Book Free Consultation
Book Free Consultation
Book Free Consultation
The Yuki Chan is an Automated Penetration Testing tool this tool will auditing all standard security test method for you.
Read More
Rebel framework is a module-based framework which has multiple ...
Read More
Wfuzz is a command line tool written in python. It is used to discover common vulnerabilities in web applications through the method of fuzzing.
Read More
Domain name permutation engine for detecting homograph phishing attacks
Read More
Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect
Read More
Offensive Security Tool for Reconnaissance and Information Gathering. Raccoon is a tool made for reconnaissance ...
Read More
OSRFramework is a GNU AGPLv3+ set of libraries developed by i3visio to perform Open Source Intelligence collection tasks.
Read More
The OWASP Amass Project is written in go which is much faster than python and it performs network ...
Read More
Sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.
Read More
GraphQL is a query language for APIs and a runtime for fulfilling those queries
Read More
Corsy is a lightweight program that scans for all known misconfigurations in CORS implementations.
Read More
Sn1per Community Edition is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities.
Read More
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) Static ...
Read More
Apktool is a tool for reverse engineering 3rd party, closed, binary Android apps. It can decode resources to nearly original
Read More
Arachni Tool to Identifies vulnerabilities in web application
Read More
SubBrute is an open source subdomain enumeration tool.It is community maintained and aims to be the fastest ...
Read More
Web applications use parameters (or queries) to accept user input, take the following example into consideration
Read More
RapidScan is a python based scanning tool used for analyzing vulnerabilities ...
Read More
In general, Fuzzing is type of ...
Read More
Once cloned we need to enter into the specific directory and type python smod.py in terminal.Then, type help you will be shown ....
Read More
Legion is an open source, easy-to-use, super-extensible and semi-automated ...
Read More
This tool is use to find the default Ip cameras passwords over different vendors. Run the tools with the following commands
Read More
WAFW00F is a Python tool to help you fingerprint and identify Web Application Firewall (WAF) products.
Read More
WAScan ((W)eb (A)pplication (Scan)ner) is a Open Source web application security scanner.
Read More
This tool can scan websites with open .git repositories for Bug Hunting...
Read More
Apkurlgrep Tool helps to extract endpoints from APK files. It used apktool to do the decomplie.
Read More
Androwarn is an instrument whose primary point is to identify and caution ...
Read More
Wapiti works as a "black-box" vulnerability scanner, that means it won't study the source code of web applications
Read More
Ffuf – Fuzz Faster U Fool is a great tool used for fuzzing. It has become really popular lately with bug bounty hunters.
Read More
Turbolist3r is a fork of the sublist3r subdomain discovery tool. In addition to the original OSINT capabilties of sublist3r, turbolist3r ...
Read More
W9scan is an excellent Plug-in type web vulnerability scanner that scan the code with the 1200+ built-in plugins...
Read More
Final Recon follows a modular structure so in future new modules can be added with ease.
Read More
A pentesting tool designed to assist with finding all sinks and sources of a web application and display these results...
Read More
Scant3r Scans all URLs with multiple HTTP Methods and Tries to look for bugs with basic exploits as XSS - SQLI - RCE - CRLF -SSTI from Headers and URL Parameters
Read More
AndroBugs Framework is an Android vulnerability analysis system that helps developers or hackers find potential security vulnerabilities
Read More
Photon is a incredibly fast crawler designed for automating OSINT(Open Source Intelligence). This tool designed with the simple...
Read More
jadx is a Command line and GUI tools for produce Java source code from Android Dex and Apk files
Read More
A complete versatile framework to cover up everything from Reconnaissance...
Read More
The OSINT project, the main idea of which is to collect all the possible Google dorks search combinations and to find the information about the specific web-site:
Read More
Infosploit is an Information Gathering Tool that can be used during a penetration test, OSINT to enumerate Information about...
Read More
Shcheck detects which security headers are enabled on certain websites. It just check headers and print a report about which are enabled and which not.
Read More
Filebuster is a HTTP fuzzer / content discovery script with loads of features and built to be easy to use and fast! It uses one of the fastest HTTP classes in the world...
Read More
OneForAll is a powerful chinese subdomain and dns enumeration tool.When considering about subdomain enumeration, amass might be your first and preferable...
Read More
SecretFinder is a python script to discover sensitive data like api keys, access token, authorizations, jwt,..etc in JavaScript(JS) files. It verifies the files with large regular expression.
Read More
BlackWidow is a python based web application spider to gather subdomains, URL's, dynamic parameters, email addresses and phone numbers from a target website.
Read More
A plugin-based scanner that aids security researchers in identifying issues with several CMS.
Read More
LFISuite, an open source local file inclusion scanner and exploiter that is coded in Python. It supports multiple attack points and also has TOR proxy support.
Read More
Dirsearch is Tool that performs bruteforce attack of sensitive directories and files that are found on the websites.
Read More
Weevely is a web shell designed for post-exploitation purposes that can be extended over the network at runtime.Upload weevely PHP agent to a target web server to get
Read More
Insider tool is secure code reviewer, which exclusively focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code.
Read More
Spaghetti is an Open Source web application scanner, it is designed to find various default and insecure files...
Read More
Dex2Jar is an instrument whose primary point is to convert .dex files into jar and smali files. The Dex2jar is mainly used for reverse engineering Android applications.
Read More
--xss : Scan Site if vulnerable [Xss] url must be between double citation --sql : Scan Site if vulnerable [Sql] url must be between double citation
Read More
RVuln:-- A multi-threaded-vulnerability-scanner written in Rust. Automated #Web Vulnerability Scanner.
Read More
Security Tool For Reconnaissance And Information Gathering On A Website
Read More
Skipfish is a powerful reconnaissance tool that has the ability to carry out security checks on web-based applications.
Read More
Detective helps to find Sensitive information, files and directories that are not supposed to see.
Read More
A python script designed to check if the website is vulnerable of clickjacking and creates a poc.
Read More
ClassyShark is a standalone binary inspection tool for Android developers/testers.
Read More
multiple domain scanning with SQL injection dork by Bing, Google, or Yahoo .
Read More
Tulpar is an open source penetration testing tool that can find web application vulnerabilities.
Read More
RiskInDroid (Risk Index for Android) is a quantitative risk analysis tool for Android applications written in Java and Python.
Read More
The tool aims at automating the identification of potential services running behind ports identified manually either through manual scan or services running locally.
Read More
MARA is a Mobile Application Reverse engineering and Analysis Framework. It is a tool that puts together commonly used mobile application reverse engineering and analysis tools.
Read More
SSHScan is a testing tool that enumerates SSH Ciphers and by using SSHScan, weak ciphers can be easily detected.
Read More
CipherScan discovers the SSL ciphersuites supported by the target.
Read More
Altair is a Python based tool that does not require any specific packages to be installed as a pre-requisite. The SQLMAP and Lfier tools must be available on the disposal of the tool.
Read More
XForwardy is a Host Header Injection scanning tool which can detect misconfigurations , where Host Header Injections are potentially possible.
Read More
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items.
Read More
XSpear is XSS Scanner tool which is written in ruby gems. It can be useful for detecting the XSS vulnerability with different level of payloads.
Read More
XCTR is an all in one tools for Information Gathering which can admin panel,page viewer,cms,reverse IP,dork finder,prxoy viewer.
Read More
Vulscan tool can be used for scanning internal servers/machines connected to your systems. This tool scans all the applications even the contents present in your virtual box .
Read More
Blazy is a modern login page bruteforcer. It has Easy target selections Smart form and error detection.
Read More
This tool is designed to look for several security related Android application vulnerabilities, either in source code or packaged APKs.
Read More
Scans That You Can Perform Using RED HAWK are Basic Scan ,Site Title NEW ,IP Address ,Web Server Detection IMPROVED ,CMS Detection ,Cloudflare Detection .
Read More
h8mail is an email OSINT and breach hunting tool using different breach and reconnaissance , or local breaches such as Troy Hunt's "Collection1" and the infamous "Breach Compilation" torrent.
Read More
Grapefruit is a runtime Application Instruments for iOS application and previously it was known by passionfruit. It is used in runtime analysis.
Read More
SSLyze is a fast and powerful SSL/TLS scanning library.It allows you to analyze the SSL/TLS configuration of a server by connecting to it.
Read More
Runtime Mobile Security (RMS), powered by FRIDA, is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime.
Read More
Lynis is a security auditing tool for systems based on UNIX like Linux, macOS, BSD, and others.
Read More
xsssniper is an handy xss discovery tool with mass scanning functionalities.
Read More
GoSpider is a Fast web spider written in Go. It has lot of features to find the subdomains, JS files, AWS details, etc.
Read More
Parth is a Heuristic Vulnerable Parameter Scanner. Some HTTP parameter names are commonly associated with one functionality.
Read More
FinalRecon is a fast and simple python script for web reconnaissance. It follows a modular structure so in future new modules can be added with ease.
Read More
Android application vulnerability analysis and Android pentest tool which has following functions such as App info check, Baksmaling android app, etc,.
Read More
Auto Scanning SSL Vulnerability which does auto Scanning to SSL Vulnerability. (HeartBleed, CCS Injection, SSLv3 POODLE, FREAK...etc).
Read More
Uniscan is a simple Remote File Include, Local File Include and Remote Command Execution vulnerability scanner.
Read More
FridaLoader is an Android app to setup frida and launch in quick way.
Read More
MassBleed is a SSL Vulnerability Scanner that checks for TLS/SSL related vulnerabilities like Drown, POODLE, Heart Bleed, Winshock.
Read More
karen is tools for web application vulnerability scanner build in python3
Read More
A bash script to bypass "403 Forbidden" responses with well-known methods discussed in #bugbountytips
Read More
Web Application Vulnerability Scanners are automated tools that scan web applications.
Read More
WhatWaf is an advanced firewall detection tool which works by detecting a firewall on a web application.
Read More
Frida IPA/iOS dump is an instrument whose primary point is to download IPA files from an jailbroken device
Read More
SUDO_KILLER is a tool that can be used for privilege escalation on linux environment by abusing SUDO in several ways
Read More
A pentesting tool designed to assist with finding all sinks and sources of a web application
Read More
ParamSpider a parameter discovery suite. It finds parameters from web archives of the entered domain
Read More
Network Spoofing is a simple website hacking tool which can scan a website and can also perform attack using this tool.
Read More
peepdf is a Python tool to explore PDF files in order to find out if the file can be harmful or not
Read More
Scilla is a information gathering tool (DNS/Subdomain/Port Enumeration).
Read More
Raccoon is a tool made for reconnaissance and information gathering with an emphasis on simplicity
Read More
Skull Generate a bunch of malicious pdf files with phone-home functionality.
Read More
JD-GUI is a standalone graphical utility that displays Java source codes of “.class” files. You can browse the reconstructed source code with the JD-GUI for instant access...
Read More
Pompem is an open source tool, designed to automate the search for Exploits and Vulnerability in the most important databases.
Read More
Complete Automated pentest framework for Servers, Application Layer to Web Security. Tishna is Web Server Security Penetration
Read More
Get exclusive access to our latest Threatsploit Report detailing the most recent and sophisticated cyber attacks. Stay informed and protect your business from emerging threats.