JSMon: JavaScript Change Monitor for BugBounty
JSMon JSMon – JavaScript Change Monitor for BugBounty Using this script, you can configure a number of JavaScript files on websites that you want to monitor. Every time you run...
Category: Web Information Gathering
scripthunter: finds javascript files for a given website
scripthunter Scripthunter is a tool that finds javascript files for a given website. To scan google, simply run ./scripthunter.sh https://google.com. Note that it may take a while, which is why...
GitDorker v1.1.3 releases: scrape secrets from GitHub
GitDorker GitDorker is a tool that utilizes the GitHub Search API and an extensive list of GitHub dorks that I’ve compiled from various sources to provide an overview of sensitive...
feroxbuster v2.10 releases: fast, simple, recursive content discovery tool written in Rust
What the heck is a ferox anyway? Ferox is short for Ferric Oxide. Ferric Oxide, simply put, is rust. The name rustbuster was taken, so I decided on a variation....
nuubi: Recon Tools, Scanners and tools for penetration testing
NUUBI NUUBI is a Recon Tools, Scanners, and tools for penetration testing. Reconnaissance is the first phase of penetration testing which means gathering information before any real attacks are planned....
o365enum: Enumerate valid usernames from Office 365
Office 365 User Enumeration Enumerate valid usernames from Office 365 using ActiveSync, Autodiscover, or office.com login page. Enumeration Methods ActiveSync Enumeration This method is based on grimhacker’s method that sends Basic HTTP...
gitjacker v0.1 releases: Leak git repositories from misconfigured websites
gitjacker Gitjacker downloads git repositories and extracts their contents from sites where the .git directory has been mistakenly uploaded. It will still manage to recover a significant portion of a repository...
PwnFox v1.0.3 releases: Firefox/Burp extension that provide usefull tools for your security audit
PwnFox PwnFox is a Firefox/Burp extension that provides usefull tools for your security audit. If you are a chrome user you can check https://github.com/nccgroup/autochrome. Features Single click BurpProxy Connect...
Eagle: vulnerability scanner
Project Eagle Project Eagle is a plugin-based vulnerabilities scanner with threading support used for the detection of low-hanging bugs on a mass scale. Features CRLF Sensitive files e.g(.git, info.php ..) Subdomain takeover...
AutoDirbuster: Automatically run and save Dirbuster scans for multiple IPs
AutoDirbuster Automatically run and save Dirbuster scans for multiple IPs Why? OWASP Dirbuster is a great directory buster but running it against multiple IPs and ports is a very manual...
url tracker: checks the content of web pages in different periods
URL Tracker Change monitoring app that checks the content of web pages in different periods (hourly, daily, weekly, monthly) and detects if they were modified since the last check. It...
querytool: Google Sheet designed for OSINT
QUERYTOOL QueryTool is an OSINT framework based on Google Spreadsheets. It is designed to automate the creation of queries within the popular search engines to get the desired results. QueryTool...
Ashok: Swiss knife for Reconnaissance
Ashok Reconnaissance is the first phase of penetration testing which means gathering information before any real attacks are planned So Ashok is an Incredible fast recon tool for penetration tester...
Monitorizer: The ultimate subdomain monitorization framework
Monitorizer The ultimate subdomain monitorization framework Subdomain monitoring framework inspired by subalert project. Setting up the environment You need: Python >= 3.6 ( Python 2 is not supported ) Linux server...
uDork v3.1 releases: Google Hacking Tool
uDork uDork is a script written in Python that uses advanced Google search techniques to obtain sensitive information in files or directories, find IoT devices, detect versions of web applications,...
