Searpy Search Engine Toolkit Support search engine Shodan Fofa Zoomeye Censys Dnsdb Google Baidu Bing 360so Goo...
WebApp PenTest
JSshell JSshell – a JavaScript reverse shell. This using to exploit XSS remotely, help to find blind...
Sharingan Sharingan is a recon multitool for offensive security/bug bounty Install go get github.com/leobeosab/sharingan/cmd/sharingancli Usage Note Order...
JNDI-Injection-Exploit JNDI-Injection-Exploit is a tool for generating workable JNDI links and provide background services by starting the...
SocialPwned SocialPwned is an OSINT tool that allows to get the emails, from a target, published in...
subjs subjs fetches javascript files from a list of URLS or subdomains. Analyzing javascript files can help...
OneForAll OneForAll is a powerful subdomain collection tool The importance of information collection in penetration testing is...
Scylla – The Simplistic Information Gathering Engine Scylla is an OSINT tool developed in python 3.6. Scylla...
Universal Reddit Scraper This is a universal Reddit scraper that can scrape Subreddits, Redditors, and comments on...
BirDuster BirDuster is a Python-based knockoff of the original DirBuster. BirDuster is a multi-threaded Python application designed to brute...
JATAYU Stealthy Stand-Alone PHP Web Shell FEATURES Http Header Based Authentication. 100% Undetectable. Exec Function Changer. Nothing...
Nosql injection username and password enumeration script Using this script, we can enumerate Usernames and passwords of...
NoXss NoXss is a cross-site script vulnerability scanner supported reflected xss and dom-based xss. It’s very fast...
purify The goal of Purify to be an easy-in-use and efficient tool to simplify a workflow of...
VulnNodeApp A vulnerable application made using node.js, express server and ejs template engine. This application is meant...