forked from blaCCkHatHacEEkr/PENTESTING-BIBLE
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Tools
113 lines (32 loc) · 1.55 KB
/
Tools
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
-1-Burp extension for handling complex login sequences:
https://github.com/synopsys-sig/ATOR-Burp
-2-An automated SSRF finder:
https://github.com/michaelben6/SSRFire
-3-Extract endpoints from APK files:
https://github.com/ndelphit/apkurlgrep
-4-Selenium based web scraper to generate passwords list:
https://github.com/dariusztytko/words-scraper
-5-A tool for searching a Git repository for interesting content:
https://github.com/digininja/GitHunter/
-6-Quick script to nd domains who belong to a company through http://whoxy.com:
https://github.com/gwen001/pentest-tools/blob/master/domain-finder.py
-7-Automated JS Discovery:
https://github.com/robre/scripthunter
-8- Mass scan IPs for vulnerable services :
https://github.com/s0md3v/Silver
-9-Incredibly fast crawler designed for OSINT.:
https://github.com/s0md3v/Photon
-10- Most advanced XSS scanner. :
https://github.com/s0md3v/XSStrike
-11-Suite of programs meant to aid in bug hunting and security assessments:
https://github.com/fellchase/flumberboozle
-12-Extract endpoints from apk files:
https://github.com/s0md3v/Diggy
-13-Bash script to automate running subdomain enumeration, screenshots and directory enumeration tools:
https://github.com/Sambal0x/Recon-tools
-14-Trying to make automated recon for bug bounties:
https://github.com/phspade/Automated-Scanner
-15-An automated target reconnaissance pipeline:
https://github.com/epi052/recon-pipeline
-16-Reconstruct javascript from a sourcemap in bash:
https://github.com/tehryanx/sourcemapper