Corsy is a lightweight program that scans for all known misconfigurations in CORS implementations.

Corsy is a lightweight program that scans for all known misconfigurations in CORS implementations.
Sn1per Community Edition is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities.
Offensive Security Tool for Reconnaissance and Information Gathering. Raccoon is a tool made for reconnaissance ...
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) Static ...
Apktool is a tool for reverse engineering 3rd party, closed, binary Android apps. It can decode resources to nearly original
Arachni Tool to Identifies vulnerabilities in web application
SubBrute is an open source subdomain enumeration tool.It is community maintained and aims to be the fastest ...
Web applications use parameters (or queries) to accept user input, take the following example into consideration
RapidScan is a python based scanning tool used for analyzing vulnerabilities ...
In general, Fuzzing is type of ...
Once cloned we need to enter into the specific directory and type python smod.py in terminal.Then, type help you will be shown ....
Legion is an open source, easy-to-use, super-extensible and semi-automated ...
This tool is use to find the default Ip cameras passwords over different vendors. Run the tools with the following commands
Rebel framework is a module-based framework which has multiple ...
WAFW00F is a Python tool to help you fingerprint and identify Web Application Firewall (WAF) products.
WAScan ((W)eb (A)pplication (Scan)ner) is a Open Source web application security scanner.
This tool can scan websites with open .git repositories for Bug Hunting...
The OWASP Amass Project is written in go which is much faster than python and it performs network ...
Apkurlgrep Tool helps to extract endpoints from APK files. It used apktool to do the decomplie.
Androwarn is an instrument whose primary point is to identify and caution ...
Wapiti works as a "black-box" vulnerability scanner, that means it won't study the source code of web applications