Fetches known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, Common Crawl, and URLScan for any given domain. It can also filter URLs by status code, MIME type, and more. You can also specify a configuration file to use for every subsequent run of gau. You can install gau from source, from a pre-built binary, or via Docker. Note that piping a command (echo "example.com" | gau) will not work with the Docker container. Also, be aware that ohmyzsh's git plugin has an alias which maps gau to the git add --update command, which can cause a binary conflict. You can donate to CommonCrawl and the Internet Archive.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A command-line tool for downloading Android APK files from the Appland platform via npm installation.
Web application for visualizing live GPS locations on an SVG world map using honeypot captures.
Mellivora Mellivora is a PHP-based CTF engine that provides comprehensive competition hosting capabilities with challenge management, team scoring, and administrative tools for cybersecurity competitions.
FBCTF is a platform for hosting Jeopardy and King of the Hill style Capture the Flag competitions with support for various scales and participation models.
SecGen is an open-source framework that automatically generates vulnerable virtual machines and hacking challenges for cybersecurity education and penetration testing training.
NightShade is a Django-based capture the flag framework that enables organizations to create and manage cybersecurity competitions with support for multiple contest formats and multi-tenant architecture.
A lightweight CTF platform with simple setup and difficulty-based scoring that removes timezone advantages from competitions.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.