wfuzz v2.4.5 released: Web application fuzzer
Wfuzz has been created to facilitate the task in web application assessments and it is based on a simple concept: it replaces any reference to the FUZZ keyword by the value of a given...
Category: WebApp PenTest
pown-recon v2.70 releases: A powerful target reconnaissance framework
Pown Recon Pown Recon is a target reconnaissance framework powered by graph theory. The benefit of using graph theory instead of flat table representation is that it is easier to find the relationships between...
nray: distributed port scanner in Go
nray Nray is a free, platform and architecture-independent port and application layer scanner. Apart from regular targets (list of hosts/networks), it supports dynamic target selection, based on sources like certificate transparency logs or LDAP....
secureCodeBox: automate a bunch of security-testing tools out of the box
Continuous Secure Delivery – Out of the Box secureCodeBox is a docker based, modularized toolchain for continuous security scans of your software project. Its goal is to orchestrate and easily automate a bunch of security-testing...
jaeles v0.3-beta releases: The Swiss Army knife for automated Web Application Testing
Jaeles is a powerful, flexible and easily extensible framework written in Go for building your own Web Application Scanner. Changelog v0.3-beta New Features New Passive signatures, enable via –passive option. New Conclusions & Conditions. New Detection APIs HasPopUp(), ValueOf(“variable_name”) and more....
gitleaks v3.2.2 releases: Searches full repo history for secrets and keys
gitleaks – Check git repos for secrets and keys Gitleaks provides a way for you to find unencrypted secrets and other unwanted data types in git source code repositories. As part of its core...
mitaka v0.71 releases: OSINT friendly IOC (Indicator of Compromise) search tool
Mitaka Mitaka is an OSINT friendly IOC (Indicator of Compromise) search tool. It works as a Chrome extension and it makes possible to search / scan IOC via the context menu. Features Supported IOC...
wpscan v3.7.7 releases: black box WordPress vulnerability scanner
WPScan is a black box WordPress vulnerability scanner. Changelog v3.7.7 Fixed rare crash due to conflict between slugs and API endpoints Fixed Incorrect RDF URLs detection Install Requirement Ruby >= 2.2.2 – Recommended: 2.3.3...
Sn1per v8.1 releases: Automated Pentest Recon Scanner
Sn1per Community Edition is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. Sn1per Professional is Xero Security’s premium reporting add-on for Professional Penetration Testers, Bug...
shodan-python v1.21.3 releases: official Python library for Shodan
Shodan is a search engine for Internet-connected devices. Google lets you search for websites, Shodan lets you search for devices. This library provides developers easy access to all of the data stored in Shodan...
