Search All Cybersecurity Tools

An open-source attack surface management platform for identifying and managing vulnerabilities

Fast and customizable vulnerability scanner

A tool for testing subdomain takeover possibilities at a mass scale.

Second-order subdomain takeover scanner

A tool for bruteforcing subdomains of a given domain

A tool for detecting and taking over subdomains with dead DNS records

A tool for taking a list of resolved subdomains and outputting any corresponding CNAMES en masse.

A list of services and how to claim (sub)domains with dangling DNS records.

A Python utility that identifies and exploits domains vulnerable to AWS name server takeover attacks by detecting misconfigured DNS settings.

A tool to identify potential subdomain takeovers by checking if a CNAME record resolves to the scope address.

A powerful tool for finding and exploiting subdomain takeover vulnerabilities

Track postMessage usage with this Chrome Extension

A simple JWT token brute force cracker

A tool for hacking and security testing of JWT

A simple Python script to test for a hypothetical JWT vulnerability

A command-line tool for parsing, creating, and manipulating JWT tokens

A Burp extension to check JWT tokens for potential weaknesses

A toolkit for testing, tweaking and cracking JSON Web Tokens

A tool for scanning Adobe Experience Manager instances for potential security vulnerabilities

AEM (Adobe Experience Manager) Hacker is a tool designed to help security researchers and penetration testers identify and exploit vulnerabilities in AEM-based systems.

A free and open-source tool for identifying vulnerabilities in Joomla-based websites.

A python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs.

WPRecon is a tool for recognizing vulnerabilities and blackbox information for WordPress.

A centralized dashboard for running and scheduling WordPress scans powered by wpscan utility.