Dirsearch - Web Content Fuzzing Scanner to find juicy APIs or endpoints, sensitive data exposure, config file

Dirsearch – Web Content Discovery Scanner

To find known misconfigurations, juicy APIs or endpoints, sensitive data exposure, config file, etc. It could be used as a part of web content discovery, to scan passively for high-quality…

Read more »
IntruderPayloads - a Collection of Burpsuite Intruder Payloads For Bug Hunting

IntruderPayloads – Collection of Burpsuite Intruder Payloads For Bug Hunting

IntruderPayloads A collection of Burpsuite Intruder payloads, BurpBounty payloads (https://github.com/wagiro/BurpBounty), fuzz lists and pentesting methodologies. To pull down all 3rd party repos, run install.sh in the same directory of the…

Read more »
EyeWitness - Tool to Take Screenshots of Websites xploitlab

EyeWitness – Tool to Take Screenshots of Websites With Server Header Info

EyeWitness EyeWitness is designed to take screenshots of websites provide some server header info, and identify default credentials if known. EyeWitness is designed to run on Kali Linux. It will…

Read more »
Gospider - Web Crawling and Content Discovery Tool

Gospider – Web Crawling and Content Discovery Tool

Gospider Fast Web Spider Written in Go Gospider is a tool to perform website crawling. Features Fast web crawling Brute force and parse sitemap.xml Parse robots.txt Generate and verify link…

Read more »
Arjun - Tool to Find Query Parameters for URL Endpoints HTTP parameter discovery suite

Arjun – Tool to Find Query Parameters for URL Endpoints

What is Arjun? Arjun is a tool which can find query parameters for URL endpoints. If you don’t get what that means, it’s okay, read along. Web applications use parameters…

Read more »
Degoogle - Tool to Automate Google Dork Search on Target

Degoogle – Tool to Automate Google Dork Search on Target

Overview Degoogle is a automated tool to perform Google Dork search and extract result urls directly and also skip all the click-through links and other sketchiness. This tool also design…

Read more »
reconFTW - Tool to Perform Automated Scanning and Finding Vulnerabilities

reconFTW – Tool to Perform Automated Scan and Finding Vulnerabilities

Overview ReconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities. ReconFTW automates the…

Read more »