Blogs

Corsy is a lightweight program that scans for all known misconfigurations in CORS implementations.

Sn1per Community Edition is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities.

Offensive Security Tool for Reconnaissance and Information Gathering. Raccoon is a tool made for reconnaissance ...

Arachni Tool to Identifies vulnerabilities in web application

RapidScan is a python based scanning tool used for analyzing vulnerabilities ...

In general, Fuzzing is type of ...

Once cloned we need to enter into the specific directory and type python smod.py in terminal.Then, type help you will be shown ....

This tool  is use to find the default Ip cameras passwords over different vendors. Run the tools with the following commands

Rebel framework is a module-based framework which has multiple ...

WAFW00F is a Python tool to help you fingerprint and identify Web Application Firewall (WAF) products.

This tool can scan websites with open .git repositories for Bug Hunting...

The OWASP Amass Project is written in go which is much faster than python and it performs network ...

Apkurlgrep Tool helps to extract endpoints from APK files. It used apktool to do the decomplie.

Androwarn is an instrument whose primary point is to identify and caution ...

Wapiti works as a "black-box" vulnerability scanner,  that means it won't study the source code of web applications

Ffuf – Fuzz Faster U Fool is a great tool used for fuzzing. It has become really popular lately with bug bounty hunters.

Turbolist3r is a fork of the sublist3r subdomain discovery tool. In addition to the original OSINT capabilties of sublist3r, turbolist3r ...

W9scan is an excellent Plug-in type web vulnerability scanner that scan the code with the 1200+ built-in plugins...

Final Recon follows a modular structure so in future new modules can be added with ease.

A pentesting tool designed to assist with finding all sinks and sources of a web application and display these results...

Scant3r Scans all URLs with multiple HTTP Methods and Tries to look for bugs with basic exploits as XSS - SQLI - RCE - CRLF -SSTI from Headers and URL Parameters