reconftw reconFTW automates the entire process of reconnaissance for you. It outperforms the work of subdomain enumeration along with various vulnerability checks and obtaining maximum information about your target. reconFTW uses a lot of techniques...
jSQL Injection jSQL Injection is a lightweight application used to find database information from a distant server. It is free, open-source, and cross-platform (Windows, Linux, Mac OS X). It is also part of the...
Subprober – A Fast Multi-Purpose Http Probing Tool for Penetration Testing Subprober is a powerful and efficient tool designed for penetration testers and security professionals. This release introduces several enhancements, bug fixes, and new...
The Browser-Bruter The Browser-Bruter is the first ever browser-based automated web pentesting tool for fuzzing web forms by controlling the browser it self. It automates the process of sending payloads to input fields of the browser...
AzurEnum Enumerate some Entra ID (formerly Azure AD) stuff fast, including: General information such as number of users, groups, apps, Entra ID license, tenant ID … General security settings such as group creation, consent...
jsluice++ jsluice++ is a Burp Suite extension designed for passive and active scanning of JavaScript traffic using the CLI tool jsluice. The extension utilizes jsluice’s capabilities to extract URLs, paths, and secrets from static JavaScript...
LogSnare LogSnare is an intentionally vulnerable web application, where your goal is to go from a basic gopher user of the LogSnare company to the prestigious acme-admin of Acme Corporation. The application, while hosting multiple vulnerabilities,...
NucleiScanner NucleiScanner is an automation tool that combines Nuclei, Subfinder, Gau, Paramspider, and httpx functionality to enhance web application security testing. It uses Subfinder to collect subdomains, Gau to collect URLs by filtering unwanted...
findmytakeover findmytakeover detects dangling DNS records in a multi-cloud environment. It does this by scanning all the DNS zones and the infrastructure present within the configured cloud service provider either in a single account...
SploitScan SploitScan is a powerful and user-friendly tool designed to streamline the process of identifying exploits for known vulnerabilities and their respective exploitation probability. Empowering cybersecurity professionals with the capability to swiftly identify and...
The HTTP Garden The HTTP Garden is a collection of HTTP servers and proxies configured to be composable, along with scripts to interact with them in a way that makes finding vulnerabilities much easier....
