Free Cybersecurity Tools and Resources

WPSpider

A centralized dashboard for running and scheduling WordPress scans powered by wpscan utility.

0

WPSpider

A centralized dashboard for running and scheduling WordPress scans powered by wpscan utility.

0

LFI-files

A wordlist to bruteforce for Local File Inclusion (LFI) vulnerabilities

0

Vulnerability Exploitation

LFI-files

A wordlist to bruteforce for Local File Inclusion (LFI) vulnerabilities

0

+1

B-XSSRF

A toolkit for detecting and tracking Blind XSS, XXE, and SSRF vulnerabilities

0

Vulnerability Detection

Security Testing

Web App Security

B-XSSRF

A toolkit for detecting and tracking Blind XSS, XXE, and SSRF vulnerabilities

0

+3

Findomain

A domain reconnaissance tool that automates subdomain discovery, port scanning, and monitoring with support for multiple data sources and notification integrations.

0

Free

Offensive Security

Reconnaissance

Subdomain Enumeration

Subdomain Discovery

Port Scanning

Network Reconnaissance

Findomain

A domain reconnaissance tool that automates subdomain discovery, port scanning, and monitoring with support for multiple data sources and notification integrations.

0

Free

Offensive Security

Reconnaissance

Subdomain Enumeration

Subdomain Discovery

+7

git-dumper

A tool to dump a Git repository from a website

0

git-dumper

A tool to dump a Git repository from a website

0

+2

GitTools

A collection of tools for extracting and analyzing information from .git repositories

0

GitTools

A collection of tools for extracting and analyzing information from .git repositories

0

+2

Injectus

A CRLF and open redirect fuzzer

0

Vulnerability Scanning

Injectus

A CRLF and open redirect fuzzer

0

+1

cnames

A tool for taking a list of resolved subdomains and outputting any corresponding CNAMES en masse.

0

cnames

A tool for taking a list of resolved subdomains and outputting any corresponding CNAMES en masse.

0

ParamPamPam

A tool for detecting and exploiting vulnerabilities in web applications

0

Free

Vulnerability Management

ParamPamPam

A tool for detecting and exploiting vulnerabilities in web applications

0

Free

Vulnerability Management

Appsec

App Security

Fuzzing

+3

Burp Anonymous Cloud

Burp extension for identifying cloud buckets and testing for vulnerabilities

0

Free

Cloud Security

Vulnerability Scanning

Shodan

Burp Anonymous Cloud

Burp extension for identifying cloud buckets and testing for vulnerabilities

0

Free

Cloud Security

Vulnerability Scanning

Shodan

screenshoteer

A command-line tool for taking website screenshots and mobile emulations

0

screenshoteer

A command-line tool for taking website screenshots and mobile emulations

0

+2

Turbo Intruder Scripts

A collection of scripts for Turbo Intruder, a penetration testing tool

0

Turbo Intruder Scripts

A collection of scripts for Turbo Intruder, a penetration testing tool

0

+1

eyeballer

A tool for analyzing pentest screenshots using a convolutional neural network

0

Vulnerability Detection

eyeballer

A tool for analyzing pentest screenshots using a convolutional neural network

0

Vulnerability Detection

Singularity

A DNS rebinding attack framework for security researchers and penetration testers.

0

Web Application Security

Network Security

Singularity

A DNS rebinding attack framework for security researchers and penetration testers.

0

+2

SSTImap

SSTImap is an automated detection tool that identifies Server-Side Template Injection vulnerabilities in web applications through an interactive testing interface.

0

Free

Application Security

Vulnerability Scanner

Web Security

Penetration Testing

Security Testing

Vulnerability Detection

Web Application Security

Injection

Interactive

SSTImap

SSTImap is an automated detection tool that identifies Server-Side Template Injection vulnerabilities in web applications through an interactive testing interface.

0

Free

Application Security

Vulnerability Scanner

Web Security

+6