Search All Cybersecurity Tools

An automated reconnaissance tool that crawls domains to discover URLs and scan for exposed secrets, API keys, and sensitive files during security assessments.

A multithreaded vulnerability scanner for web-based applications

BlackWidow is a Python-based web application scanner that combines OSINT gathering with automated fuzzing to identify OWASP vulnerabilities in target websites.

Find exploits in local and online databases instantly

A vulnerability scanner that helps you identify and fix vulnerabilities in your code

A command line utility for searching and downloading exploits from multiple exploit databases including Exploit-DB and Packet Storm.

JavaScript library scanner and SBOM generator

A powerful penetration testing platform for identifying vulnerabilities and weaknesses in computer systems.

An open-source attack surface management platform for identifying and managing vulnerabilities

Fast and customizable vulnerability scanner

A tool for testing subdomain takeover possibilities at a mass scale.

Second-order subdomain takeover scanner

A tool for bruteforcing subdomains of a given domain

A tool for detecting and taking over subdomains with dead DNS records

A tool for taking a list of resolved subdomains and outputting any corresponding CNAMES en masse.

A list of services and how to claim (sub)domains with dangling DNS records.

A Python utility that identifies and exploits domains vulnerable to AWS name server takeover attacks by detecting misconfigured DNS settings.

A tool to identify potential subdomain takeovers by checking if a CNAME record resolves to the scope address.

A powerful tool for finding and exploiting subdomain takeover vulnerabilities

Track postMessage usage with this Chrome Extension

A simple JWT token brute force cracker

A tool for hacking and security testing of JWT

A simple Python script to test for a hypothetical JWT vulnerability

A command-line tool for parsing, creating, and manipulating JWT tokens