paskto: Passive Web Scanner
Paskto – Passive Web Scanner Paskto will passively scan the web using the Common Crawl internet index either by downloading the indexes on request or parsing data from your local...
Category: Web Information Gathering
Scumblr: Automated OSINT
Scumblr Scumblr is a web application that allows performing periodic syncs of data sources (such as Github repositories and URLs) and performing analysis (such as static analysis, dynamic checks, and...
dnsbrute v2.0.1: a fast domain brute tool
DNSBrute Subdomain enumeration is often the first step in penetration testing and is the precondition for collecting IP information and vulnerabilities. Previously testing the subdomain demolition software in the current...
subdomain3: discovering subdomains
Subdomain3 Subdomain3 is a new generation of the tool, It helps penetration testers to discover more information in a shorter time than other tools.The information includes subdomains, IP, CDN, and...
PAVELOW Exploit Toolbox: vulnerability hunting and exploiting proccess
PAVELOW Exploit Toolbox PAVELOW helps you with your exploiting and vulnerability searching adventures on KALI Linux by using a few different pre-installed tools among several others that PAVELOW will installed...
ctfr: get the subdomains from a HTTPS website in a few seconds
CTFR Do you miss AXFR technique? This tool allows getting the subdomains from an HTTPS website in a few seconds. How does it work? CTFR does not use neither dictionary attack...
WPHunter: A WordPress Vulnerability Scanner
WPHunter – A WordPress Vulnerability Scanner You can use this tool on your wordpress website to check the security of your website by finding the vulnerability in your website. Over...
DomLink: Automating domain discovery
DomLink It is a tool that uses a domain name to discover organization name and associated e-mail address to then find further associated domains. This is useful for bug bounty...
Optiva-Framework: Web Application Scanner
Optiva-Framework: Web Application Scanner You can use this Framework on your website to check the security of your website by finding the vulnerability in your website or you can use this...
PloitKit: The Hacker’s ToolBox
PloitKit is a Python-based GUI tool designed as one-stop for all other software. I was facing these kinds of problem when I need to switch to the different system, or...
dns parallel prober: find subdomains
What is DNS Parallel Prober? This is a parallelized domain name prober to find as many subdomains of a given domain as fast as possible. PLEASE NOTE this script probes DNS...
pymeta v1.1.1 releases: search the web for files on a domain
pymeta Pymeta is a Python3 rewrite of the tool PowerMeta, created by dafthack in PowerShell. It uses specially crafted search queries to identify and download the following file types (pdf, xls, xlsx, doc,...
vcsmap: scan public version control systems for sensitive information
vcsmap vcsmap is a plugin-based tool to scan public version control systems (currently GitHub and possibly Gitlab soon) for sensitive information like access tokens and credentials. Installation $ gem install vcsmap...
envizon: network visualization tool
envizon – the network visualization tool This tool is designed, developed, and supported by evait security. In order to give something back to the security community, we publish our internally...
cloudfrunt: dentifying misconfigured CloudFront domains
CloudFrunt CloudFrunt is a tool for identifying misconfigured CloudFront domains. CloudFront is a Content Delivery Network (CDN) provided by Amazon Web Services (AWS). CloudFront users create “distributions” that serve content...
