19th October 2020

Fuzz Faster U Fool Tool to Fuzzing Get and Post data

Ffuf – Fuzz Faster U Fool is a great tool used for fuzzing. It has become really popular lately with bug bounty hunters.

17th November 2020

Turbolist3r Tool Web Application Subdomain Discover

Turbolist3r is a fork of the sublist3r subdomain discovery tool. In addition to the original OSINT capabilties of sublist3r, turbolist3r ...

17th November 2020

W9scan Tool Web Application Vulnerability Scanner

W9scan is an excellent Plug-in type web vulnerability scanner that scan the code with the 1200+ built-in plugins...

18th November 2020

FinalRecon is a fast and simple python script for web reconnaissance

Final Recon follows a modular structure so in future new modules can be added with ease.

18th November 2020

Finding All Sinks and Sources of Web Application.

A pentesting tool designed to assist with finding all sinks and sources of a web application and display these results...

18th November 2020

ScanT3r

Scant3r Scans all URLs with multiple HTTP Methods and Tries to look for bugs with basic exploits as XSS - SQLI - RCE - CRLF -SSTI from Headers and URL Parameters

20th November 2020

AndroBugs

AndroBugs Framework is an Android vulnerability analysis system that helps developers or hackers find potential security vulnerabilities

20th November 2020

Zeebsploit

Web Scanner - Exploitation - Information Gathering

20th November 2020

Incredibly fast crawler designed for OSINT.

Photon is a incredibly fast crawler designed for automating OSINT(Open Source Intelligence). This tool designed with the simple...

20th November 2020

JADX

jadx is a Command line and GUI tools for produce Java source code from Android Dex and Apk files

20th November 2020

The TIDoS Framework: The Offensive Web Application Penetration Testing Framework.

A complete versatile framework to cover up everything from Reconnaissance...

20th November 2020

Fast-Google-Dork-Scanner

The OSINT project, the main idea of which is to collect all the possible Google dorks search combinations and to find the information about the specific web-site:

27th November 2020

Infosploit : Information Gathering Tool

Infosploit is an Information Gathering Tool that can be used during a penetration test, OSINT  to enumerate Information about...

27th November 2020

Security Header Check

Shcheck detects which security headers are enabled on certain websites. It just check headers and print a report about which are enabled and which not.

27th November 2020

File-Buster

Filebuster is a HTTP fuzzer / content discovery script with loads of features and built to be easy to use and fast! It uses one of the fastest HTTP classes in the world...

27th November 2020

OneForAll

OneForAll is a powerful chinese subdomain and dns enumeration tool.When considering about subdomain enumeration, amass might be your first and preferable...

27th November 2020

SecretFinder

SecretFinder is a python script to discover sensitive data like api keys, access token, authorizations, jwt,..etc in JavaScript(JS) files. It verifies the files with large regular expression.

27th November 2020

BlackWidow

BlackWidow is a python based web application spider to gather subdomains, URL's, dynamic parameters, email addresses and phone numbers from a target website.

27th November 2020

JD-GUI

JD-GUI is a standalone graphical utility that displays Java source codes of “.class” files. You can browse the reconstructed source code with the JD-GUI for instant access...

27th November 2020

Pompem-Exploit and Vulnerability Finder

Pompem is an open source tool, designed to automate the search for Exploits and Vulnerability in the most important databases.

27th November 2020

Tishna-Automated Pentest Framework

Complete Automated pentest framework for Servers, Application Layer to Web Security. Tishna is Web Server Security Penetration