tinfoleak by vaguileradiaz

The most complete open-source tool for Twitter intelligence analysis

updated at Nov. 17, 2024, 4:38 a.m.

73 +0

1,932 +3

270 +1

prowler by prowler-cloud

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more

updated at Nov. 17, 2024, 3:11 a.m.

130 +0

10,847 +39

1,543 +3

retire.js by RetireJS

scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.

updated at Nov. 17, 2024, 3:04 a.m.

83 -1

3,692 +6

417 +0

bXSS by LewisArdern

bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.

updated at Nov. 17, 2024, 2:45 a.m.

14 +0

518 +5

64 +0

juice-shop by juice-shop

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

updated at Nov. 17, 2024, 2:16 a.m.

161 +0

10,468 +20

10,939 +47

gitleaks by gitleaks

Protect and discover secrets using Gitleaks 🔑

updated at Nov. 17, 2024, 2:12 a.m.

163 +0

17,953 +114

1,469 +6

radare2 by radareorg

UNIX-like reverse engineering framework and command-line toolset

updated at Nov. 17, 2024, 1:24 a.m.

488 +1

20,710 +33

3,006 +3

mitmproxy by mitmproxy

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

updated at Nov. 17, 2024, 12:42 a.m.

624 +0

36,847 +91

4,041 +6

dirhunt by Nekmo

Find web directories without bruteforce

updated at Nov. 16, 2024, 11:46 p.m.

33 +0

1,770 +5

255 +0

aquatone by michenriksen

A Tool for Domain Flyovers

updated at Nov. 16, 2024, 11:32 p.m.

136 +0

5,643 +2

885 +2

Raccoon by evyatarmeged

A high performance offensive security tool for reconnaissance and vulnerability scanning

updated at Nov. 16, 2024, 11:31 p.m.

108 +0

3,090 +2

400 +0

DOMPurify by cure53

DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:

updated at Nov. 16, 2024, 11:22 p.m.

151 -1

14,021 +40

726 +3

a2sv by hahwul

Auto Scanning to SSL Vulnerability

updated at Nov. 16, 2024, 10:36 p.m.

46 +0

627 +1

169 +0

domato by googleprojectzero

DOM fuzzer

updated at Nov. 16, 2024, 10:14 p.m.

67 +0

1,695 +9

278 +0

social_mapper by Greenwolf

A Social Media Enumeration & Correlation Tool by Jacob Wilkin(Greenwolf)

updated at Nov. 16, 2024, 8:30 p.m.

225 +0

3,808 +2

788 +0

bug-bounty-reference by ngalongc

Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature

updated at Nov. 16, 2024, 7:50 p.m.

239 +0

3,754 +4

988 -1

webshell by tennc

This is a webshell open source project

updated at Nov. 16, 2024, 6:10 p.m.

488 +0

10,123 +15

5,574 +1

ReconDog by UltimateHackers

Reconnaissance Swiss Army Knife

updated at Nov. 16, 2024, 4:05 p.m.

83 +0

1,814 +5

340 +0

XSStrike by UltimateHackers

Most advanced XSS scanner.

updated at Nov. 16, 2024, 3:25 p.m.

274 +0

13,376 +28

1,906 +3

fuzzdb by fuzzdb-project

Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

updated at Nov. 16, 2024, 2:50 p.m.

366 +0

8,244 +8

2,098 -1