cariddi
Take a list of domains, crawl URLs and scan for endpoints, secrets, API keys, file extensions, tokens and more. A tool for security researchers and penetration testers to automate the process of finding sensitive information on a target domain.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Python Exploit Development Assistance for GDB with enhanced debugging features and commands for exploit development.
Explore the top million websites, ranked by referring subnets, and gain insights into online influence and popularity.
Inceptor is a template-driven framework for evading Anti-Virus and Endpoint Detection and Response solutions, allowing users to create custom evasion techniques and test their security controls.
A blog post about abusing exported functions and exposed DCOM interfaces for pass-thru command execution and lateral movement
A powerful tool for extracting passwords and performing various Windows security operations.
DET (extensible) Data Exfiltration Toolkit is a proof of concept tool for performing Data Exfiltration using multiple channels simultaneously.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.