creoboter Goto Github PK

amass

In-depth Attack Surface Mapping and Asset Discovery

asnlookup

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

bbht

A script to set up a quick Ubuntu 17.10 x64 box with tools I use.

brutespray

Brute-Forcing from Nmap output - Automatically attempts default creds on found services.

bugbountytoolkit

A multi-platform bug bounty toolkit that can be installed on Debian/Ubuntu or setup with Docker.

can-i-take-over-xyz

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

dnmasscan

A script that can resolve an input file of domains and scan them with masscan

domlink

A tool to link a domain with registered organisation names and emails, to other domains.

eyewitness

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

github-search

Tools to perform basic search on GitHub.

gospider

Gospider - Fast web spider written in Go

gron

Make JSON greppable!

hakrawler

Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application

httprobe

Take a list of domains and probe for working HTTP and HTTPS servers

interlace

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

masscan

TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

metabigor

Intelligence tool but without API key

nuclei

Fast and customizable vulnerability scanner based on simple YAML based DSL.

recon_profile

rock-on

Rock-On is a all in one Recon tool that will just get a single entry of the Domain name and do all of the work alone.

seclists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

shosubgo

Small tool to Grab subdomains using Shodan api.

shuffledns

MassDNS wrapper written in go that allows you to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard handling and easy input-output support.

subdomainizer

A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.

subfinder

Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.

subover

A Powerful Subdomain Takeover Tool

whatwaf

Detect and bypass web application firewalls and protection systems