TLS Prober: A tool to fingerprint SSL/TLS servers
TLS Prober TLS Prober is a tool for identifying the implementation in use by SSL/TLS servers. It analyses the behavior of a server by sending a range of probes then comparing the responses with...
Category: Web Information Gathering
bucket stream: Find interesting Amazon S3 Buckets
Bucket Stream Find interesting Amazon S3 Buckets by watching certificate transparency logs. This tool simply listens to various certificate transparency logs (via certstream) and attempts to find public S3 buckets from permutations of the...
Astra: Automated Security Testing For REST API’s
Astra REST API penetration testing is complex due to continuous changes in existing APIs and newly added APIs. Astra can be used by security engineers or developers as an integral part of their process,...
discover: automate various pentesting tasks
discover For use with Kali Linux. Custom bash scripts used to automate various pentesting tasks. Download, setup & usage git clone https://github.com/leebaird/discover /opt/discover/ All scripts must be run from this location. cd /opt/discover/ ./update.sh ...
takeover: Sub-Domain TakeOver Vulnerability Scanner
TakeOver Sub-domain takeover vulnerability occurs when a sub-domain (subdomain.example.com) is pointing to a service (e.g: GitHub, AWS/S3,..) that has been removed or deleted. This allows an attacker to set up a page on the service that...
cred_scanner: scanner to look for potential AWS access and secret keys
cred_scanner A simple command line tool for finding AWS credentials in files. Optimized for use with Jenkins and other CI systems. Install git clone https://github.com/disruptops/cred_scanner.git cd cred_scanner pip install -r requirements.txt Use python cred_scanner.py That will...
aws_public_ips: Fetch all public IP addresses tied to your AWS account
aws_public_ips aws_public_ips is a tool to fetch all public IP addresses (both IPv4/IPv6) associated with an AWS account. It can be used as a library and as a CLI, and supports the following AWS...
ReconUI: base-web reconnaissance tool
ReconUI Current Features Subdomain bruteforcing Directory bruteforce for each subdomain. Basic CORS vulnerability check. Auto subdomain takeover for AWS S3 Bucket and Heroku Censys IPv4 lookups. Public XSS search from open bug bounty. Screenshot...
watchdog: A Comprehensive Security Scanning and a Vulnerability Management Tool
Watchog is an integration of open source security tools aimed to provide a holistic security view for a given domain/IP. The way Watchdog is built it can be used by product security teams, red teams...
PenCrawLer: An Advanced Web Crawler and DirBuster
PenCrawLer An Advanced Web Crawler and DirBuster PeNCrawLer is an advanced webcrawler and dirbuster designed to use in penetration testing based on Windows Os. Web Crawler Features: Follow Redirects Rendering Javascript Extract links from...
Dzjecter: Server checking Tool
Dzjecter v2.0 – Server checking Tool this tool grap ip from the server, scan, examine of ports and encryption and decryption of the hash and also have other characteristics. How To Use git clone https://github.com/joker25000/Dzjecter...
Devploit: Information Gathering Tool
Devploit v3.6 Devploit is a simple python script for Information Gathering Download git clone git clone https://github.com/joker25000/Devploit chmod +x install ./install Properties : ● DNS Lookup ● Whois Lookup ● GeoIP Lookup ● Subnet Lookup...
TorBoT v4.0 releases: Deep and Dark Web OSINT Tool
TorBoT – OSINT tool for Deep and Dark Web. The basic procedure executed by the web crawling algorithm takes a list of seed URLs as its input and repeatedly executes the following steps: Remove...
whoUR v1.6 releases: information gathering, IPReverse, AdminFInder, DNS, WHOIS, SQLi Scanner
WhoUr is a simple tool in python for getting info of a website and scan sqli vuln with google. this is fast but is not powerful, actually is under construction, but is useful. Features:...
domainhunter: Checks expired domains, bluecoat categorization, and Archive.org history
Domain Hunter Domain name selection is an important aspect of preparation for penetration tests and especially Red Team engagements. Commonly, domains that were used previously for benign purposes and were properly categorized can be...
