snallygaster by hannob

Tool to scan for secret files on HTTP servers

created at April 10, 2018, 12:01 p.m.

75 +0

2,023 +1

231 +0

dirhunt by Nekmo

Find web directories without bruteforce

created at Jan. 5, 2018, 1:05 a.m.

35 +0

1,707 +6

234 +3

domain_analyzer by eldraco

Analyze the security of any domain by finding all the information possible. Made in python.

created at Aug. 8, 2017, 6:52 p.m.

83 +0

1,837 +1

245 +0

domato by googleprojectzero

DOM fuzzer

created at Sept. 21, 2017, 3:28 p.m.

68 +0

1,643 +1

273 +0

tinfoleak by vaguileradiaz

The most complete open-source tool for Twitter intelligence analysis

created at Jan. 27, 2018, 7:03 p.m.

72 +0

1,896 +1

273 +1

ctftool by taviso

Interactive CTF Exploration Tool

created at June 7, 2019, 3:39 a.m.

60 +0

1,631 +0

276 -1

plasma by plasma-disassembler

Plasma is an interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax.

created at March 9, 2015, 9:16 p.m.

149 +0

3,043 +1

278 +0

xxe-injection-payload-list by payloadbox

🎯 XML External Entity (XXE) Injection Payload List

created at Nov. 19, 2019, 5:04 a.m.

24 +0

1,021 +2

281 +0

certificate-transparency by google

Auditing for TLS certificates.

created at May 20, 2014, 5:03 p.m.

103 +0

866 +0

282 +0

xray by evilsocket

XRay is a tool for recon, mapping and OSINT gathering from public networks.

created at July 8, 2017, 8:48 p.m.

79 +0

2,143 +0

293 -1

dvcs-ripper by kost

Rip web accessible (distributed) version control systems: SVN/GIT/HG...

created at Oct. 23, 2012, 4:55 a.m.

52 -1

1,648 +1

308 +0

ReconDog by UltimateHackers

Reconnaissance Swiss Army Knife

created at June 12, 2017, 6:19 p.m.

82 +0

1,710 +3

335 +0

xssor2 by evilcos

XSS'OR - Hack with JavaScript.

created at June 25, 2017, 6:32 a.m.

95 +0

2,098 +2

378 +0

Astra by flipkart-incubator

Automated Security Testing For REST API's

created at Jan. 10, 2018, 11:56 a.m.

86 +0

2,430 +2

385 -2

TIDoS-Framework by theInfectedDrake

The Offensive Manual Web Application Penetration Testing Framework.

created at June 8, 2018, 7:05 a.m.

125 +0

1,740 +5

388 +1

Raccoon by evyatarmeged

A high performance offensive security tool for reconnaissance and vulnerability scanning

created at May 13, 2018, 5:05 p.m.

109 +0

3,003 -3

390 +1

js-vuln-db by tunz

A collection of JavaScript engine CVEs with PoCs

created at Aug. 6, 2016, 1:02 a.m.

185 -1

2,261 -1

405 +0

retire.js by RetireJS

scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.

created at Aug. 30, 2013, 9:43 p.m.

86 -1

3,529 +6

412 +0

H5SC by cure53

HTML5 Security Cheatsheet - A collection of HTML5 related XSS attack vectors

created at March 28, 2014, 8:42 a.m.

153 -1

2,820 -2

418 +0

GitMiner by UnkL4b

Tool for advanced mining for content on Github

created at Feb. 27, 2016, 12:30 p.m.

108 +0

2,057 +4

427 +0