Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

Projects in Awesome Lists tagged with attack-surface

A curated list of projects in awesome lists tagged with attack-surface .

https://github.com/projectdiscovery/nuclei

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.

attack-surface cve-scanner dast hacktoberfest nuclei-engine security security-scanner subdomain-takeover vulnerability-assessment vulnerability-detection vulnerability-scanner

Last synced: 28 Jan 2026

https://github.com/microsoft/attacksurfaceanalyzer

Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.

attack-surface security-tools

Last synced: 12 May 2025

https://github.com/microsoft/AttackSurfaceAnalyzer

Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.

attack-surface security-tools

Last synced: 02 May 2025

https://github.com/projectdiscovery/uncover

Quickly discover exposed hosts on the internet using multiple search engines.

asm attack-surface bugbounty cli osint recon reconnaissance

Last synced: 12 May 2025

https://github.com/superhedgy/attacksurfacemapper

AttackSurfaceMapper is a tool that aims to automate the reconnaissance process.

attack-surface attacksurfacemapper linkedin osint python reconnaissance subdomains

Last synced: 08 Apr 2025

https://github.com/superhedgy/AttackSurfaceMapper

AttackSurfaceMapper is a tool that aims to automate the reconnaissance process.

attack-surface attacksurfacemapper linkedin osint python reconnaissance subdomains

Last synced: 13 Mar 2025

https://github.com/chiasmod0n/chiasmodon

Chiasmodon is an OSINT tool designed to assist in the process of gathering information about a target domain. Its primary functionality revolves around searching for domain-related data, including domain emails, domain credentials, CIDRs , ASNs , and subdomains, the tool also allows users to search Google Play application ID.

asn attack-surface bugbounty bugbounty-tool chiasmodon cidr credentials email-enumeration emails information-gathering intelligence intelligence-analysis osint reconnaissance reconnaissance-framework subdomain-enumeration subdomains

Last synced: 18 Apr 2025

https://github.com/johnnyxmas/scancannon

External attack surface discovery, enumeration and reconnaissance for massive networks

asset-inventory asset-management attack-surface enumeration hacking-tool penetration-testing pentesting reconnaissance

Last synced: 15 May 2025

https://github.com/johnnyxmas/ScanCannon

External attack surface discovery, enumeration and reconnaissance for massive networks

asset-inventory asset-management attack-surface enumeration hacking-tool penetration-testing pentesting reconnaissance

Last synced: 02 Apr 2025

https://github.com/RossGeerlings/webstor

WebStor efficiently enumerates all websites across your organization’s networks and those in your DNS records - including cloud-hosted servers via zone transfer data - stores their responses, and lets you query for known web technologies, including those with zero-day vulnerabilities.

attack-surface bugbounty bugbounty-tool cybersecurity footprinting information-gathering infosec pentest-scripts pentest-tools pentesting pentesting-tools recon reconnaissance security security-tools

Last synced: 12 Jul 2025

https://github.com/lightspin-tech/lightspin-2022-top-7-attack-paths

Based on Lightspin proprietary data, research, and our tracking of cloud security trends in the market, our research team has compiled a list of the 2022 Top 7 Cloud Attack Paths across AWS, Azure, GCP, and Kubernetes as seen on the Lightspin Cloud Native Application Protection Platform.

attack-paths attack-surface aws-security awssecurity azure-security azuresecurity cloud-security cloudsecurity gcp-security mitre-attack ttps

Last synced: 11 May 2025

https://github.com/krishpranav/sniff

A Simple Golang Tool That Automates OSINT For Threat Intelligence And Mapping Your Attack Surface.

attack attack-defense attack-surface attack-surfaces bugbounty go golang recon reconnaissance scanner security web-security

Last synced: 14 Apr 2025

https://github.com/exfil0/cve-2024-55591-poc

A comprehensive all-in-one Python-based Proof of Concept script to discover and exploit a critical authentication bypass vulnerability (CVE-2024-55591) in certain Fortinet devices.

attack-surface automated cve-2024-55591 firewall fortinet poc wizard

Last synced: 25 Aug 2025

https://github.com/owasp-noir/noir-passive-rules

Passive Scan Rules for OWASP Noir

attack-surface devsecops noir owasp-noir sast

Last synced: 24 Feb 2025

https://github.com/exfil0/collectjuices

CollectJuices is a powerful tool designed to automate the process of fetching, analyzing, and recursively processing JavaScript files to discover URLs and secrets. Leveraging the capabilities of the JSluice tool and advanced Python libraries, CollectJuices is an essential tool for cybersecurity professionals.

attack attack-surface cybersecurity fuzzing information-gathering intelligence python secrets url

Last synced: 23 Feb 2025

https://github.com/dorinbadea/redaudit

Automated network audit framework. Identity-driven escalation (TCP→UDP) with Smart-Check false-positive filtering. Multi-format reports (JSON/HTML/JSONL) for pentesting, hardening, and SIEM pipelines.

asset-discovery attack-surface blue-team cybersecurity defensive-security incident-response kali-linux network-auditing network-discovery network-scanner network-security nikto nmap nuclei opsec python siem soc vulnerability-assessment vulnerability-scanner

Last synced: 11 Feb 2026