Ffuf – Fuzz Faster U Fool is a great tool used for fuzzing. It has become really popular lately with bug bounty hunters.

Ffuf – Fuzz Faster U Fool is a great tool used for fuzzing. It has become really popular lately with bug bounty hunters.
Turbolist3r is a fork of the sublist3r subdomain discovery tool. In addition to the original OSINT capabilties of sublist3r, turbolist3r ...
W9scan is an excellent Plug-in type web vulnerability scanner that scan the code with the 1200+ built-in plugins...
Final Recon follows a modular structure so in future new modules can be added with ease.
A pentesting tool designed to assist with finding all sinks and sources of a web application and display these results...
Photon is a incredibly fast crawler designed for automating OSINT(Open Source Intelligence). This tool designed with the simple...
A complete versatile framework to cover up everything from Reconnaissance...
The OSINT project, the main idea of which is to collect all the possible Google dorks search combinations and to find the information about the specific web-site:
Infosploit is an Information Gathering Tool that can be used during a penetration test, OSINT to enumerate Information about...
Shcheck detects which security headers are enabled on certain websites. It just check headers and print a report about which are enabled and which not.
Filebuster is a HTTP fuzzer / content discovery script with loads of features and built to be easy to use and fast! It uses one of the fastest HTTP classes in the world...
SecretFinder is a python script to discover sensitive data like api keys, access token, authorizations, jwt,..etc in JavaScript(JS) files. It verifies the files with large regular expression.
BlackWidow is a python based web application spider to gather subdomains, URL's, dynamic parameters, email addresses and phone numbers from a target website.
Pompem is an open source tool, designed to automate the search for Exploits and Vulnerability in the most important databases.
Complete Automated pentest framework for Servers, Application Layer to Web Security. Tishna is Web Server Security Penetration