Highlights
- Pro
Stars
A curated list of various bug bounty tools
A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.
A source code static analysis platform for AppSec enthusiasts.
REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications
A python script that finds endpoints in JavaScript files
A place for creators and users of password managers to collaborate on resources to make password management better.
A fast, simple, recursive content discovery tool written in Rust.
Crowbar is brute forcing tool that can be used during penetration tests. It is developed to support protocols that are not currently supported by thc-hydra and other popular brute forcing tools.
A utility to detect various technology for a given IP address.
Prefect is a workflow orchestration framework for building resilient data pipelines in Python.
Rust-based high performance domain permutation generator.
dnsx is a fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolvers.
Gospider - Fast web spider written in Go
Luigi is a Python module that helps you build complex pipelines of batch jobs. It handles dependency resolution, workflow management, visualization etc. It also comes with Hadoop support built in.
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static a…
"Can I take over DNS?" — a list of DNS providers and how to claim vulnerable domains.
An easy-to-setup version of XSS Hunter. Sets up in five minutes and requires no maintenance!
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices
xss development frameworks, with the goal of making payload writing easier.