SubOver v1.2 release: A Powerful Subdomain Takeover Tool
SubOver Subover is a Hostile Subdomain Takeover tool originally written in python but rewritten from scratch in Golang. Since it’s redesign, it has been aimed at speed and efficiency in...
Category: Web Information Gathering
AWSBucketDump: Security Tool to Look For Interesting Files in S3 Buckets
AWSBucketDump AWSBucketDump is a tool to quickly enumerate AWS S3 buckets to look for loot. It’s similar to a subdomain bruteforcer but is made specifically for S3 buckets and also...
trufflehog 3.69 releases: Searches through git repositories for secrets, digging deep into commit history and branches
Truffle Hog Searches through git repositories for secrets, digging deep into commit history and branches. This is effective at finding secrets accidentally committed. NEW Trufflehog previously functioned by running entropy...
birdwatcher: Data analysis and OSINT framework for Twitter
Birdwatcher is a data analysis and OSINT framework for Twitter. It supports creating multiple workspaces where arbitrary Twitter users can be added and their Tweets harvested through the Twitter API for...
pagodo v2.6 releases: Automate Google Hacking Database scraping
pagodo (Passive Google Dork) – Automate Google Hacking Database scraping The goal of this project was to develop a passive Google dork script to collect potentially vulnerable web pages and...
bishop: Hunt for vulnerable websites as you browse
Bishop Bishop is a vulnerability scanner that searches websites in the background while you browse, looking for exposed version control systems, misconfigured administrative tools, and more. It works by searching...
Th3inspector v1.9: best tool for Information Gathering
Th3inspector Tool All in one tool for Information Gathering Installation Window Linux Android Download Termux Usage perl Th3inspector.pl -h -i –info Website...
EternalView: information gathering and vulnerability assessment tool
EternalView EternalView is an all in one basic information gathering tool Features: Feature Explanation Whois Information Prints the whois information of the entered web address DNS lookup Prints the DNS...
second-order: subdomain takeover scanner
Second Order Scans web applications for second-order subdomain takeover by crawling the app, and collecting URLs (and other data) that match some specific rules, or respond in a specific way....
dvcs-ripper: Rip web accessible (distributed) version control systems: SVN/GIT/HG
dvcs-ripper Rip web accessible (distributed) version control systems: SVN, GIT, Mercurial/hg, bzr, … It can rip repositories even when directory browsing is turned off. Make sure to position yourself in...
FileSensor: Dynamic file detection tool based on crawler
FileSensor Dynamic file detection tool based on crawler Feature Generate the fuzzing vectors based on crawler results (input)http://localhost/ -> (crawl)http://localhost/test.php -> (detect)http://localhost/.test.php.swp Scrapy framework Stable crawler and customizable HTTP requests. Custom 404...
cangibrina: A fast and powerfull dashboard (admin) finder
Cangibrina is a multi-platform tool which aims to obtain the Dashboard of sites using brute-force over wordlist, google, nmap, and robots.txt. Install git clone http://github.com/fnk0c/cangibrina.git cd cangibrina pip install -r...
Scan-T: detecting and collecting the hosts flaws and port fingerprinting
Scan-T Scan-T is an open source penetration testing tool that automates the process of detecting and collecting the hosts flaws and port fingerprinting. It comes with a powerful detection engine,...
domained: Subdomain Enumeration
domained Domain Name Enumeration Tool The tools contained in domained requires Kali Linux (preferred) or Debian 7+ and Recon-ng Domained uses several subdomain enumeration tools and wordlists to create a...
blacksheepwall: hostname reconnaissance tool
blacksheepwall blacksheepwall is a hostname reconnaissance tool written in Go. It can also be used as a stand-alone package in your tools. Download Usage Copyright (c) 2012, 2013 Tom...
