPLeaks - All possible ways, a website can leak HTTP requests

created at April 17, 2015, 2:48 p.m.

90 +0

1,980 -1

202 +0

tplmap by epinna

Server-Side Template Injection and Code Injection Detection and Exploitation Tool

created at July 6, 2016, 8:33 p.m.

83 +1

3,794 +9

671 +1

sqlmap by sqlmapproject

Automatic SQL injection and database takeover tool

created at June 26, 2012, 9:52 a.m.

1,092 +1

32,589 +78

5,725 +10

xssor2 by evilcos

XSS'OR - Hack with JavaScript.

created at June 25, 2017, 6:32 a.m.

94 +0

2,129 +0

381 +0

aws_pwn by dagrz

A collection of AWS penetration testing junk

created at Oct. 18, 2016, 3:14 a.m.

52 +0

1,173 +0

194 +0

Astra by flipkart-incubator

Automated Security Testing For REST API's

created at Jan. 10, 2018, 11:56 a.m.

86 +0

2,512 +6

402 +1

JoomlaScan by drego85

A free software to find the components installed in Joomla CMS, built out of the ashes of Joomscan.

created at Feb. 11, 2016, 9:28 p.m.

20 +0

215 +0

68 -1

wpscan by wpscanteam

WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via contact@wpscan.com

created at July 11, 2012, 8:27 p.m.

268 +0

8,616 +14

1,266 -1

IPObfuscator by OsandaMalith

A simple tool to convert the IP to a DWORD IP

created at April 30, 2016, 11:32 p.m.

9 +0

138 +0

46 +0

charsetinspect by hack-all-the-things

A script that inspects multi-byte character sets looking for characters with specific user-defined properties

created at June 23, 2016, 3:09 p.m.

3 +0

26 +0

7 +0

wfuzz by xmendez

Web application fuzzer

created at Oct. 22, 2014, 9:23 p.m.

167 +0

5,968 +13

1,385 +0

VWGen by qazbnm456

Vulnerable Web applications Generator

created at April 12, 2016, 4:06 p.m.

7 +0

84 +0

18 +0

GSDF by We5ter

A domain searcher named GoogleSSLdomainFinder - 基于谷歌SSL透明证书的子域名查询工具

created at Dec. 19, 2016, 4:58 p.m.

7 +0

175 +0

57 +0

js-xss by leizongmin

Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist

created at Sept. 18, 2012, 2:05 p.m.

117 +0

5,218 +3

628 +0