8,816 tools
A repository providing hourly-updated data dumps of bug bounty platform scopes from major platforms like HackerOne, Bugcrowd, and Intigriti for security researchers.
A repository providing hourly-updated data dumps of bug bounty platform scopes from major platforms like HackerOne, Bugcrowd, and Intigriti for security researchers.
A command-line tool that replaces all query string parameter values in URLs with a user-supplied value for security testing purposes.
A command-line tool that replaces all query string parameter values in URLs with a user-supplied value for security testing purposes.
An automated reconnaissance tool that crawls domains to discover URLs and scan for exposed secrets, API keys, and sensitive files during security assessments.
An automated reconnaissance tool that crawls domains to discover URLs and scan for exposed secrets, API keys, and sensitive files during security assessments.
BlackWidow is a Python-based web application scanner that combines OSINT gathering with automated fuzzing to identify OWASP vulnerabilities in target websites.
BlackWidow is a Python-based web application scanner that combines OSINT gathering with automated fuzzing to identify OWASP vulnerabilities in target websites.
A vulnerability scanner that helps you identify and fix vulnerabilities in your code
A vulnerability scanner that helps you identify and fix vulnerabilities in your code
A command line utility for searching and downloading exploits from multiple exploit databases including Exploit-DB and Packet Storm.
A command line utility for searching and downloading exploits from multiple exploit databases including Exploit-DB and Packet Storm.
A powerful penetration testing platform for identifying vulnerabilities and weaknesses in computer systems.
A powerful penetration testing platform for identifying vulnerabilities and weaknesses in computer systems.
An open-source attack surface management platform for identifying and managing vulnerabilities
An open-source attack surface management platform for identifying and managing vulnerabilities
A tool for bruteforcing subdomains of a given domain
A tool for bruteforcing subdomains of a given domain
A tool for taking a list of resolved subdomains and outputting any corresponding CNAMES en masse.
A tool for taking a list of resolved subdomains and outputting any corresponding CNAMES en masse.
A list of services and how to claim (sub)domains with dangling DNS records.
A list of services and how to claim (sub)domains with dangling DNS records.
A Python utility that identifies and exploits domains vulnerable to AWS name server takeover attacks by detecting misconfigured DNS settings.
A Python utility that identifies and exploits domains vulnerable to AWS name server takeover attacks by detecting misconfigured DNS settings.
A tool to identify potential subdomain takeovers by checking if a CNAME record resolves to the scope address.
A tool to identify potential subdomain takeovers by checking if a CNAME record resolves to the scope address.