Book Free Consultation
Book Free Consultation
Book Free Consultation
The Yuki Chan is an Automated Penetration Testing tool this tool will auditing all standard security test method for you.
Read More
Rebel framework is a module-based framework which has multiple ...
Read More
Wfuzz is a command line tool written in python. It is used to discover common vulnerabilities in web applications through the method of fuzzing.
Read More
Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect
Read More
Offensive Security Tool for Reconnaissance and Information Gathering. Raccoon is a tool made for reconnaissance ...
Read More
The OWASP Amass Project is written in go which is much faster than python and it performs network ...
Read More
Sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.
Read More
GraphQL is a query language for APIs and a runtime for fulfilling those queries
Read More
Corsy is a lightweight program that scans for all known misconfigurations in CORS implementations.
Read More
Sn1per Community Edition is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities.
Read More
Arachni Tool to Identifies vulnerabilities in web application
Read More
RapidScan is a python based scanning tool used for analyzing vulnerabilities ...
Read More
In general, Fuzzing is type of ...
Read More
Once cloned we need to enter into the specific directory and type python smod.py in terminal.Then, type help you will be shown ....
Read More
This tool  is use to find the default Ip cameras passwords over different vendors. Run the tools with the following commands
Read More
WAFW00F is a Python tool to help you fingerprint and identify Web Application Firewall (WAF) products.
Read More
This tool can scan websites with open .git repositories for Bug Hunting...
Read More
Apkurlgrep Tool helps to extract endpoints from APK files. It used apktool to do the decomplie.
Read More
Androwarn is an instrument whose primary point is to identify and caution ...
Read More
Wapiti works as a "black-box" vulnerability scanner, that means it won't study the source code of web applications
Read More
Ffuf – Fuzz Faster U Fool is a great tool used for fuzzing. It has become really popular lately with bug bounty hunters.
Read More
Turbolist3r is a fork of the sublist3r subdomain discovery tool. In addition to the original OSINT capabilties of sublist3r, turbolist3r ...
Read More
W9scan is an excellent Plug-in type web vulnerability scanner that scan the code with the 1200+ built-in plugins...
Read More
Final Recon follows a modular structure so in future new modules can be added with ease.
Read More
A pentesting tool designed to assist with finding all sinks and sources of a web application and display these results...
Read More
Scant3r Scans all URLs with multiple HTTP Methods and Tries to look for bugs with basic exploits as XSS - SQLI - RCE - CRLF -SSTI from Headers and URL Parameters
Read More
Photon is a incredibly fast crawler designed for automating OSINT(Open Source Intelligence). This tool designed with the simple...
Read More
A complete versatile framework to cover up everything from Reconnaissance...
Read More
The OSINT project, the main idea of which is to collect all the possible Google dorks search combinations and to find the information about the specific web-site:
Read More
Infosploit is an Information Gathering Tool that can be used during a penetration test, OSINTÂ to enumerate Information about...
Read More
Shcheck detects which security headers are enabled on certain websites. It just check headers and print a report about which are enabled and which not.
Read More
Filebuster is a HTTP fuzzer / content discovery script with loads of features and built to be easy to use and fast! It uses one of the fastest HTTP classes in the world...
Read More
OneForAll is a powerful chinese subdomain and dns enumeration tool.When considering about subdomain enumeration, amass might be your first and preferable...
Read More
SecretFinder is a python script to discover sensitive data like api keys, access token, authorizations, jwt,..etc in JavaScript(JS) files. It verifies the files with large regular expression.
Read More
JD-GUI is a standalone graphical utility that displays Java source codes of “.class” files. You can browse the reconstructed source code with the JD-GUI for instant access...
Read More
Pompem is an open source tool, designed to automate the search for Exploits and Vulnerability in the most important databases.
Read More
Complete Automated pentest framework for Servers, Application Layer to Web Security. Tishna is Web Server Security Penetration
Read More
A plugin-based scanner that aids security researchers in identifying issues with several CMS.
Read More
LFISuite, an open source local file inclusion scanner and exploiter that is coded in Python. It supports multiple attack points and also has TOR proxy support.
Read More
Dirsearch is Tool that performs bruteforce attack of sensitive directories and files that are found on the websites.
Read More
Weevely is a web shell designed for post-exploitation purposes that can be extended over the network at runtime.Upload weevely PHP agent to a target web server to get
Read More
Insider tool is secure code reviewer, which exclusively focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code.
Read More
Spaghetti is an Open Source web application scanner, it is designed to find various default and insecure files...
Read More
Dex2Jar is an instrument whose primary point is to convert .dex files into jar and smali files. The Dex2jar is mainly used for reverse engineering Android applications.
Read More
--xss : Scan Site if vulnerable [Xss] url must be between double citation --sql : Scan Site if vulnerable [Sql] url must be between double citation
Read More
RVuln:-- A multi-threaded-vulnerability-scanner written in Rust. Automated #Web Vulnerability Scanner.
Read More
Security Tool For Reconnaissance And Information Gathering On A Website
Read More
Skipfish is a powerful reconnaissance tool that has the ability to carry out security checks on web-based applications.
Read More
Detective helps to find Sensitive information, files and directories that are not supposed to see.
Read More
A python script designed to check if the website is vulnerable of clickjacking and creates a poc.Â
Read More
ClassyShark is a standalone binary inspection tool for Android developers/testers.
Read More
 multiple domain scanning with SQL injection dork by Bing, Google, or Yahoo .
Read More
Tulpar is an open source penetration testing tool that can find web application vulnerabilities.
Read More
Altair is a Python based tool that does not require any specific packages to be installed as a pre-requisite. The SQLMAP and Lfier tools must be available on the disposal of the tool.
Read More
XForwardy is a Host Header Injection scanning tool which can detect misconfigurations , where Host Header Injections are potentially possible.
Read More
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items.
Read More
XSpear is XSS Scanner tool which is written in ruby gems. It can be useful for detecting the XSS vulnerability with different level of payloads.
Read More
XCTR is an all in one tools for Information Gathering which can admin panel,page viewer,cms,reverse IP,dork finder,prxoy viewer.
Read More
Blazy is a modern login page bruteforcer. It has  Easy target selections  Smart form and error detection.
Read More
Scans That You Can Perform Using RED HAWK are Basic Scan ,Site Title NEW ,IP Address ,Web Server Detection IMPROVED ,CMS Detection ,Cloudflare Detection .
Read More
xsssniper is an handy xss discovery tool with mass scanning functionalities.Â
Read More
GoSpider is a Fast web spider written in Go. It has lot of features to find the subdomains, JS files, AWSÂ details, etc.Â
Read More
Parth is a Heuristic Vulnerable Parameter Scanner. Some HTTP parameter names are commonly associated with one functionality.
Read More
FinalRecon is a fast and simple python script for web reconnaissance. It follows a modular structure so in future new modules can be added with ease.
Read More
Uniscan is a simple Remote File Include, Local File Include and Remote Command Execution vulnerability scanner.
Read More
karen is tools for web application vulnerability scanner build in python3
Read More
A bash script to bypass "403 Forbidden" responses with well-known methods discussed in #bugbountytips
Read More
Web Application Vulnerability Scanners are automated tools that scan web applications.
Read More
WhatWaf is an advanced firewall detection tool which works by detecting a firewall on a web application.
Read More
A pentesting tool designed to assist with finding all sinks and sources of a web application
Read More
ParamSpider a parameter discovery suite. It finds parameters from web archives of the entered domain
Read More
Network Spoofing is a simple website hacking tool which can scan a website and can also perform attack using this tool.
Read More
Scilla is a information gathering tool (DNS/Subdomain/Port Enumeration).
Read More
Raccoon is a tool made for reconnaissance and information gathering with an emphasis on simplicity
Read More
Skull Generate a bunch of malicious pdf files with phone-home functionality.
Read More
Get exclusive access to our latest Threatsploit Report detailing the most recent and sophisticated cyber attacks. Stay informed and protect your business from emerging threats.