A powerful Go tool that combines the functionality of `nsfwdetector`, `favinfo`, and `emailextractor` into a single unified tool. Process domains efficiently with just **one HTTP request** per doma…

gocl is similar tool like go install command that install's go tools.

A bash script that extracts `shodan-query, google-query, censys-query, fofa-query, hunter-query, zoomeye-query` in nucleihub-templates.

This repo collects nuclei template from 600+ github repos, updates every 6 hours.

A specialized Go tool for replacing blind XSS usernames in payloads, specifically designed for use with the ezXSS service.

A powerful URL parameter and request fuzzing tool that processes URLs or Burp Suite raw requests, replacing values with custom payloads while maintaining unique parameter combinations.

XSSRecon automates the process of testing URL parameters for reflection of a test payload rix4uni and further checks how special characters are handled (allowed, blocked, or converted).

certinfo is a powerful SSL certificate scraping tool that extracts domain names from SSL certificates of arbitrary hosts. It supports both basic certificate data extraction and recursive subdomain …

Simple XSS vulnerability checker tool very useful with xsschecker.

vulntechfinder is a powerful security tool that automates vulnerability scanning based on technology stack detection. It intelligently processes hosts through tech stack identification and executes…

Discover GitHub repositories and hunt for leaked credentials with style

A high-performance technology detection tool built with Go, leveraging the projectdiscovery wappalyzergo library to identify web technologies and frameworks.

Fetches javascript file from a list of URLS or subdomains.

gosqli is a fast and simple tool for detecting blind SQL injection vulnerabilities. It supports scanning URLs with custom payloads, parallel requests, and response time-based verification.

Easy wordlist generator tool for backup files.

A high-performance command-line utility for processing and managing unique lines from input streams. Combining the functionality of sort, uniq, and tee, unew efficiently filters duplicates while of…

Mass-scale hidden parameter discovery using Arjun. A high-performance wrapper that parallelizes Arjun for efficient parameter discovery across multiple targets.

Hunt down social media accounts by username across social networks using httpx

A powerful and efficient Go-based tool for extracting archived URLs from the Wayback Machine with advanced filtering capabilities, rate limiting, and automatic retries.

A powerful subdomain enumeration tool that aggregates data from multiple sources to create comprehensive lists of root subdomains.

xsschecker tests endpoints for reflected XSS by injecting payloads and checking responses. It prints vulnerable if the payload is reflected, otherwise not vulnerable.

uforall is a fast url crawler this tool crawl all URLs number of different sources, alienvault,WayBackMachine,urlscan,commoncrawl

Remove outofscope subdomains from https://github.com/rix4uni/scope/blob/main/data/outofscope.txt or a local outofscope.txt file.

High-speed Go email scraper that crawls sites and internal links concurrently to collect email addresses for reconnaissance, research, or sales intelligence.