Tool of the day

Filebuster is a HTTP fuzzer / content discovery script with loads of features and built to be easy to use and fast! It uses one of the fastest HTTP classes in the world...

Infosploit is an Information Gathering Tool that can be used during a penetration test, OSINT  to enumerate Information about...

Complete Automated pentest framework for Servers, Application Layer to Web Security. Tishna is Web Server Security Penetration

Pompem is an open source tool, designed to automate the search for Exploits and Vulnerability in the most important databases.

JD-GUI is a standalone graphical utility that displays Java source codes of “.class” files. You can browse the reconstructed source code with the JD-GUI for instant access...

The OSINT project, the main idea of which is to collect all the possible Google dorks search combinations and to find the information about the specific web-site:

jadx is a Command line and GUI tools for produce Java source code from Android Dex and Apk files

Photon is a incredibly fast crawler designed for automating OSINT(Open Source Intelligence). This tool designed with the simple...

AndroBugs Framework is an Android vulnerability analysis system that helps developers or hackers find potential security vulnerabilities

Scant3r Scans all URLs with multiple HTTP Methods and Tries to look for bugs with basic exploits as XSS - SQLI - RCE - CRLF -SSTI from Headers and URL Parameters

A pentesting tool designed to assist with finding all sinks and sources of a web application and display these results...

Turbolist3r is a fork of the sublist3r subdomain discovery tool. In addition to the original OSINT capabilties of sublist3r, turbolist3r ...

Ffuf – Fuzz Faster U Fool is a great tool used for fuzzing. It has become really popular lately with bug bounty hunters.

Wapiti works as a "black-box" vulnerability scanner,  that means it won't study the source code of web applications

Androwarn is an instrument whose primary point is to identify and caution ...

Apkurlgrep Tool helps to extract endpoints from APK files. It used apktool to do the decomplie.

The OWASP Amass Project is written in go which is much faster than python and it performs network ...

WAScan ((W)eb (A)pplication (Scan)ner) is a Open Source web application security scanner.

WAFW00F is a Python tool to help you fingerprint and identify Web Application Firewall (WAF) products.

Rebel framework is a module-based framework which has multiple ...

This tool  is use to find the default Ip cameras passwords over different vendors. Run the tools with the following commands