CloudScraper: enumerate targets in search of cloud resources
CloudScraper is a Tool to spider and scrape targets in search of cloud resources. Plug in a URL and it will spider and search the source of spidered pages for...
Category: Web Information Gathering
hsecscan: A security scanner for HTTP response headers
hsecscan A security scanner for HTTP response headers. Installation Requirement: Python 2.x Usage Example Copyright (C) 2015 riramar Source: https://github.com/riramar/
osrframework v0.20.5 releases: Open Sources Research Framework
OSRFramework is a GNU AGPLv3+ set of libraries developed by i3visio to perform Open Source Intelligence tasks. They include references to a bunch of different applications related to username checking,...
TLS Prober: A tool to fingerprint SSL/TLS servers
TLS Prober TLS Prober is a tool for identifying the implementation in use by SSL/TLS servers. It analyses the behavior of a server by sending a range of probes then...
bucket stream: Find interesting Amazon S3 Buckets
Bucket Stream Find interesting Amazon S3 Buckets by watching certificate transparency logs. This tool simply listens to various certificate transparency logs (via certstream) and attempts to find public S3 buckets...
Astra: Automated Security Testing For REST API’s
Astra REST API penetration testing is complex due to continuous changes in existing APIs and newly added APIs. Astra can be used by security engineers or developers as an integral...
discover: automate various pentesting tasks
discover For use with Kali Linux. Custom bash scripts used to automate various pentesting tasks. Download, setup & usage git clone https://github.com/leebaird/discover /opt/discover/ All scripts must be run from this location. cd...
takeover: Sub-Domain TakeOver Vulnerability Scanner
TakeOver Sub-domain takeover vulnerability occurs when a sub-domain (subdomain.example.com) is pointing to a service (e.g: GitHub, AWS/S3,..) that has been removed or deleted. This allows an attacker to set up a page...
cred_scanner: scanner to look for potential AWS access and secret keys
cred_scanner A simple command line tool for finding AWS credentials in files. Optimized for use with Jenkins and other CI systems. Install git clone https://github.com/disruptops/cred_scanner.git cd cred_scanner pip install -r requirements.txt Use...
aws_public_ips: Fetch all public IP addresses tied to your AWS account
aws_public_ips aws_public_ips is a tool to fetch all public IP addresses (both IPv4/IPv6) associated with an AWS account. It can be used as a library and as a CLI, and...
ReconUI: base-web reconnaissance tool
ReconUI Current Features Subdomain bruteforcing Directory bruteforce for each subdomain. Basic CORS vulnerability check. Auto subdomain takeover for AWS S3 Bucket and Heroku Censys IPv4 lookups. Public XSS search from...
watchdog: A Comprehensive Security Scanning and a Vulnerability Management Tool
Watchog is an integration of open source security tools aimed to provide a holistic security view for a given domain/IP. The way Watchdog is built it can be used by product...
PenCrawLer: An Advanced Web Crawler and DirBuster
PenCrawLer An Advanced Web Crawler and DirBuster PeNCrawLer is an advanced webcrawler and dirbuster designed to use in penetration testing based on Windows Os. Web Crawler Features: Follow Redirects Rendering...
Dzjecter: Server checking Tool
Dzjecter v2.0 – Server checking Tool this tool grap ip from the server, scan, examine of ports and encryption and decryption of the hash and also have other characteristics. How...
Devploit: Information Gathering Tool
Devploit v3.6 Devploit is a simple python script for Information Gathering Download git clone git clone https://github.com/joker25000/Devploit chmod +x install ./install Properties : ● DNS Lookup ● Whois Lookup ● GeoIP...
