JSFScan.sh Script made for all your javascript recon automation in bugbounty. Just pass the subdomain list to...
WebApp PenTest
Parth Heuristic Vulnerable Parameter Scanner Introduction Some HTTP parameter names are more commonly associated with one functionality...
GHunt GHunt is an OSINT tool to extract information from any Google Account using an email. It...
N1QLMap N1QLMap is an N1QL exploitation tool. Currently works with the Couchbase database. The tool supports data extraction...
OnionSearch OnionSearch is a Python3 script that scrapes urls on different “.onion” search engines. Currently supported Search...
Rusolver Fast DNS resolver is written in Rust. Works on Linux, Windows, macOS, Android, Aarch64, ARM, and...
XSS Scanner Cross-Site Scripting (XSS) is one of the most well-known web application vulnerabilities. It even has...
Garud An automation tool that scans sub-domains, sub-domain takeover, and then filters out xss, ssti, ssrf, and...
GWTMap GWTMap is a tool to help map the attack surface of Google Web Toolkit (GWT) based...
ReconNote Web Application Security Recon Automation Framework It takes user input as a domain name and maximizes...
hetty Hetty is an HTTP toolkit for security research. It aims to become an open source alternative...
PCWT A web application that makes it easy to run your pentest and bug bounty projects. Description...
Py3webFuzz Based on pywebfuzz, Py3webfuzz is a Python3 module to assist in the identification of vulnerabilities in...
JSMon JSMon – JavaScript Change Monitor for BugBounty Using this script, you can configure a number of...
bulwark An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports....