SSRFmap - Automatic SSRF Fuzzer and Exploitation Tool

SSRFmap – Automatic SSRF Fuzzer and Exploitation Tool

SSRFMap is an open-sources SSRF tool. It aims to automate the detection and exploitation of SSRF vulnerabilities. SSRFmap takes a Burp request file as input and a parameter to fuzz.

Read more »
FFUF - Fast Web Fuzzing Tool

FFUF – Fast Web Fuzzing Tool

FFUF, which stands for “Fast File Fuzzing,” is a powerful and flexible web fuzzer tool that helps security researchers and penetration testers uncover vulnerabilities in web applications. By automating the…

Read more »
ParamSpider - Website Parameter Scraping Tool to find hidden parameters on website and web application

ParamSpider – Website Parameter Scraping Tool

ParamSpider : Find hidden parameters in web applications ParamSpider is an open-source bug bounty tool that is designed to help bug hunter and security researchers find hidden parameters in web…

Read more »
XSStrike - Automated XSS tool for detection and exploit

XSStrike – Most Advanced XSS Scanner Tool

XSS tool that can help you identify and mitigate XSS vulnerabilities is XSStrike. XSS or Cross-Site Scripting is a common web application vulnerability that allows an attacker to inject malicious…

Read more »
Assetfinder-Tool-to-Discover-Facing-Assets-like-subdomains-and-related-domain-for-Target-Domain

Assetfinder – Tool to Discover Facing Assets for Target Domain

Assetfinder Assetfinder is a powerful open-source tool used for discovering and mapping internet-facing assets for a target domain. It can be used to identify subdomains, IP addresses, and other online…

Read more »

CRLFuzz – Tool to Automatically Scan CRLF Vulnerability

CRLFuzz is a powerful tool used for detecting and exploiting vulnerabilities that arise from the presence of Carriage Return (CR) and Line Feed (LF) characters in web applications. These vulnerabilities…

Read more »
Subfinder - Fast Passive Subdomain Enumeration and Scanner Tool

Subfinder – Fast Passive Subdomain Enumeration Tool

Subfinder is an open-source tool that is designed to help bug hunter and penetration testers discover subdomains related to a specific domain. Subdomains are often overlooked by security teams and…

Read more »