attack-surface

There are 34 repositories under attack-surface topic.

  • projectdiscovery/nuclei

    Fast and customizable vulnerability scanner based on simple YAML based DSL.

    Language:Go17.6k2152.2k2.3k
  • Sn1per

    1N3/Sn1per

    Attack Surface Management Platform

    Language:Shell7.6k3333341.8k
  • osmedeus

    j3ssie/osmedeus

    A Workflow Engine for Offensive Security

    Language:Go5.1k134221860

  • microsoft/AttackSurfaceAnalyzer

    Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.

    Language:C#2.7k69330269

  • projectdiscovery/uncover

    Quickly discover exposed hosts on the internet using multiple search engines.

    Language:Go2.3k3564187

  • intrigueio/intrigue-core

    Discover Your Attack Surface!

    Language:Ruby1.3k76112259
  • AttackSurfaceMapper

    superhedgy/AttackSurfaceMapper

    AttackSurfaceMapper is a tool that aims to automate the reconnaissance process.

    Language:Python1.3k4730192

  • 3nock/OTE

    OSINT Template Engine

    Language:C46510761

  • johnnyxmas/ScanCannon

    External attack surface discovery, enumeration and reconnaissance for massive networks

    Language:Shell41219377
  • chiasmodon

    chiasmod0n/chiasmodon

    Chiasmodon is an OSINT tool designed to assist in the process of gathering information about a target domain. Its primary functionality revolves around searching for domain-related data, including domain emails, domain credentials, CIDRs , ASNs , and subdomains, the tool also allows users to search Google Play application ID.

    Language:Python3958032

  • BishopFox/smogcloud

    Find cloud assets that no one wants exposed 🔎 ☁️

    Language:Go32627238

  • 0xtavian/awesome-attack-surface-monitoring

    Curated list of open-source & paid Attack Surface Monitoring (ASM) tools.

    2948341
  • webstor

    RossGeerlings/webstor

    WebStor efficiently enumerates all websites across your organization’s networks and those in your DNS records - including cloud-hosted servers via zone transfer data - stores their responses, and lets you query for known web technologies, including those with zero-day vulnerabilities.

    Language:Python1503119

  • 1N3/AttackSurfaceManagement

    Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty

    Language:Shell825114

  • Krypteria/Seekolver

    Seekolver is a tool focused on attack-surface mapping. It performs searches for subdomains associated with root domains and root domains associated with organisations using open sources, additionally, it resolves these domains and subdomains in search of HTTP and HTTPS services and then filters the information obtained based on their response.

    Language:Python38206

  • lightspin-tech/lightspin-2022-top-7-attack-paths

    Based on Lightspin proprietary data, research, and our tracking of cloud security trends in the market, our research team has compiled a list of the 2022 Top 7 Cloud Attack Paths across AWS, Azure, GCP, and Kubernetes as seen on the Lightspin Cloud Native Application Protection Platform.

    37201
  • vide

    dreizehnutters/vide

    Minimal web server enumeration & attack surface detection tool based on results of nmap.

    Language:Shell36203

  • lunchcat/sif

    🚀 blazing-fast pentesting suite written in Go

    Language:Go292124

  • TalMaIka/Site-Scanner

    Site-Scanner - Web application vulnerability assessment tool.

    Language:Python202

  • owasp-amass/amass-docker-compose

    OWASP Amass Docker Compose for setting up a full instance of the infrastructure

    Language:Shell19212

  • R00tendo/ssb

    ssb=simple subdomain bruteforcer

    Language:Python16303

  • melihi/Exodus-ReverseIpLookup

    Reverse ip lookup tool written with go . Bing , Spyse , HackerTarget , ViewDns

    Language:Go12101

  • chiasmod0n/chiasmodon-mobile

    Chiasmodon Mobile - OSINT Tool for Domain Information Gathering on Android.

    Language:Dart10201

  • krishpranav/sniff

    A Simple Golang Tool That Automates OSINT For Threat Intelligence And Mapping Your Attack Surface.

    Language:Go910

  • srkgupta/cent-nuclei-templates

    Cent Nuclei Templates generated through the cent tool. Maintained by HackerWhite.

    8101

  • reverseroom/vulecc-core

    VULECC is the pioneer in Next-Generation Web Application Vulnerability Scanning technology, enabling businesses to proactively probe their web assets to identify and combat the most intricate vulnerabilities.

    61230

  • frite/cf-enum

    Yet another CF Enumeration tool

    Language:Python5100

  • TubbyCat/droid_debloat_and_note

    Android security notes, debloat guides, scripts. Rolling.

    Language:Shell5101

  • decal/cgiaudit

    :package: general-purpose, "black box" CGI auditing tool (ARCHIVE)

    Language:C420

  • fnord123/CoboSyncVerifier

    Independent verification that the QR Codes displayed by the Cobo Vault to the Cobo App during pairing do not leak secrets.

    Language:Python3126
  • gmailHack

    tmcybers/gmailHack

    Brute force attack script for penetration testing on gmail accounts based on python.

    Language:Python3200

  • otoriocyber/Util-EnumListeningProcesses

    Identify and provide details on listening services in a Windows system

    Language:PowerShell2101

  • open-crs/attack_surface_approximation

    Module for discovering the attack surface of a vulnerable program 🤺

    Language:Python1132
  • ip-2-cloudresource

    magneticstain/ip-2-cloudresource

    IP-2-CloudResource: a CLI tool for correlating a cloud IP address with its associated resources, with a focus on speed and ease-of-use.

    Language:Go021100