GitMiner by UnkL4b

Tool for advanced mining for content on Github

updated at May 11, 2024, 10 p.m.

108 +0

2,057 +4

427 +0

Sublist3r by aboul3la

Fast subdomains enumeration tool for penetration testers

updated at May 11, 2024, 9:54 p.m.

233 +0

9,281 +15

2,052 +2

wfuzz by xmendez

Web application fuzzer

updated at May 11, 2024, 9:45 p.m.

168 +0

5,663 +9

1,332 +1

beef by beefproject

The Browser Exploitation Framework Project

updated at May 11, 2024, 9:37 p.m.

438 -1

9,406 +10

2,060 +1

wpscan by wpscanteam

WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via contact@wpscan.com

updated at May 11, 2024, 9:34 p.m.

264 +0

8,258 +7

1,240 +4

sqlmap by sqlmapproject

Automatic SQL injection and database takeover tool

updated at May 11, 2024, 9:34 p.m.

1,090 +1

30,690 +56

5,549 +11

prowler by prowler-cloud

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more

updated at May 11, 2024, 9:33 p.m.

118 -1

9,618 +40

1,404 +9

juice-shop by juice-shop

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

updated at May 11, 2024, 6:15 p.m.

156 +0

9,589 +31

9,399 +50

H5SC by cure53

HTML5 Security Cheatsheet - A collection of HTML5 related XSS attack vectors

updated at May 11, 2024, 5:32 p.m.

153 -1

2,820 -2

418 +0

XSRFProbe by theInfectedDrake

The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.

updated at May 11, 2024, 4:07 p.m.

36 +0

978 +4

188 +3

js-xss by leizongmin

Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist

updated at May 11, 2024, 4:07 p.m.

117 +0

5,107 +1

630 +0

xss-payload-list by payloadbox

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

updated at May 11, 2024, 3:59 p.m.

139 +0

5,673 +19

1,580 +2

awesome-bug-bounty by djadmin

A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.

updated at May 11, 2024, 3:49 p.m.

289 +0

4,387 +1

898 +0

awesome-ctf-cheatsheet by uppusaikiran

CTF Cheatsheet

updated at May 11, 2024, 2:42 p.m.

1 +0

21 +2

2 +0

dvcs-ripper by kost

Rip web accessible (distributed) version control systems: SVN/GIT/HG...

updated at May 11, 2024, 1:41 p.m.

52 -1

1,648 +1

308 +0

commix by commixproject

Automated All-in-One OS Command Injection Exploitation Tool.

updated at May 11, 2024, 11:48 a.m.

161 +0

4,348 +8

797 +0

domain_analyzer by eldraco

Analyze the security of any domain by finding all the information possible. Made in python.

updated at May 11, 2024, 11:39 a.m.

83 +0

1,837 +1

245 +0

tplmap by epinna

Server-Side Template Injection and Code Injection Detection and Exploitation Tool

updated at May 11, 2024, 11:19 a.m.

84 -1

3,643 +8

662 +0

aquatone by michenriksen

A Tool for Domain Flyovers

updated at May 11, 2024, 11:18 a.m.

135 +0

5,489 +1

864 +0

phpsploit by nil0x42

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

updated at May 11, 2024, 9:38 a.m.

103 +0

2,146 +7

434 +1