Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

awesome-bbht

from https://github.com/0xApt/awesome-bbht
https://github.com/kaismax/awesome-bbht

  • aquatone - A Tool for Domain Flyovers
  • knockpy - Knockpy is a python tool designed to enumerate subdomains on a target domain through a wordlist.
  • subbrute - A DNS meta-query spider that enumerates DNS records, and subdomains.
  • assetfinder - Find domains and subdomains related to a given domain
  • domain-finder
  • rsdl - Subdomain Scan with the Ping Method
  • subDomainizer - A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.
  • domain_analyzer - Analyze the security of any domain by finding all the information possible. Made in python.
  • massdns - A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
  • subfinder - Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.
  • amass - In-depth Attack Surface Mapping and Asset Discovery
  • sub.sh - Online Subdomain Detect Script
  • sublist3r - Fast subdomains enumeration tool for penetration testers
  • Sudomy - Sudomy is a subdomain enumeration tool, created using a bash script, to analyze domains and collect subdomains in fast and comprehensive way . Report output in HTML or CSV format https://github.com/Screetsec/
  • dnsenum - Multithreaded perl script to enumerate DNS information of a domain and to discover non-contiguous ip blocks.
  • secretx - Extracting api keys and secrets by requesting each url in your list.
  • s3brute - s3 brute force tool
  • s3-bucket-finder - Find aws s3 buckets and extract datas.
  • bucket-stream - Find interesting Amazon S3 Buckets by watching certificate transparency logs.
  • slurp - Enumerate S3 buckets via certstream, domain, or keywords.
  • lazys3 - A Ruby script to bruteforce for AWS s3 buckets using different permutations.
  • cred_scanner
  • DumpsterDiver - A tool used to analyze big volumes of various file types in search of harcoded secrets like keys (AWS Access Key, Azuer Share Key or SSH keys) or passwords.
  • S3Scanner - Scan for open AWS S3 buckets and dump the contents
  • JSParser - A python 2.7 script using Tornado and JSBeautifier to parse relative URLs from JavaScript files.
  • relative-url-extractor - A small tool that extracts relative URLs from a file.
  • github-search
  • sub.js - A tool to get javascript files from a list of URLS or subdomains
  • LinkFinder - A python script that finds endpoints in JavaScript files
  • Cobra - Source Code Security Audit (源代码安全审计)
  • Crawler - Crawl website extract links
  • waybackMachine - Use wayback Machine data to pull a list of paths.
  • meg - Fetch many paths for many hosts - without killing the hosts
  • hakrawler - Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application
  • igoturls - WaybackURLS + OtxURLS + CommonCrawl
  • gobuster - Directory/File, DNS and VHost busting tool written in Go
  • ffuf - Fast web fuzzer written in Go
  • dirsearch - Web path scanner
  • subjack - Subdomain Takeover tool written in Go
  • subdomain-takeover - Subdomain Takeover Scanner | Subdomain Takeover Tool | by 0x94
  • takeover - Sub-Domain TakeOver Vulnerability Scanner
  • SubOver - A Powerful Subdomain Takeover Tool
  • GCPBucketBrute - A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.
  • spaces-finder - A tool to hunt for publicly accessible DigitalOcean Spaces
  • XXEinjector - Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.
  • XSRFProbe - The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.
  • commix - Automated All-in-One OS command injection and exploitation tool. https://commixproject.com
  • sqlmap - Automatic SQL injection and database takeover tool http://sqlmap.org
  • sqliv - massive SQL injection vulnerability scanner
  • sqlmate - A friend of SQLmap which will do what you always expected from SQLmap.
  • XSStrike - Most advanced XSS scanner.
  • XSS-keylogger - A keystroke logger to exploit XSS vulnerabilities in a site - for my personal Educational purposes only
  • CMSmap - CMSmap is a python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs.
  • CMSeeK - CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and over 170 other CMSs
  • wpscan - WPScan is a free, for non-commercial use, black box WordPress Vulnerability Scanner written for security professionals and blog maintainers to test the security of their WordPress websites
  • Joomscan - OWASP Joomla Vulnerability Scanner Project
  • Droopescan
  • Drupwn - Drupal enumeration & exploitation tool
  • CloudFail - Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
  • truffleHog - Searches through git repositories for high entropy strings and secrets, digging deep into commit history
  • git-dumper - A tool to dump a git repository from a website
  • Sn1per - Automated pentest framework for offensive security experts
  • XRay - XRay is a tool for recon, mapping and OSINT gathering from public networks.
  • datasploit - An #OSINT Framework to perform various recon techniques on Companies, People, Phone Number, Bitcoin Addresses, etc., aggregate all the raw data, and give data in multiple formats.
  • Osmedeus - Fully automated offensive security framework for reconnaissance and vulnerability scanning
  • TIDoS-Framework - The Offensive Manual Web Application Penetration Testing Framework.
  • discover - Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.
  • lazyrecon - This script is intended to automate your reconnaissance process in an organized fashion
  • 003Recon - Some tools to automate recon - 003random
  • LazyRecon - An automated approach to performing recon for bug bounty hunting and penetration testing.
  • Vulmap - Vulmap is a web vulnerability scanning and verification tool that can scan webapps for vulnerabilities and has a vulnerability verification function
  • SecLists - SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
  • Jhaddix Wordlist
  • Nahamsec list
  • altdns - Generates permutations, alterations and mutations of subdomains and then resolves them
  • nmap - network mapper
  • Blazy - Blazy is a modern login bruteforcer which also tests for CSRF, Clickjacking, Cloudflare and WAF.
  • httprobe
  • broken-link-checker
  • wafw00f - WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
Programming Languages
Python 34 Go 14 Ruby 4 Shell 4 JavaScript 2 PHP 2 PowerShell 1 Perl 1 C 1
Keywords
pentesting 14 security 9 bugbounty 9 infosec 6 reconnaissance 6 scanner 6 osint 5 recon 5 bug-bounty 4 takeover 4 security-tools 4 go 3 pentest-tool 3 subdomain 3 hacking 3 aws 3 python 3 bruteforce 3 web 3 s3 3 bucket 2 amazon-s3 2 penetration-testing 2 hacking-tool 2 subdomain-takeover 2 hostile 2 enumeration 2 crawler 2 dns 2 pentest 2 wordpress 2 scanning 2 sql-injection 2 s3-bucket 2 python3 2 database 2 vulnerability-scanner 2 exploitation 2 detection 2 golang 2 fuzzer 2 red-teaming 1 fuzzing 1 dirsearch 1 brute 1 xsrf 1 token-generation 1 spider 1 csrf-tokens 1 csrf-scanner 1