Monsoon is a fast and flexible HTTP enumerator that can be used for a wide variety of actions ranging from content discovery to credential bruteforcing. It allows you to execute a large number of HTTP requests, filter the responses and display them in real-time. You can use it to send HTTP GET requests for each entry in a file, ignoring all responses with a status code of 404. It is a single statically linked binary, so you can simply download a pre-built binary for your operating system from the releases page. Alternatively, you can build it from source by cloning the repository and running the command `go build`. It can be used on other operating systems such as Windows by setting the `GOOS` environment variable.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Tcpreplay is a suite of Open Source utilities for editing and replaying captured network traffic.
A website scanner that provides a sandbox for the web, allowing users to scan URLs and websites for potential threats and vulnerabilities.
A Bluetooth 5 and 4.x sniffer using TI CC1352/CC26x2 hardware with advanced features and Python-based host-side software.
A TCP-based traceroute implementation that bypasses firewall filters to trace the path to a destination.
Snort is an open source intrusion prevention system that uses rules to detect and prevent malicious network activity.
A suite for man in the middle attacks, featuring sniffing of live connections, content filtering, and protocol dissection.
Unfurl is a URL analysis tool that extracts and visualizes data from URLs, breaking them down into components and presenting the information visually.
pfSense is a leading open source firewall and network security solution, providing advanced protection and connectivity options.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.