enum4linux-ng enum4linux-ng.py is a rewrite of Mark Lowe’s (former Portcullis Labs now Cisco CX Security Labs) enum4linux.pl, a tool for enumerating information from Windows and Samba systems, aimed at security professionals and CTF players....
SecretScanner Deepfence SecretScanner can find unprotected secrets in container images or file systems. SecretScanner is a standalone tool that retrieves and searches container and host filesystems, matching the contents against a database of approximately...
Gitxray Gitxray (short for Git X-Ray) is a multifaceted security tool designed for use on GitHub repositories. It can serve many purposes, including OSINT and Forensics. gitxray leverages public GitHub REST APIs to gather information that...
uncover uncover is a go wrapper using APIs of well-known search engines to quickly discover exposed hosts on the internet. It is built with automation in mind, so you can query it and utilize...
waymore The idea behind waymore is to find even more links from the Wayback Machine than other existing tools. 👉 The biggest difference between waymore and other tools is that it can also download the archived responses for URLs on...
Nosey Parker: Find secrets in textual data Nosey Parker is a command-line tool that finds secrets and sensitive information in textual data. It is useful both for offensive and defensive security testing. Key features:...
opensquat openSquat is an opensource Intelligence (OSINT) R&D project to identify cybersquatting threats to specific companies or domains, such as: Domain squatting Typosquatting IDN homograph attacks Phishing Scams It does support some key features such as:...
Subdominator – Unleash the Power of Subdomain Enumeration Subdominator is a powerful tool for passive subdomain enumeration during bug hunting and reconnaissance processes. It is designed to help researchers and cybersecurity professionals discover potential...
Aleph Aleph is a tool for indexing large amounts of both documents (PDF, Word, HTML) and structured (CSV, XLS, SQL) data for easy browsing and search. It is built with investigative reporting as a primary...
Odinova Digital Tiger: Overview Odinova Digital Tiger is an advanced application designed for Open-Source Intelligence (OSINT), equipped with versatile tools and a user-friendly interface to streamline investigative workflows and enhance data analysis capabilities. Documenter:...
Ominis-OSINT: Web Hunter It performs online information gathering by querying Google for search results related to a user-inputted query. The tool extracts relevant information such as titles, URLs, and potential mentions of the query...
FinalRecon FinalRecon is a fast and simple Python script for web reconnaissance. It follows a modular structure so in the future new modules can be added with ease. Features Header Information Whois SSL Certificate...
cve-search cve-search is a tool to import CVE (Common Vulnerabilities and Exposures) and CPE (Common Platform Enumeration) into MongoDB to facilitate the search and processing of CVEs. The main objective of the software is...
graphw00f – GraphQL Server Fingerprinting graphw00f is a Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint. How does it work? graphw00f...
identYwaf identYwaf is an identification tool that can recognize web protection type (i.e. WAF) based on blind inference. The blind inference is being done by inspecting responses provoked by a set of predefined offensive (non-destructive)...
Mitaka Mitaka is a browser extension that makes your OSINT (Open Source Intelligence) search & scan easier. Key features: Auto IoC (indicators of compromise) selection with refanging. E.g. example[.]com to example.com, test[at]example.com to test@example.com, hxxp://example.com to http://example.com, etc. Supports 65+ services. Features ...
Network Defense / Vulnerability Assessment
checksec: check the properties of executables
December 18, 2024
Vulnerability Assessment / Web AppSec
CloudSploit: Cloud Security Posture Management
December 19, 2024