certificate-transparency by google

Auditing for TLS certificates.

created at May 20, 2014, 5:03 p.m.

102 +0

869 +0

283 +0

domain_analyzer by eldraco

Analyze the security of any domain by finding all the information possible. Made in python.

created at Aug. 8, 2017, 6:52 p.m.

83 +0

1,844 +1

240 +0

aquatone by michenriksen

A Tool for Domain Flyovers

created at Nov. 19, 2015, 11:30 a.m.

136 +0

5,643 +2

885 +2

subDomainsBrute by lijiejie

A fast sub domain brute tool for pentesters

created at April 1, 2015, 7:22 a.m.

116 +0

3,488 +2

1,010 +0

EyeWitness by ChrisTruncer

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

created at Feb. 26, 2014, 4:23 p.m.

0 +0

18 +1

0 +0

tinfoleak by vaguileradiaz

The most complete open-source tool for Twitter intelligence analysis

created at Jan. 27, 2018, 7:03 p.m.

73 +0

1,932 +3

270 +1

raven by 0x09AL

raven is a Linkedin information gathering tool that can be used by pentesters to gather information about an organization employees using Linkedin.

created at Aug. 22, 2017, 3:41 p.m.

39 +0

778 +1

163 +0

GSIL by FeeiCN

GitHub Sensitive Information Leakage（GitHub敏感信息泄露监控）

created at Oct. 11, 2017, 10:14 a.m.

61 +0

2,124 -1

486 +0

gitrob by michenriksen

Reconnaissance tool for GitHub organizations

created at Jan. 7, 2015, 1:58 p.m.

154 +0

5,938 +3

832 +6

xray by evilsocket

XRay is a tool for recon, mapping and OSINT gathering from public networks.

created at July 8, 2017, 8:48 p.m.

80 +0

2,206 +2

299 +0

FOCA by ElevenPaths

Tool to find metadata and hidden information in the documents.

created at Oct. 2, 2017, 5:05 p.m.

143 +0

2,979 +9

552 +1

a2sv by hahwul

Auto Scanning to SSL Vulnerability

created at Jan. 25, 2016, 7:15 a.m.

46 +0

627 +1

169 +0

Some-PoC-oR-ExP by coffeehb

各种漏洞poc、Exp的收集或编写

created at March 13, 2015, 3:31 p.m.

154 +0

2,384 +2

972 +0

awesome-cve-poc by qazbnm456

✍️ A curated list of CVE PoCs.

created at Feb. 2, 2017, 6:43 a.m.

323 +0

3,324 +2

721 +0

js-vuln-db by tunz

A collection of JavaScript engine CVEs with PoCs

created at Aug. 6, 2016, 1:02 a.m.

185 +0

2,291 +2

405 +0

cssInjection by dxa4481

Stealing CSRF tokens with CSS injection (without iFrames)

created at Feb. 4, 2018, 4:09 a.m.

15 +0

318 +0

48 +0

H5SC by cure53

HTML5 Security Cheatsheet - A collection of HTML5 related XSS attack vectors

created at March 28, 2014, 8:42 a.m.

153 +0

2,857 +3

420 +0

commix by commixproject

Automated All-in-One OS Command Injection Exploitation Tool.

created at March 20, 2015, 8:38 a.m.

158 +0

4,611 +13

818 +2

uxss-db by Metnew

🔪Browser logic vulnerabilities :skull_and_crossbones:

created at Oct. 27, 2017, 5:32 p.m.

35 +0

688 +0

90 +0

openrasp by baidu

🔥Open source RASP solution

created at Aug. 10, 2017, 11:09 a.m.

109 +0

2,793 +2

601 -1