Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …

Find, verify, and analyze leaked credentials

Fast web fuzzer written in Go

In-depth attack surface mapping and asset discovery

Fast passive subdomain enumeration tool.

Reconnaissance tool for GitHub organizations

A Workflow Engine for Offensive Security

Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application

Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wis…

🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.

Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.

Fetch all the URLs that the Wayback Machine knows about for a domain

🔍 gowitness - a golang, web screenshot utility using Chrome Headless

Find domains and subdomains related to a given domain

Gospider - Fast web spider written in Go

Subdomain Takeover tool written in Go

MassDNS wrapper written in go to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard filtering and easy input-output support.

A fast tool to scan CRLF vulnerability written in Go

Subdomain takeover vulnerability checker

Pull out bits of URLs provided on stdin

Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place

A Powerful Subdomain Takeover Tool

A tool that can help detect and takeover subdomains with dead DNS records

Leverages publicly available datasets from Google BigQuery to generate content discovery and subdomain wordlists

A simple reverse whois lookup tool which returns a list of domains owned by people or companies

Extract domains/subdomains from URLs en masse