MetaFinder - Tool for Searching Documents in a Domain with search engine google, bing, baidu, yandex

MetaFinder – Tool for Searching Documents in a Domain

Overview MetaFinder is a tool to find documents in a website or domain. This tool is using Search Engines (Google, Bing and Baidu) to Search for documents in a domain….

Read more »
Dirsearch - Web Content Fuzzing Scanner to find juicy APIs or endpoints, sensitive data exposure, config file

Dirsearch – Web Content Discovery Scanner

To find known misconfigurations, juicy APIs or endpoints, sensitive data exposure, config file, etc. It could be used as a part of web content discovery, to scan passively for high-quality…

Read more »
ApkLeaks - Tool For Scanning Mobile Application APK file to Extract All Data URIs, Endpoints & Secrets

ApkLeaks – Tool For Scanning APK file to Extract URIs, Endpoints & Secrets

APKLeaks APKLeaks is a tool for scanning mobile application (APK) file to extract all URIs, endpoints & secrets. With this tool you can automatically extract all data and information on…

Read more »
Fully automated Log4j RCE Scanning and Exploit Tool Kali Linux

log4j-scan – Log4j RCE Scanning and Exploit Tool

Log4j RCE or CVE-2021-44228 is a critical common vulnerability, this allow attacker to do remote code execution on target website. Scanning and Exploiting Log4j can be done manually and also…

Read more »
Subzy - Subdomain Takeover Vulnerability Scan Tool

Subzy – Subdomain Takeover Vulnerability Tool

Subdomain Takeover Vulnerability Subdomain takeover is a high security vulnerability that infect many websites. Subdomain takeover caused by unclaimed CNAME record in third party web applications. Many companies use third…

Read more »
IntruderPayloads - a Collection of Burpsuite Intruder Payloads For Bug Hunting

IntruderPayloads – Collection of Burpsuite Intruder Payloads For Bug Hunting

IntruderPayloads A collection of Burpsuite Intruder payloads, BurpBounty payloads (https://github.com/wagiro/BurpBounty), fuzz lists and pentesting methodologies. To pull down all 3rd party repos, run install.sh in the same directory of the…

Read more »
What is CORS Misconfiguration Bug

Corsy – CORS Misconfiguration Scanner

What is CORS Misconfiguration Bug? Cross-origin resource sharing (CORS) is a browser mechanism which enables controlled access to resources located outside of a given domain. It extends and adds flexibility…

Read more »