Recon-ng – Full-featured Web Reconnaissance Framework
Recon-ng is a full-featured Web Reconnaissance framework. Complete with web digging modules, database interaction, social media recon, report and more.
Read more »
CloudUnflare – Tool to Reconnaissance Real IP address for Cloudflare Bypass
CloudUnflare is a tool to Reconnaissance Real IP address for Cloudflare Bypass. Because Cloudflare will hide the Real IP address to protect from attack.
Read more »
sslsplit – Transparent SSL/TLS interception
SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. It is intended to be useful for network forensics.
Read more »
SQLi-Hunter – Simple HTTP Proxy Server and SQLMAP API wrapper that makes digging SQLi easy
SQLi-Hunter is a simple HTTP proxy server and a SQLMAP API wrapper that makes digging SQLi easy.
Read more »
Femida – Automated blind-xss Search for Burp Suite
Femida is python plugin for Burp Suite which can automated search blind-xss vulnerability. You will able to fill payloads table with your OOB-XSS vectors.
Read more »
XMLRPC bruteforcer – An XMLRPC Brute Forcer targeting WordPress
XML-RPC brute-forcer is an XMLRPC brute forcer targeting Wordpress. Its faster than Hydra and WpScan. It can brute force 1000 passwords per second.
Read more »
Cowrie – SSH/Telnet Honeypot
Cowrie is a medium interaction SSH and Telnet honeypot designed to log brute force attacks and the shell interaction performed by the attacker.
Read more »