Tool of the day

XForwardy is a Host Header Injection scanning tool which can detect misconfigurations , where Host Header Injections are potentially possible.

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items.

XSpear is XSS Scanner tool which is written in ruby gems. It can be useful for detecting the XSS vulnerability with different level of payloads.

XCTR is an all in one tools for Information Gathering which can admin panel,page viewer,cms,reverse IP,dork finder,prxoy viewer.

Vulscan tool can be used for scanning internal servers/machines connected to your systems. This tool scans all the applications even the contents present in your virtual box .

Blazy is a modern login page bruteforcer. It has  Easy target selections  Smart form and error detection.

This tool is designed to look for several security related Android application vulnerabilities, either in source code or packaged APKs.

Scans That You Can Perform Using RED HAWK are Basic Scan ,Site Title NEW ,IP Address ,Web Server Detection IMPROVED ,CMS Detection ,Cloudflare Detection .

h8mail is an email OSINT and breach hunting tool using different breach and reconnaissance , or local breaches such as Troy Hunt's "Collection1" and the infamous "Breach Compilation" torrent.

Grapefruit is a runtime Application Instruments for iOS application and previously it was known by passionfruit. It is used in runtime analysis.

Sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.

SSLyze is a fast and powerful SSL/TLS scanning library.It allows you to analyze the SSL/TLS configuration of a server by connecting to it.

Runtime Mobile Security (RMS), powered by FRIDA, is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime.

Simple script to test if a page is vulnerable to clickjacking.

Lynis is a security auditing tool for systems based on UNIX like Linux, macOS, BSD, and others.

xsssniper is an handy xss discovery tool with mass scanning functionalities. 

GoSpider is a Fast web spider written in Go. It has lot of features to find the subdomains, JS files, AWS details, etc. 

Parth is a Heuristic Vulnerable Parameter Scanner. Some HTTP parameter names are commonly associated with one functionality.

OSRFramework is a GNU AGPLv3+ set of libraries developed by i3visio to perform Open Source Intelligence collection tasks.

FinalRecon is a fast and simple python script for web reconnaissance. It follows a modular structure so in future new modules can be added with ease.

Android application vulnerability analysis and Android pentest tool which has following functions such as App info check,  Baksmaling android app, etc,.