Vantab14ck
Follow
Stars
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.
CF-Hero is a reconnaissance tool that uses multiple data sources to discover the origin IP addresses of Cloudflare-protected web applications
Medusa is a speedy, parallel, and modular, login brute-forcer.
Impacket is a collection of Python classes for working with network protocols.
Generates millions of keyword-based password mutations in seconds.
Integrate Git version control with automatic commit-and-sync and other advanced features in Obsidian.md
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Go CLI and Library for quickly mapping organization network ranges using ASN information.
🎯 Command Injection Payload List
Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist
fuzzuli is a url fuzzing tool that aims to find critical backup files by creating a dynamic wordlist based on the domain.
A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.
Quickly discover exposed hosts on the internet using multiple search engines.
Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
Scan for misconfigured S3 buckets across S3-compatible APIs!
A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.
A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀
Automagically reverse-engineer REST APIs via capturing traffic
A collection of resources, tools and more for penetration testing and securing Microsofts cloud platform Azure.