FinDOM-XSS FinDOM-XSS is a tool that allows you to find possible and/ potential DOM-based XSS vulnerability in...
Web Vulnerability Analysis
Katana-ds Katana-ds (ds for dork_scanner) is a simple python tool that automates Google Hacking/Dorking and supports Tor...
MSSQLi-DUET – MSSQL Injection-based Domain User Enumeration Tool SQL injection script for MSSQL that extracts domain users...
Natlas should make continuous, extensible, host-oriented scanning an easy thing to deploy and make use of. Users...
DOMDig DOMDig is a DOM XSS scanner that runs inside the Chromium web browser and it can...
SSRF Sheriff This is an SSRF testing sheriff written in Go. It was originally created for the Uber...
Extended XSS Searcher and Finder This is the extended version based on the initial idea already published...
Extended ssrf search This tool search for Server-Side Request Forgery (SSRF) using predefined settings in different parts...
GraphQLmap GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. Features and...
nray Nray is a free, platform and architecture-independent port and application layer scanner. Apart from regular targets...
See-SURF A Python-based scanner to find potential SSRF parameters in a web application. Motivation SSRF being one...
Project Black Scope control, scope scanner and progress tracker for easier working on a bug bounty or...
B-XSSRF Toolkit to detect and keep track on Blind XSS, XXE & SSRF SETUP git clone https://github.com/SpiderMate/B-XSSRF.git...
Injectus Simple python tool that goes through a list of URLs trying CRLF and open redirect payloads....
Aaia (A)n(a)lysis of (I)dentity and (A)ccess What does Aaia do? Aaia (pronounced as shown here ) helps in...