Web Information Gathering Archives • Cybersecurity News

apidetector: Efficiently scan for exposed Swagger endpoints across web domains and subdomains

do son April 26, 2024

APIDetector APIDetector is a powerful and efficient tool designed for testing exposed Swagger endpoints in various subdomains...

secator: The pentester’s swiss knife security assessments

secator: The pentester’s swiss knife

do son April 3, 2024

secator secator is a task and workflow runner used for security assessments. It supports dozens of well-known...

Arjun: HTTP parameter discovery suite

do son April 1, 2024

Arjun Arjun can find query parameters for URL endpoints. If you don’t get what that means, it’s...

Emora: GUI OSINT tool to search accounts by username across social networks

do son March 22, 2024

Emora Emora allows you to search for accounts by username across social networks. Inspired by tools like Sherlock,...

OSTE-Meta-Scanner: A comprehensive web vulnerability scanner

do son March 20, 2024

OSTE-Meta-Scanner This project aims to simplify the field of Dynamic Application Security Testing. The OSTE meta scanner...

git-alerts: detect and monitor GitHub org users’ public repositories for secrets and sensitive files

do son March 18, 2024

GitAlerts GitHub repositories created under any organization can be controlled by the GitHub administrators. However, any repository...

troll-a: extracting secrets such as passwords, API keys, and tokens from Web ARChive files finding secrets web archives

troll-a: extracting secrets such as passwords, API keys, and tokens from Web ARChive files

do son February 24, 2024

Troll-A Troll-A is a command line tool for extracting secrets such as passwords, API keys, and tokens...

domainim: A fast and comprehensive tool for organizational network scanning

do son February 13, 2024

domainim Domainim is a Blazing fast domain reconnaissance tool for bounty hunters written in Nim. Features Virtual...

LEAKEY: checks and validates for leaked credentials check leaked credentials

LEAKEY: checks and validates for leaked credentials

do son January 29, 2024

LEAKEY LEAKEY is a tool for validation of leaked API tokens/keys found during pentesting and Red Team...

Porch Pirate: The most comprehensive Postman recon / OSINT client and framework Postman OSINT

Porch Pirate: The most comprehensive Postman recon / OSINT client and framework

do son January 25, 2024

Porch Pirate Porch Pirate started as a tool to quickly uncover Postman secrets, and has slowly begun...

vhostawesome: check for virtual hosts across multiple IP addresses check virtual hosts

vhostawesome: check for virtual hosts across multiple IP addresses

do son January 23, 2024

vhostawesome A tool designed to efficiently check for virtual hosts across multiple IP addresses. FunWithVhosts automates the...

MCPTool: Pentesting tool for Minecraft Minecraft Pentesting tool

MCPTool: Pentesting tool for Minecraft

do son January 23, 2024

MCPTool – Pentesting tool for Minecraft Features See information of a server. View player information. Get information...

GAP-Burp-Extension: find more potential parameters and potential links finds potential links

GAP-Burp-Extension: find more potential parameters and potential links

do son January 22, 2024

GAP This is an evolution of the original getAllParams extension for Burp. Not only does it find...

XnlReveal: Chrome browser extension to show alerts for relfected query params, show hidden elements Chrome extension Wayback Archive

XnlReveal: Chrome browser extension to show alerts for relfected query params, show hidden elements

do son January 21, 2024

XnlReveal This is a Chrome Extension that can do the following: Show an alert for any query parameters that...

xeol: scanner for end-of-life software in container images, filesystems, and SBOMs

do son January 16, 2024

xeol A scanner for end-of-life (EOL) packages in container images, filesystems, and SBOMs What is EOL software?...