A tool for secrets management, encryption as a service, and privileged access management

Unified ingress for developers

Find, verify, and analyze leaked credentials

Fast web fuzzer written in Go

A next-generation crawling and spidering framework.

In-depth attack surface mapping and asset discovery

Open-Source Phishing Toolkit

httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.

Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application

Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wis…

🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.

Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.

Fetch all the URLs that the Wayback Machine knows about for a domain

🔍 gowitness - a golang, web screenshot utility using Chrome Headless

Find domains and subdomains related to a given domain

Take a list of domains and probe for working HTTP and HTTPS servers

Gospider - Fast web spider written in Go

dnsx is a fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolvers.

A wrapper around grep, to help you grep for things

MassDNS wrapper written in go to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard filtering and easy input-output support.

Accept URLs on stdin, replace all query string values with a user-supplied value

A rapid API for the Project Sonar dataset

A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.