Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
awesome-bbht
from https://github.com/0xApt/awesome-bbht
https://github.com/kaismax/awesome-bbht
Last synced: about 23 hours ago
JSON representation
-
Subdomain-enum
- aquatone - A Tool for Domain Flyovers
- knockpy - Knockpy is a python tool designed to enumerate subdomains on a target domain through a wordlist.
- subbrute - A DNS meta-query spider that enumerates DNS records, and subdomains.
- assetfinder - Find domains and subdomains related to a given domain
- rsdl - Subdomain Scan with the Ping Method
- subDomainizer - A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.
- domain_analyzer - Analyze the security of any domain by finding all the information possible. Made in python.
- massdns - A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
- sub.sh - Online Subdomain Detect Script
- sublist3r - Fast subdomains enumeration tool for penetration testers
- Sudomy - Sudomy is a subdomain enumeration tool, created using a bash script, to analyze domains and collect subdomains in fast and comprehensive way . Report output in HTML or CSV format https://github.com/Screetsec/
- dnsenum - Multithreaded perl script to enumerate DNS information of a domain and to discover non-contiguous ip blocks.
- domain-finder
- amass - In-depth Attack Surface Mapping and Asset Discovery
- subfinder - Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.
-
Content Discovery
-
AWS S3 Bucket
- s3brute - s3 brute force tool
- s3-bucket-finder - Find aws s3 buckets and extract datas.
- bucket-stream - Find interesting Amazon S3 Buckets by watching certificate transparency logs.
- slurp - Enumerate S3 buckets via certstream, domain, or keywords.
- lazys3 - A Ruby script to bruteforce for AWS s3 buckets using different permutations.
- cred_scanner
- DumpsterDiver - A tool used to analyze big volumes of various file types in search of harcoded secrets like keys (AWS Access Key, Azuer Share Key or SSH keys) or passwords.
- S3Scanner - Scan for open AWS S3 buckets and dump the contents
-
Inspecting JS Files
- JSParser - A python 2.7 script using Tornado and JSBeautifier to parse relative URLs from JavaScript files.
- relative-url-extractor - A small tool that extracts relative URLs from a file.
- sub.js - A tool to get javascript files from a list of URLS or subdomains
- LinkFinder - A python script that finds endpoints in JavaScript files
- github-search
-
Crawlers
- Crawler - Crawl website extract links
- waybackMachine - Use wayback Machine data to pull a list of paths.
- meg - Fetch many paths for many hosts - without killing the hosts
- hakrawler - Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application
- igoturls - WaybackURLS + OtxURLS + CommonCrawl
-
Directory Bruteforcers & Fuzzers
-
API
- secretx - Extracting api keys and secrets by requesting each url in your list.
-
Code Audit
- Cobra - Source Code Security Audit (源代码安全审计)
-
-
Exploitation
-
Subdomain Takeover
- subjack - Subdomain Takeover tool written in Go
- subdomain-takeover - Subdomain Takeover Scanner | Subdomain Takeover Tool | by 0x94
- SubOver - A Powerful Subdomain Takeover Tool
- takeover - Sub-Domain TakeOver Vulnerability Scanner
-
Google Cloud Storage
- GCPBucketBrute - A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.
-
Digital Ocean
- spaces-finder - A tool to hunt for publicly accessible DigitalOcean Spaces
-
XXE
- XXEinjector - Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.
-
CSRF
- XSRFProbe - The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.
-
Command Injection
- commix - Automated All-in-One OS command injection and exploitation tool. https://commixproject.com
-
SQLi
-
XSS
- XSStrike - Most advanced XSS scanner.
- XSS-keylogger - A keystroke logger to exploit XSS vulnerabilities in a site - for my personal Educational purposes only
-
-
CMS
-
XSS
- CMSmap - CMSmap is a python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs.
- CMSeeK - CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and over 170 other CMSs
- wpscan - WPScan is a free, for non-commercial use, black box WordPress Vulnerability Scanner written for security professionals and blog maintainers to test the security of their WordPress websites
- Joomscan - OWASP Joomla Vulnerability Scanner Project
- Drupwn - Drupal enumeration & exploitation tool
- Joomscan - OWASP Joomla Vulnerability Scanner Project
- Droopescan
-
-
CloudFlare
-
XSS
- CloudFail - Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
-
-
Git
-
XSS
- git-dumper - A tool to dump a git repository from a website
- truffleHog - Searches through git repositories for high entropy strings and secrets, digging deep into commit history
-
-
Frameworks
-
XSS
- Sn1per - Automated pentest framework for offensive security experts
- XRay - XRay is a tool for recon, mapping and OSINT gathering from public networks.
- datasploit - An #OSINT Framework to perform various recon techniques on Companies, People, Phone Number, Bitcoin Addresses, etc., aggregate all the raw data, and give data in multiple formats.
- Osmedeus - Fully automated offensive security framework for reconnaissance and vulnerability scanning
- TIDoS-Framework - The Offensive Manual Web Application Penetration Testing Framework.
- discover - Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.
- lazyrecon - This script is intended to automate your reconnaissance process in an organized fashion
- 003Recon - Some tools to automate recon - 003random
- LazyRecon - An automated approach to performing recon for bug bounty hunting and penetration testing.
- Vulmap - Vulmap is a web vulnerability scanning and verification tool that can scan webapps for vulnerabilities and has a vulnerability verification function
-
-
Wordlists
-
XSS
- SecLists - SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
- Jhaddix Wordlist
- Nahamsec list
-
-
Other
-
XSS
- altdns - Generates permutations, alterations and mutations of subdomains and then resolves them
- Blazy - Blazy is a modern login bruteforcer which also tests for CSRF, Clickjacking, Cloudflare and WAF.
- httprobe
- broken-link-checker
- wafw00f - WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
- nmap - network mapper
-
Categories
Sub Categories
Keywords
pentesting
16
bugbounty
12
reconnaissance
10
security
10
scanner
8
osint
8
infosec
6
recon
5
security-tools
5
hacking
5
bug-bounty
5
takeover
4
go
4
enumeration
4
pentest-tool
4
scanning
3
python
3
subdomain-enumeration
3
subdomain
3
aws
3
penetration-testing
3
web
3
hacking-tool
3
exploitation
3
s3
3
golang
3
bruteforce
3
pentest
2
hostile
2
subdomain-takeover
2
information-gathering
2
kali-linux
2
joomla
2
bucket
2
attack-surface
2
amazon-s3
2
detection
2
python3
2
s3-bucket
2
vulnerability-scanner
2
database
2
sql-injection
2
subdomain-scanner
2
exploit
2
crawler
2
dns
2
wordpress
2
fuzzer
2
subdomains
2
bash
2