SEVulDet SEVulDet is a semantics-enhanced deep learning-based framework that can accurately pinpoint vulnerability patterns by extracting, preserving,...
WebApp PenTest
Octosuite Octosuite is an open-source lightweight yet advanced osint framework that targets GitHub users and organizations. With...
ExchangeFinder ExchangeFinder is a simple and open-source tool that tries to find Microsoft Exchange instance for a...
HTTPLoot An automated tool which can simultaneously crawl, fill forms, trigger error/debug pages, and “loot” secrets out...
REST-Attacker REST-Attacker is an automated penetration testing framework for APIs following the REST architecture style. The tool’s...
AzureGoat: A Damn Vulnerable Azure Infrastructure Compromising an organization’s cloud infrastructure is like sitting on a gold...
Kscan – Simple Asset Mapping Tool kscan is an asset mapping tool that can perform port scanning,...
AWSGoat: A Damn Vulnerable AWS Infrastructure Compromising an organization’s cloud infrastructure is like sitting on a gold...
SQLiDetector Simple python script supported with BurpBouty profile that helps you to detect SQL injection “Error based”...
SSTImap SSTImap is a penetration testing software that can check websites for Code Injection and Server-Side Template...
DFShell D3Ext’s Forwarded Shell it’s a python3 script which use mkfifo to simulate a shell into the victim...
GooFuzz GooFuzz is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information...
BEE·bot OSINT automation for hackers. BBOT is a recursive, modular OSINT framework written in Python. It is capable of executing the...
MSMAP Msmap is a Memory WebShell Generator. Compatible with various Containers, Components, Encoder, WebShell / Proxy / Killer, and...
Vulnerable Client-Server Application (VuCSA) A vulnerable client-server application (VuCSA) is made for learning/presenting how to perform penetration...