W9scan is an excellent Plug-in type web vulnerability scanner that scan the code with the 1200+ built-in plugins...
Read MoreFinal Recon follows a modular structure so in future new modules can be added with ease.
Read MoreA pentesting tool designed to assist with finding all sinks and sources of a web application and display these results...
Read MoreScant3r Scans all URLs with multiple HTTP Methods and Tries to look for bugs with basic exploits as XSS - SQLI - RCE - CRLF -SSTI from Headers and URL Parameters
Read MorePhoton is a incredibly fast crawler designed for automating OSINT(Open Source Intelligence). This tool designed with the simple...
Read MoreA complete versatile framework to cover up everything from Reconnaissance...
Read MoreThe OSINT project, the main idea of which is to collect all the possible Google dorks search combinations and to find the information about the specific web-site:
Read MoreInfosploit is an Information Gathering Tool that can be used during a penetration test, OSINT to enumerate Information about...
Read MoreShcheck detects which security headers are enabled on certain websites. It just check headers and print a report about which are enabled and which not.
Read MoreFilebuster is a HTTP fuzzer / content discovery script with loads of features and built to be easy to use and fast! It uses one of the fastest HTTP classes in the world...
Read MoreOneForAll is a powerful chinese subdomain and dns enumeration tool.When considering about subdomain enumeration, amass might be your first and preferable...
Read MoreSecretFinder is a python script to discover sensitive data like api keys, access token, authorizations, jwt,..etc in JavaScript(JS) files. It verifies the files with large regular expression.
Read MoreJD-GUI is a standalone graphical utility that displays Java source codes of “.class” files. You can browse the reconstructed source code with the JD-GUI for instant access...
Read MorePompem is an open source tool, designed to automate the search for Exploits and Vulnerability in the most important databases.
Read MoreComplete Automated pentest framework for Servers, Application Layer to Web Security. Tishna is Web Server Security Penetration
Read MoreA plugin-based scanner that aids security researchers in identifying issues with several CMS.
Read MoreLFISuite, an open source local file inclusion scanner and exploiter that is coded in Python. It supports multiple attack points and also has TOR proxy support.
Read MoreDirsearch is Tool that performs bruteforce attack of sensitive directories and files that are found on the websites.
Read MoreWeevely is a web shell designed for post-exploitation purposes that can be extended over the network at runtime.Upload weevely PHP agent to a target web server to get
Read MoreWfuzz is a command line tool written in python. It is used to discover common vulnerabilities in web applications through the method of fuzzing.
Read More