Red Team Scaner

vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information colle…

Bug Hunter is a command-line tool designed to assist in the bug hunting process for web applications. It automates several tasks such as target discovery using dorks, indexing, and URL vulnerabilit…

Lightweight Chrome extension that extracts all endpoints (URLs) found within a web page

WAF Bypass Tester is a comprehensive penetration testing tool designed to help security professionals identify vulnerabilities in web applications protected by WAFs. With a modern user interface an…

This script is an automation to bypass Cloudflare and Fortigate WAF (SQLi Detection)

Cross-Site Scripting (XSS) is a common vulnerability that allows attackers to inject malicious scripts into web pages viewed by users. In response, many websites use filtering techniques and firewa…

ZeroHuntAI is an advanced source code vulnerability scanner designed to detect potential vulnerabilities in your codebase. It combines static code analysis with pattern matching and AI evaluation t…

TIFS: AdvSQLi

This tools made for Ravana OS , this is just demo tool , stay tune with us for New and best OS which one coming soon.......

Header Exploitation HTTP

Burp Plugin to Bypass WAFs through the insertion of Junk Data

Try to find out the real ip behind cdn

Automatic bypass (brute force) waf

Ghazi is a BurpSuite Plugins For Testing various PayLoads Like "XSS,SQLi,SSTI,SSRF,RCE and LFI" through Different tabs , Where Each Tab Will Replace Every GET or POST Parameters With Selected TAB i…

🚀🤖 Crawl4AI: Open-source LLM Friendly Web Crawler & Scraper. Don't be shy, join here: https://discord.gg/jP8KfhDhyN

Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.

Bug Bounty ultimate tool

An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws

Control Your Infrastructure, Scale Your Scanning—On Your Terms. Easily distribute arbitrary binaries and scripts using any of our seven supported cloud providers.

Site Eye is a tool for monitoring changes in website content. It captures screenshots of web pages, compares them to detect changes, and sends email notifications when changes are found. This tool …

To use hackJS, specify a target URL that contains JavaScript files you want to analyze. The tool will fetch these JavaScript files, extract embedded links and subdomains.

Blind SQL injection exploitation tool written in ruby.

A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques

Some tools to automate recon - 003random

A script to collect historical DNS records to help try bypass WAF (Web Application Firewall). This script will search for DNS A history records.

An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.