Free Cybersecurity Tools and Resources

anew

A tool for adding new lines to files, skipping duplicates.

0

Free

Miscellaneous

File Management

anew

A tool for adding new lines to files, skipping duplicates.

0

Free

Miscellaneous

File Management

Burp-LFI-tests

A collection of tests for Local File Inclusion (LFI) vulnerabilities using Burp Suite.

0

Burp-LFI-tests

A collection of tests for Local File Inclusion (LFI) vulnerabilities using Burp Suite.

0

+3

Dalfox

Dalfox is a powerful open-source XSS scanner and utility focused on automation.

0

Dalfox

Dalfox is a powerful open-source XSS scanner and utility focused on automation.

0

+2

xLinkFinder

A python tool for discovering endpoints, parameters, and wordlists in a given target

0

xLinkFinder

A python tool for discovering endpoints, parameters, and wordlists in a given target

0

SSRFire

Automated SSRF finder with options for XSS and open redirects

0

Vulnerability Scanning

Web App Security

SSRFire

Automated SSRF finder with options for XSS and open redirects

0

+2

gaussrf

A tool for identifying potential security threats by fetching known URLs and filtering out URLs with open redirection or SSRF parameters.

0

gaussrf

A tool for identifying potential security threats by fetching known URLs and filtering out URLs with open redirection or SSRF parameters.

0

+1

Subfinder

Fast passive subdomain enumeration tool

0

Free

Network Security

Subdomain Enumeration

Dns Lookup

Web Scraping

Penetration Testing

Vulnerability Assessment

Subfinder

Fast passive subdomain enumeration tool

0

Free

Network Security

Subdomain Enumeration

Dns Lookup

Web Scraping

+2

GitHunter

A tool for searching a Git repository for interesting content

0

GitHunter

A tool for searching a Git repository for interesting content

0

qsfuzz

A tool to fuzz query strings and identify vulnerabilities

0

Vulnerability Detection

Web App Security

Web Security

qsfuzz

A tool to fuzz query strings and identify vulnerabilities

0

Vulnerability Detection

+2

thc-hydra

A login cracker that can be used to crack many types of authentication protocols.

0

Free

Offensive Security

Password Cracking

thc-hydra

A login cracker that can be used to crack many types of authentication protocols.

0

Free

Offensive Security

Password Cracking

InQL

InQL is a Burp Suite extension for advanced GraphQL testing and vulnerability detection

0

Vulnerability Detection

InQL

InQL is a Burp Suite extension for advanced GraphQL testing and vulnerability detection

0

Vulnerability Detection

GitRob

A reconnaissance tool for GitHub organizations

0

GitRob

A reconnaissance tool for GitHub organizations

0

+2

XSStrike

A powerful tool for identifying and exploiting Cross-Site Scripting (XSS) vulnerabilities.

0

XSStrike

A powerful tool for identifying and exploiting Cross-Site Scripting (XSS) vulnerabilities.

0

+1

Can I take over XYZ?

A list of services and how to claim (sub)domains with dangling DNS records.

0

Can I take over XYZ?

A list of services and how to claim (sub)domains with dangling DNS records.

0

+1

Blinder

A Python library for automating time-based blind SQL injection attacks

0

Blinder

A Python library for automating time-based blind SQL injection attacks

0

s3tk

A security toolkit for Amazon S3

0

s3tk

A security toolkit for Amazon S3

0

BlackWidow

A Python-based web application scanner for OSINT and fuzzing OWASP vulnerabilities

0

BlackWidow

A Python-based web application scanner for OSINT and fuzzing OWASP vulnerabilities

0

+3

Andor

A blind SQL injection tool written in Golang

0

Andor

A blind SQL injection tool written in Golang

0

censys-enumeration

A script to extract subdomains/emails for a given domain using SSL/TLS certificate dataset on Censys.

0

censys-enumeration

A script to extract subdomains/emails for a given domain using SSL/TLS certificate dataset on Censys.

0

+3

oxml_xxe

A tool for embedding XXE/XML exploits into different filetypes

0

Free

Honeypots

Xxe

oxml_xxe

A tool for embedding XXE/XML exploits into different filetypes

0

Free

Honeypots

Xxe

httprebind

Automatic tool for DNS rebinding-based SSRF attacks

0

Web Application Security

httprebind

Automatic tool for DNS rebinding-based SSRF attacks

0

+2

python-builtwith

BuiltWith API client

0

Free

Vulnerability Management

python-builtwith

BuiltWith API client

0

Free

Vulnerability Management

Api Metadata

Cloud

Cloud Security

+6

2tearsinabucket

A tool to enumerate S3 buckets for a specific target

0

2tearsinabucket

A tool to enumerate S3 buckets for a specific target

0

+4

surf

A tool to escalate SSRF vulnerabilities on modern cloud environments

0

Vulnerability Scanning

Security Testing

Pentest

surf

A tool to escalate SSRF vulnerabilities on modern cloud environments

0

Vulnerability Scanning

+2

Free Cybersecurity Tools

PINNED

LATEST ADDITIONS

anew

anew

Burp-LFI-tests

Burp-LFI-tests

Dalfox

Dalfox

xLinkFinder

xLinkFinder

SSRFire

SSRFire

gaussrf

gaussrf

Subfinder

Subfinder

GitHunter

GitHunter

qsfuzz

qsfuzz

thc-hydra

thc-hydra

InQL

InQL

GitRob

GitRob

XSStrike

XSStrike

Can I take over XYZ?

Can I take over XYZ?

Blinder

Blinder

s3tk

s3tk

BlackWidow

BlackWidow

Andor

Andor

censys-enumeration

censys-enumeration

oxml_xxe

oxml_xxe

httprebind

httprebind

python-builtwith

python-builtwith

2tearsinabucket

2tearsinabucket

surf

surf