| Discovery/CRAWL |
Photon |
Incredibly fast crawler designed for OSINT. |
 |
 |
| Discovery/CRAWL |
gospider |
Gospider - Fast web spider written in Go |
 |
 |
| Discovery/DNS |
dnsprobe |
DNSProb (beta) is a tool built on top of retryabledns that allows you to perform multiple dns queries of your choice with a list of user supplied resolvers. |
 |
 |
| Discovery/DNS |
shuffledns |
shuffleDNS is a wrapper around massdns written in go that allows you to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard handling and easy input-output support. |
 |
 |
| Discovery/DOMAIN |
Amass |
In-depth Attack Surface Mapping and Asset Discovery |
 |
 |
| Discovery/DOMAIN |
assetfinder |
Find domains and subdomains related to a given domain |
 |
 |
| Discovery/DOMAIN |
findomain |
The fastest and cross-platform subdomain enumerator, do not waste your time. |
 |
 |
| Discovery/DOMAIN |
subfinder |
Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing. |
 |
 |
| Discovery/HTTP |
Arjun |
HTTP parameter discovery suite. |
 |
 |
| Discovery/PORT |
masscan |
TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes. |
 |
 |
| Discovery/PORT |
naabu |
A fast port scanner written in go with focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests |
 |
 |
| Discovery/PORT |
nmap |
Nmap - the Network Mapper. Github mirror of official SVN repository. |
 |
 |
| Discovery/URL |
waybackurls |
Fetch all the URLs that the Wayback Machine knows about for a domain |
 |
 |
| Discovery/VULN |
Silver |
Mass scan IPs for vulnerable services |
 |
 |
| Fetch/TOM |
httprobe |
Take a list of domains and probe for working HTTP and HTTPS servers |
 |
 |
| Fetch/TOM |
meg |
Fetch many paths for many hosts - without killing the hosts |
 |
 |
| Fetch/WSOCK |
websocket-connection-smuggler |
websocket-connection-smuggler |
 |
 |
| Scanner/CORS |
Corsy |
CORS Misconfiguration Scanner |
 |
 |
| Scanner/NOSQL |
NoSQLMap |
Automated NoSQL database enumeration and web application exploitation tool. |
 |
 |
| Scanner/SQL |
sqlmap |
Automatic SQL injection and database takeover tool |
 |
 |
| Scanner/SQL |
sqlninja |
SQL Injection Tool |
 |
 |
| Scanner/SSL |
a2sv |
Auto Scanning to SSL Vulnerability |
 |
 |
| Scanner/WVS |
Striker |
Striker is an offensive information and vulnerability scanner. |
 |
 |
| Scanner/XSS |
XSStrike |
Most advanced XSS scanner. |
 |
 |
| Scanner/XSS |
xspear |
Powerfull XSS Scanning and Parameter analysis tool&gem |
 |
 |
| Utility/CLIP |
ftc |
simple copy to file to clipboard |
 |
 |
| Utility/GREP |
gf |
A wrapper around grep, to help you grep for things |
 |
 |
| Utility/JSON |
gron |
Make JSON greppable! |
 |
 |
| Utility/S3 |
s3reverse |
The format of various s3 buckets is convert in one format. for bugbounty and security testing. |
 |
 |
c093551fd5
