cansina: Web Content Discovery Tool
Cansina is a Web Content Discovery Application. It is well-known Web applications don’t publish all their resources or public links, so the only way to discover these resources is requesting for them and check...
Category: Penetration Testing
Fuxi-Scanner: Network Security Vulnerability Scanner
Fuxi-Scanner Fuxi Scanner is an open source network security vulnerability scanner, it comes with multiple functions. Vulnerability detection & management Authentication Tester IT asset discovery & management Port scanner Subdomain scanner Acunetix Scanner (Integrate...
domained: Subdomain Enumeration
domained Domain Name Enumeration Tool The tools contained in domained requires Kali Linux (preferred) or Debian 7+ and Recon-ng Domained uses several subdomain enumeration tools and wordlists to create a unique list of subdomains...
Anubis v0.9 releases: Subdomain enumeration and information gathering tool
Anubis, a subdomain enumerator, and information gathering tool. It collates data from a variety of sources to provide one of the most comprehensive tools for subdomain enumeration. It pulls subdomains from public sources, indexed...
dnstwist v20180623 releases: Domain name permutation engine for detecting typo squatting, phishing and corporate espionage
dnstwits See what sort of trouble users can get in trying to type your domain name. Find similar-looking domains that adversaries can use to attack you. Can detect typosquatters, phishing attacks, fraud and corporate...
Brakeman v4.3.1 released: A static analysis security vulnerability scanner for Ruby on Rails applications
Brakeman Brakeman is an open source static analysis tool which checks Ruby on Rails applications for security vulnerabilities. It can detect: Possibly unescaped model attributes or parameters in views (Cross-Site Scripting) Bad string interpolation...
xcat: Automate XPath injection attacks
XCat XCat is a command line program that aides in the exploitation of blind XPath injection vulnerabilities. It can be used to retrieve the whole XML document being processed by a vulnerable XPath query,...
luna: open-source web security scanner
Luna is an open-source web security scanner which is based on reduced-code passive scanning framework. You can write a simple python plugin to prove your great ideas with Luna. The format of httplog is...
NetRipper 1.1.20 release: Smart traffic sniffing for penetration testers
NetRipper – this is a fairly recent tool that is positioned for the post-operating system based on Windows and uses a number of non-standard approaches to extract sensitive data. It uses API hooking in...
NodeJsScan: static security code scanner for Node.js applications
NodeJsScan Static security code scanner (SAST) for Node.js applications. How to Configure Clone the repo: git clone https://github.com/ajinabraham/NodeJsScan.git Install Postgres and configure SQLALCHEMY_DATABASE_URI in core/settings.py Run pip install -r requirements.txt Run python createdb.py Run python app.py This will run NodeJsScan on http://0.0.0.0:9090 If you...
