8,813 tools
A command-line tool that replaces all query string parameter values in URLs with a user-supplied value for security testing purposes.
A command-line tool that replaces all query string parameter values in URLs with a user-supplied value for security testing purposes.
An automated reconnaissance tool that crawls domains to discover URLs and scan for exposed secrets, API keys, and sensitive files during security assessments.
An automated reconnaissance tool that crawls domains to discover URLs and scan for exposed secrets, API keys, and sensitive files during security assessments.
BlackWidow is a Python-based web application scanner that combines OSINT gathering with automated fuzzing to identify OWASP vulnerabilities in target websites.
BlackWidow is a Python-based web application scanner that combines OSINT gathering with automated fuzzing to identify OWASP vulnerabilities in target websites.
A vulnerability scanner that helps you identify and fix vulnerabilities in your code
A vulnerability scanner that helps you identify and fix vulnerabilities in your code
A command line utility for searching and downloading exploits from multiple exploit databases including Exploit-DB and Packet Storm.
A command line utility for searching and downloading exploits from multiple exploit databases including Exploit-DB and Packet Storm.
A powerful penetration testing platform for identifying vulnerabilities and weaknesses in computer systems.
A powerful penetration testing platform for identifying vulnerabilities and weaknesses in computer systems.
An open-source attack surface management platform for identifying and managing vulnerabilities
An open-source attack surface management platform for identifying and managing vulnerabilities
A tool for bruteforcing subdomains of a given domain
A tool for bruteforcing subdomains of a given domain
A tool for taking a list of resolved subdomains and outputting any corresponding CNAMES en masse.
A tool for taking a list of resolved subdomains and outputting any corresponding CNAMES en masse.
A list of services and how to claim (sub)domains with dangling DNS records.
A list of services and how to claim (sub)domains with dangling DNS records.
A Python utility that identifies and exploits domains vulnerable to AWS name server takeover attacks by detecting misconfigured DNS settings.
A Python utility that identifies and exploits domains vulnerable to AWS name server takeover attacks by detecting misconfigured DNS settings.
A tool to identify potential subdomain takeovers by checking if a CNAME record resolves to the scope address.
A tool to identify potential subdomain takeovers by checking if a CNAME record resolves to the scope address.
A powerful tool for finding and exploiting subdomain takeover vulnerabilities
A powerful tool for finding and exploiting subdomain takeover vulnerabilities
Track postMessage usage with this Chrome Extension
Track postMessage usage with this Chrome Extension