xssor2 by evilcos

XSS'OR - Hack with JavaScript.

updated at June 5, 2024, 1:12 p.m.

95 +0

2,104 +2

378 +0

JShell by UltimateHackers

JShell - Get a JavaScript shell with XSS.

updated at June 5, 2024, 3:38 p.m.

25 +0

505 +1

141 +0

EyeWitness by ChrisTruncer

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

updated at June 5, 2024, 5:52 p.m.

0 +0

2 +1

0 +0

dtd-finder by GoSecure

List DTDs and generate XXE payloads using those local DTDs.

updated at June 5, 2024, 5:57 p.m.

14 +0

587 +1

104 +0

xray by evilsocket

XRay is a tool for recon, mapping and OSINT gathering from public networks.

updated at June 6, 2024, 1:31 a.m.

79 +0

2,161 +3

295 +0

snallygaster by hannob

Tool to scan for secret files on HTTP servers

updated at June 6, 2024, 2:46 a.m.

75 +0

2,031 +3

229 -2

singularity by nccgroup

A DNS rebinding attack framework.

updated at June 6, 2024, 5:58 a.m.

32 +0

992 +2

136 +1

aws_pwn by dagrz

A collection of AWS penetration testing junk

updated at June 6, 2024, 6:07 a.m.

51 +0

1,126 +2

187 +0

GSIL by FeeiCN

GitHub Sensitive Information Leakage（GitHub敏感信息泄露监控）

updated at June 6, 2024, 6:12 a.m.

62 +0

2,112 +2

486 +0

domato by googleprojectzero

DOM fuzzer

updated at June 6, 2024, 7:03 a.m.

68 +0

1,649 +0

271 +0

aquatone by michenriksen

A Tool for Domain Flyovers

updated at June 6, 2024, 10:45 a.m.

135 +0

5,512 +6

864 +0

dvcs-ripper by kost

Rip web accessible (distributed) version control systems: SVN/GIT/HG...

updated at June 6, 2024, 10:56 a.m.

52 +0

1,652 +1

309 +0

fuzz.txt by Bo0oM

Potentially dangerous files

updated at June 6, 2024, 12:49 p.m.

85 +0

2,808 +0

477 +0

acra by cossacklabs

Database security suite. Database proxy with field-level encryption, search through encrypted data, SQL injections prevention, intrusion detection, honeypots. Supports client-side and proxy-side ("transparent") encryption. SQL, NoSQL.

updated at June 6, 2024, 1:23 p.m.

40 +0

1,307 +2

127 +0

whonow by brannondorsey

A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)

updated at June 6, 2024, 5:25 p.m.

22 +0

615 +3

102 +0

subDomainsBrute by lijiejie

A fast sub domain brute tool for pentesters

updated at June 7, 2024, 12:43 a.m.

116 +0

3,402 +3

1,008 +0

js-xss by leizongmin

Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist

updated at June 7, 2024, 5:24 a.m.

117 +0

5,128 +4

632 +1

commix by commixproject

Automated All-in-One OS Command Injection Exploitation Tool.

updated at June 7, 2024, 5:42 a.m.

161 -1

4,380 +3

800 +0

ReconDog by UltimateHackers

Reconnaissance Swiss Army Knife

updated at June 7, 2024, 7:54 a.m.

82 +0

1,726 +4

337 +0

Raccoon by evyatarmeged

A high performance offensive security tool for reconnaissance and vulnerability scanning

updated at June 7, 2024, 8:20 a.m.

109 +0

3,024 +3

393 +1