Blogs

RVuln:-- A multi-threaded-vulnerability-scanner written in Rust. Automated #Web Vulnerability Scanner.

Security Tool For Reconnaissance And Information Gathering On A Website

Skipfish is a powerful reconnaissance tool that has the ability to carry out security checks on web-based applications.

Detective helps to find Sensitive information, files and directories that are not supposed to see.

A python script designed to check if the website is vulnerable of clickjacking and creates a poc. 

ClassyShark is a standalone binary inspection tool for Android developers/testers.

 multiple domain scanning with SQL injection dork by Bing, Google, or Yahoo .

Tulpar is an open source penetration testing tool that can find web application vulnerabilities.

The Yuki Chan is an Automated Penetration Testing tool this tool will auditing all standard security test method for you.

Altair is a Python based tool that does not require any specific packages to be installed as a pre-requisite. The SQLMAP and Lfier tools must be available on the disposal of the tool.

XForwardy is a Host Header Injection scanning tool which can detect misconfigurations , where Host Header Injections are potentially possible.

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items.

XSpear is XSS Scanner tool which is written in ruby gems. It can be useful for detecting the XSS vulnerability with different level of payloads.

XCTR is an all in one tools for Information Gathering which can admin panel,page viewer,cms,reverse IP,dork finder,prxoy viewer.

Blazy is a modern login page bruteforcer. It has  Easy target selections  Smart form and error detection.

Scans That You Can Perform Using RED HAWK are Basic Scan ,Site Title NEW ,IP Address ,Web Server Detection IMPROVED ,CMS Detection ,Cloudflare Detection .

Sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.

Simple script to test if a page is vulnerable to clickjacking.

xsssniper is an handy xss discovery tool with mass scanning functionalities. 

GoSpider is a Fast web spider written in Go. It has lot of features to find the subdomains, JS files, AWS details, etc. 

Parth is a Heuristic Vulnerable Parameter Scanner. Some HTTP parameter names are commonly associated with one functionality.