CVE-2023-44487 Basic vulnerability scanning to see if web servers may be vulnerable to CVE-2023-44487. This tool checks to see if a website is vulnerable to CVE-2023-44487 completely non-invasively. The tool...
IAMActionHunter IAMActionHunter is an IAM policy statement parser and query tool that aims to simplify the process of collecting and understanding permission policy statements for users and roles in AWS...
ParaForge ParaForge is a simple Burp Suite extension to extract the parameters and endpoints from the request to create a custom wordlist for fuzzing and enumeration. This is just a...
by do son · Published September 25, 2023 · Last modified September 26, 2023
EasyScan EasyScan is a Python script that analyzes the security of a given website by inspecting its HTTP headers and DNS records. The script generates a security report with recommendations...
EscalateGPT A powerful Python tool that leverages the power of OpenAI to analyze AWS IAM misconfigurations. Features 🛠️ EscalateGPT is a Python tool to identify IAM policy issues and enhance Tenable...
Sucosh Scanny “Sucosh” is an automated Source Code vulnerability scanner(SAST) and assessment framework for Python(Flask-Django) & NodeJs capable of performing code review in Web Application Developing or Source Code Analysis...
Pentest Mapper Pentest Mapper is a Burp Suite extension that integrates the Burp Suite request logging with a custom application testing checklist. The extension provides a straightforward flow for application...
NucleiFuzzer = Nuclei + Paramspider NucleiFuzzer is an automation tool that combines ParamSpider and Nuclei to enhance web application security testing. It uses ParamSpider to identify potential entry points and Nuclei’s templates to scan for...
What is Akto? Akto is an instant, open source API security platform that takes only 60 secs to get started. Akto is used by security teams to maintain a continuous...
Web Information Gathering / Web Vulnerability Analysis
by do son · Published August 17, 2023 · Last modified August 18, 2023
GPT_Vuln-analyzer This is a Proof Of Concept application that demonstrates how AI can be used to generate accurate results for vulnerability analysis and also allows further utilization of the already...
OSINT Template Engine OSINT Template Engine is a research-grade tool for OSINT Information gathering & Attack Surface Mapping which uses customizable templates to collect data from sources. It allows for...
Surf – Escalate your SSRF vulnerabilities on Modern Cloud Environments surf allows you to filter a list of hosts, returning a list of viable SSRF candidates. It does this by...
Defense / Vulnerability Analysis / Web Vulnerability Analysis
by do son · Published August 8, 2023 · Last modified December 10, 2023
CVE Prioritizer Tool CVE_Prioritizer is a powerful tool that helps you prioritize vulnerability patching by combining CVSS, EPSS, and CISA’s Known Exploited Vulnerabilities. It provides valuable insights into the likelihood of exploitation and...
What is ShadowClone? ShadowClone is designed to delegate time-consuming tasks to the cloud by distributing the input data to multiple serverless functions (AWS Lambda, Azure Functions, etc.) and running the...
GCP Scanner This is a GCP resource scanner that can help determine what level of access certain credentials possess on GCP. The scanner is designed to help security engineers evaluate...
Support Securityonline.info site. Thanks!
