attack-surface
There are 34 repositories under attack-surface topic.
projectdiscovery/nuclei
Fast and customizable vulnerability scanner based on simple YAML based DSL.
1N3/Sn1per
Attack Surface Management Platform
j3ssie/osmedeus
A Workflow Engine for Offensive Security
microsoft/AttackSurfaceAnalyzer
Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.
projectdiscovery/uncover
Quickly discover exposed hosts on the internet using multiple search engines.
intrigueio/intrigue-core
Discover Your Attack Surface!
superhedgy/AttackSurfaceMapper
AttackSurfaceMapper is a tool that aims to automate the reconnaissance process.
3nock/OTE
OSINT Template Engine
johnnyxmas/ScanCannon
External attack surface discovery, enumeration and reconnaissance for massive networks
chiasmod0n/chiasmodon
Chiasmodon is an OSINT tool designed to assist in the process of gathering information about a target domain. Its primary functionality revolves around searching for domain-related data, including domain emails, domain credentials, CIDRs , ASNs , and subdomains, the tool also allows users to search Google Play application ID.
BishopFox/smogcloud
Find cloud assets that no one wants exposed 🔎 ☁️
0xtavian/awesome-attack-surface-monitoring
Curated list of open-source & paid Attack Surface Monitoring (ASM) tools.
RossGeerlings/webstor
WebStor efficiently enumerates all websites across your organization’s networks and those in your DNS records - including cloud-hosted servers via zone transfer data - stores their responses, and lets you query for known web technologies, including those with zero-day vulnerabilities.
1N3/AttackSurfaceManagement
Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty
Krypteria/Seekolver
Seekolver is a tool focused on attack-surface mapping. It performs searches for subdomains associated with root domains and root domains associated with organisations using open sources, additionally, it resolves these domains and subdomains in search of HTTP and HTTPS services and then filters the information obtained based on their response.
lightspin-tech/lightspin-2022-top-7-attack-paths
Based on Lightspin proprietary data, research, and our tracking of cloud security trends in the market, our research team has compiled a list of the 2022 Top 7 Cloud Attack Paths across AWS, Azure, GCP, and Kubernetes as seen on the Lightspin Cloud Native Application Protection Platform.
dreizehnutters/vide
Minimal web server enumeration & attack surface detection tool based on results of nmap.
lunchcat/sif
🚀 blazing-fast pentesting suite written in Go
TalMaIka/Site-Scanner
Site-Scanner - Web application vulnerability assessment tool.
owasp-amass/amass-docker-compose
OWASP Amass Docker Compose for setting up a full instance of the infrastructure
R00tendo/ssb
ssb=simple subdomain bruteforcer
melihi/Exodus-ReverseIpLookup
Reverse ip lookup tool written with go . Bing , Spyse , HackerTarget , ViewDns
chiasmod0n/chiasmodon-mobile
Chiasmodon Mobile - OSINT Tool for Domain Information Gathering on Android.
krishpranav/sniff
A Simple Golang Tool That Automates OSINT For Threat Intelligence And Mapping Your Attack Surface.
srkgupta/cent-nuclei-templates
Cent Nuclei Templates generated through the cent tool. Maintained by HackerWhite.
reverseroom/vulecc-core
VULECC is the pioneer in Next-Generation Web Application Vulnerability Scanning technology, enabling businesses to proactively probe their web assets to identify and combat the most intricate vulnerabilities.
frite/cf-enum
Yet another CF Enumeration tool
TubbyCat/droid_debloat_and_note
Android security notes, debloat guides, scripts. Rolling.
decal/cgiaudit
:package: general-purpose, "black box" CGI auditing tool (ARCHIVE)
fnord123/CoboSyncVerifier
Independent verification that the QR Codes displayed by the Cobo Vault to the Cobo App during pairing do not leak secrets.
tmcybers/gmailHack
Brute force attack script for penetration testing on gmail accounts based on python.
otoriocyber/Util-EnumListeningProcesses
Identify and provide details on listening services in a Windows system
open-crs/attack_surface_approximation
Module for discovering the attack surface of a vulnerable program 🤺
magneticstain/ip-2-cloudresource
IP-2-CloudResource: a CLI tool for correlating a cloud IP address with its associated resources, with a focus on speed and ease-of-use.