Stars
The cheat sheet about Java Deserialization vulnerabilities
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
A powerful and useful hacker dictionary builder for a brute-force attack
EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
Incredibly fast crawler designed for OSINT.
Gospider - Fast web spider written in Go
TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Open Source Intelligence gathering tool aimed at reducing the time spent harvesting information from open sources.
mYnk0x / gau
Forked from lc/gauFetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
A tool for adding new lines to files, skipping duplicates
mYnk0x / gf
Forked from tomnomnom/gfA wrapper around grep, to help you grep for things
WPScan rewritten in Python + some WPSeku ideas
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …
Fast passive subdomain enumeration tool.
Striker is an offensive information and vulnerability scanner.
Find domains and subdomains related to a given domain
An advanced multithreaded admin panel finder written in python.
Generate Email, Register for anything, Get the OTP/Link
Collection of methodology and test case for various web vulnerabilities.
A list of useful payloads and bypass for Web Application Security and Pentest/CTF