| Army-Knife/BURP |
BurpSuite |
It's Awesome |
it's not |
github🐶 |
| Army-Knife/ZAP |
zaproxy |
The OWASP ZAP core project |
 |
 |
| Discovery/CRAWL |
Photon |
Incredibly fast crawler designed for OSINT. |
 |
 |
| Discovery/CRAWL |
gospider |
Gospider - Fast web spider written in Go |
 |
 |
| Discovery/DNS |
dnsprobe |
DNSProb (beta) is a tool built on top of retryabledns that allows you to perform multiple dns queries of your choice with a list of user supplied resolvers. |
 |
 |
| Discovery/DNS |
shuffledns |
shuffleDNS is a wrapper around massdns written in go that allows you to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard handling and easy input-output support. |
 |
 |
| Discovery/DOMAIN |
Amass |
In-depth Attack Surface Mapping and Asset Discovery |
 |
 |
| Discovery/DOMAIN |
assetfinder |
Find domains and subdomains related to a given domain |
 |
 |
| Discovery/DOMAIN |
findomain |
The fastest and cross-platform subdomain enumerator, do not waste your time. |
 |
 |
| Discovery/DOMAIN |
knock |
Knock Subdomain Scan |
 |
 |
| Discovery/DOMAIN |
subfinder |
Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing. |
 |
 |
| Discovery/FUZZ |
dirsearch |
Web path scanner |
 |
 |
| Discovery/FUZZ |
gobuster |
Directory/File, DNS and VHost busting tool written in Go |
 |
 |
| Discovery/GIT |
GitMiner |
Tool for advanced mining for content on Github |
 |
 |
| Discovery/GIT |
gitGraber |
gitGraber |
 |
 |
| Discovery/GIT |
gitrob |
Reconnaissance tool for GitHub organizations |
 |
 |
| Discovery/HTTP |
Arjun |
HTTP parameter discovery suite. |
 |
 |
| Discovery/PORT |
masscan |
TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes. |
 |
 |
| Discovery/PORT |
naabu |
A fast port scanner written in go with focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests |
 |
 |
| Discovery/PORT |
nmap |
Nmap - the Network Mapper. Github mirror of official SVN repository. |
 |
 |
| Discovery/TKOV |
subjack |
Subdomain Takeover tool written in Go |
 |
 |
| Discovery/URL |
waybackurls |
Fetch all the URLs that the Wayback Machine knows about for a domain |
 |
 |
| Discovery/VULN |
Silver |
Mass scan IPs for vulnerable services |
 |
 |
| Fetch/TOM |
httprobe |
Take a list of domains and probe for working HTTP and HTTPS servers |
 |
 |
| Fetch/TOM |
meg |
Fetch many paths for many hosts - without killing the hosts |
 |
 |
| Fetch/WSOCK |
websocket-connection-smuggler |
websocket-connection-smuggler |
 |
 |
| Scanner/CORS |
Corsy |
CORS Misconfiguration Scanner |
 |
 |
| Scanner/FUZZ |
Medusa |
Automatic Video Library Manager for TV Shows. It watches for new episodes of your favorite shows, and when they are posted it does its magic. |
 |
 |
| Scanner/FUZZ |
thc-hydra |
hydra |
 |
 |
| Scanner/FUZZ |
wfuzz |
Web application fuzzer |
 |
 |
| Scanner/LFI |
LFISuite |
Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner |
 |
 |
| Scanner/LFI |
dotdotpwn |
DotDotPwn - The Directory Traversal Fuzzer |
 |
 |
| Scanner/NOSQL |
NoSQLMap |
Automated NoSQL database enumeration and web application exploitation tool. |
 |
 |
| Scanner/SQL |
sqlmap |
Automatic SQL injection and database takeover tool |
 |
 |
| Scanner/SQL |
sqlninja |
SQL Injection Tool |
 |
 |
| Scanner/SSL |
a2sv |
Auto Scanning to SSL Vulnerability |
 |
 |
| Scanner/SSL |
testssl.sh |
Testing TLS/SSL encryption anywhere on any port |
 |
 |
| Scanner/WP |
wpscan |
WPScan is a free, for non-commercial use, black box WordPress Vulnerability Scanner written for security professionals and blog maintainers to test the security of their WordPress websites. |
 |
 |
| Scanner/WVS |
Striker |
Striker is an offensive information and vulnerability scanner. |
 |
 |
| Scanner/WVS |
arachni |
Web Application Security Scanner Framework |
 |
 |
| Scanner/WVS |
nikto |
Nikto web server scanner |
 |
 |
| Scanner/WVS |
zap-cli |
A simple tool for interacting with OWASP ZAP from the commandline. |
 |
 |
| Scanner/XSS |
XSStrike |
Most advanced XSS scanner. |
 |
 |
| Scanner/XSS |
xspear |
Powerfull XSS Scanning and Parameter analysis tool&gem |
 |
 |
| Utility/CLIP |
ftc |
simple copy to file to clipboard |
 |
 |
| Utility/FIND |
fzf |
A command-line fuzzy finder |
 |
 |
| Utility/GREP |
gf |
A wrapper around grep, to help you grep for things |
 |
 |
| Utility/JSON |
gron |
Make JSON greppable! |
 |
 |
| Utility/S3 |
s3reverse |
The format of various s3 buckets is convert in one format. for bugbounty and security testing. |
 |
 |
| Utility/VULN |
oxml_xxe |
A tool for embedding XXE/XML exploits into different filetypes |
 |
 |
| Utility/VULN |
ysoserial |
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization. |
 |
 |
