Information Gathering / Network PenTest / Vulnerability Analysis / Web Information Gathering / Web Vulnerability Analysis / WebApp PenTest
by do son · Published August 29, 2018
Red Team Arsenal is a web/network security scanner which has the capability to scan all company’s online facing assets and provide a holistic security view of any security anomalies. It’s a closely linked collection of security engines...
Prowl Prowl is an email harvesting tool that scrapes Yahoo for Linkedin profiles associated to the user’s search terms and identifies job titles. It also identifies current job listings for the specified organisation. Installation...
Web Exploitation / Web Information Gathering / Web Vulnerability Analysis
by do son · Published August 27, 2018 · Last modified July 19, 2020
BlackWidow is a python based web application spider to gather subdomains, URL’s, dynamic parameters, email addresses and phone numbers from a target website. This project also includes Inject-X fuzzer to scan dynamic URL’s for...
Namechk Osint tool based on namechk.com for checking usernames on more than 100 websites, forums, and social networks. Download git clone https://github.com/HA71/Namechk.git Use Search available username: ./namechk.sh <username> -au Search available username on specifics websites: ./namechk.sh <username>...
pathbrute Pathbrute is a DirB/Dirbuster type of tool designed to brute force directories and files names on web/application servers. However, it has some new tricks. It is no longer a dumb directories/files brute force...
WhatCMS.sh CMS Detection and Exploit Kit based on Whatcms.org API. Introduction Whatcms.sh can currently detect the use of more than 330 different CMS applications and services to later indicate a list of valid security audit tools for the...
Information Gathering / Vulnerability Analysis / Web Information Gathering / Web Vulnerability Analysis
by do son · Published August 21, 2018
shodan-scanner is intended to be a tool to more easily continuously monitor Shodan for relevant hosts using a local database for easier inventory. File description: requirements.txt: Contains Python dependencies essential for scripts to run correctly....
POOPAK | TOR Hidden Service Crawler OSINT Tool Search Engine Docker-based This is an application for crawling, scanning and data gathering of TOR hidden services. The concept through this project is to have a...
Web Information Gathering / WebApp PenTest
by do son · Published August 18, 2018 · Last modified October 10, 2021
GitMiner The advanced search tool and automation in Github. This tool aims to facilitate research by code or code snippets on github through the site’s search page. Changelog v2.0 News: Search in codes with...
Omnibus An Omnibus is defined as a volume containing several novels or other items previously published separately and that is exactly what the InQuest Omnibus project intends to be for Open Source Intelligence collection, research, and...
Information Gathering / Vulnerability Analysis / Web Information Gathering / Web Vulnerability Analysis
by do son · Published August 15, 2018
FireShodanMap is a Real-time map that integrates Firebase, Google Maps, and Shodan. A search is carried out using Shodan searching for vulnerable devices and they are shown on the map for analysis. All data...
ICU is a tool to constantly keep an updated database of domains and subdomains, by regularly scanning domains for subdomains with the most common subdomain scanners. ICU works by creating a database with domains...
Skiptracer – OSINT scraping framework Initial attack vectors for recon usually involve utilizing pay-for-data/API (Recon-NG) or paying to utilize transforms (Maltego) to get data mining results. Skiptracer utilizes some basic python webscraping (BeautifulSoup) of...
OWASP DeepViolet TLS/SSL API DeepViolet is a TLS/SSL scanning API written in Java. To keep DeepViolet easy to use, identify bugs, reference implementations have been developed that consume the API. If you want to...
HackB0x v1.0 HackBox is the combination of awesome tools and techniques. This tool includes [1] – Xss [2] – Exploits [3] – Subdomain scanner [4] – Whois Lookup [5] – SSRF Injection [6] –...
Secure Your Connection
