8,965 tools
A tool for taking a list of resolved subdomains and outputting any corresponding CNAMES en masse.
A tool for taking a list of resolved subdomains and outputting any corresponding CNAMES en masse.
A list of services and how to claim (sub)domains with dangling DNS records.
A list of services and how to claim (sub)domains with dangling DNS records.
A Python utility that identifies and exploits domains vulnerable to AWS name server takeover attacks by detecting misconfigured DNS settings.
A Python utility that identifies and exploits domains vulnerable to AWS name server takeover attacks by detecting misconfigured DNS settings.
A tool to identify potential subdomain takeovers by checking if a CNAME record resolves to the scope address.
A tool to identify potential subdomain takeovers by checking if a CNAME record resolves to the scope address.
A powerful tool for finding and exploiting subdomain takeover vulnerabilities
A powerful tool for finding and exploiting subdomain takeover vulnerabilities
Track postMessage usage with this Chrome Extension
Track postMessage usage with this Chrome Extension
A simple Python script to test for a hypothetical JWT vulnerability
A simple Python script to test for a hypothetical JWT vulnerability
A tool for scanning Adobe Experience Manager instances for potential security vulnerabilities
A tool for scanning Adobe Experience Manager instances for potential security vulnerabilities
AEM (Adobe Experience Manager) Hacker is a tool designed to help security researchers and penetration testers identify and exploit vulnerabilities in AEM-based systems.
AEM (Adobe Experience Manager) Hacker is a tool designed to help security researchers and penetration testers identify and exploit vulnerabilities in AEM-based systems.
A free and open-source tool for identifying vulnerabilities in Joomla-based websites.
A free and open-source tool for identifying vulnerabilities in Joomla-based websites.
A python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs.
A python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs.
WPRecon is a tool for recognizing vulnerabilities and blackbox information for WordPress.
WPRecon is a tool for recognizing vulnerabilities and blackbox information for WordPress.
A centralized dashboard for running and scheduling WordPress scans powered by wpscan utility.
A centralized dashboard for running and scheduling WordPress scans powered by wpscan utility.
S3cario is an AWS S3 bucket security testing tool that validates permissions and identifies potential vulnerabilities through scenario simulation.
S3cario is an AWS S3 bucket security testing tool that validates permissions and identifies potential vulnerabilities through scenario simulation.
A security toolkit for Amazon S3 that provides bucket scanning, policy validation, ACL management, and encryption features to identify and remediate S3 security vulnerabilities.
A security toolkit for Amazon S3 that provides bucket scanning, policy validation, ACL management, and encryption features to identify and remediate S3 security vulnerabilities.
A security tool that performs whitebox evaluation of S3 object permissions to identify publicly accessible files and generate reports on potential exposure risks.
A security tool that performs whitebox evaluation of S3 object permissions to identify publicly accessible files and generate reports on potential exposure risks.
A tool for enumerating and analyzing Amazon S3 buckets associated with specific targets to identify potential security misconfigurations.
A tool for enumerating and analyzing Amazon S3 buckets associated with specific targets to identify potential security misconfigurations.
A security tool for discovering S3 bucket references in web content and testing buckets for misconfigurations.
A security tool for discovering S3 bucket references in web content and testing buckets for misconfigurations.