AI Summary: A-Red-Teamer-diaries is a collaborative repository containing publicly accessible notes and resources for penetration testing and red teaming activities, focusing on various tools and techniques employed during security assessments. Key features include a cheatsheet for quick command reference, detailed methodologies for effective exploitation, and practical scripts for network scanning and enumeration, enhancing both learning and efficiency in cybersecurity engagements. This tool serves as a practical guide for professionals aiming to improve their pentesting methodologies in controlled environments.

AI Summary: Afrog is a security tool designed for bug bounty programs, penetration testing, and red teaming efforts. It facilitates the creation and execution of Proofs of Concept (PoCs) to help security professionals identify vulnerabilities in systems. Notable features include a streamlined PoC writing guide, multi-language support, and a community-driven approach to contribute new exploit techniques.

README

A Security Tool for Bug Bounty, Pentest and Red Teaming

English • 中文

AI Summary: Agentic Radar is a security scanner specifically designed for analyzing agentic workflows, enabling users to identify vulnerabilities within their processes. Key features include Agentic Prompt Hardening, testing for vulnerabilities, and integration with CI/CD workflows, ensuring that security is maintained throughout the development lifecycle.

README

A Security Scanner for your agentic workflows!

AI Summary: ALLiN is a versatile penetration testing tool designed for lateral movement assessments within intranets, capable of handling a wide variety of target formats such as links and CIDR notations. Notable features include support for both Python 2.7 and 3.x, passive identification of web frameworks and components, extensive fingerprint data, and the ability to work across platforms when compiled with pyinstaller. It efficiently organizes scan results and offers multiple configuration options for targeting, threading, and reporting, making it a comprehensive solution for security professionals.

AI Summary: APKLeaks is an automated tool for scanning Android APK files to identify potentially sensitive information such as URIs, endpoints, and secrets. It integrates with the JADX disassembler for decompilation and offers customizable pattern matching through user-defined JSON files, alongside various output options, including text and JSON formats. Key features include support for disassembler arguments, making it flexible for advanced usage scenarios in security assessments of mobile applications.

README

APKLeaks

AI Summary: Microsoft Application Inspector is a source code characterization tool that identifies the features of software components by analyzing code against over 400 rules and regex patterns. Its primary use case lies in aiding users to understand the behavior of both open-source and proprietary codebases, particularly in security contexts, without making determinations of “good” or “bad” practices. It supports multiple programming languages and can generate outputs in various formats, enhancing transparency in software analysis.

AI Summary: ArcherySec is an open-source vulnerability assessment and management tool designed to integrate with CI/CD pipelines, allowing for automated security testing based on scan results. It utilizes popular open-source scanning tools to perform comprehensive web and network vulnerability assessments, while also providing features for vulnerability prioritization, management, and collaboration of scan data. Key functionalities include integration with REST APIs for developers, authenticated web scanning, and support for various third-party tools like OpenVAS and OWASP ZAP.

AI Summary: Artemis is a modular vulnerability scanner designed for assessing website security, primarily used by CERT PL for scanning activities. Its notable features include the ability to automatically generate user-friendly reports detailing specific vulnerabilities, such as exposed version control system data and outdated software versions, which aids organizations in mitigating security risks.

README

Artemis is a modular vulnerability scanner. It’s the tool that powers CERT PL scanning activities by checking various aspects of website security and building easy-to-read messages ready to be sent to the scanned organizations.

AI Summary: asnmap is a Go CLI and library designed for quickly mapping organizational network ranges by leveraging Autonomous System Number (ASN) information. Its primary use case is for cybersecurity analysts to perform lookups for CIDR ranges based on various inputs such as ASN, organization name, domain, or IP addresses, with flexibility in output formats including JSON, CSV, and plain text. Notable features include support for multiple input types, integration with a Project Discovery Cloud Platform API for enhanced data retrieval, and the ability to operate with standard input/output.

AI Summary: AutoPentestX is an automated penetration testing toolkit designed for streamlined security assessments. Its primary use case is to facilitate vulnerability scanning and testing in Linux environments, offering features that simplify the process of identifying and exploiting security weaknesses. The toolkit supports Python 3.8 and above, underscoring its compatibility with modern scripting standards and enhancing its applicability in cybersecurity workflows.

README

AutoPentestX - Automated Penetration Testing Toolkit

AI Summary: AutoPWN Suite is a comprehensive tool designed for automatic vulnerability scanning and exploitation of systems, leveraging advanced scanning techniques such as nmap TCP-SYN scans to identify software versions and associated vulnerabilities. Key features include automatic vulnerability detection, web application testing for various exploits (LFI, XSS, SQLI), configurable scanning options, noise and evasion modes, along with easy result sharing via webhooks or email, and compatibility across multiple operating systems.

AI Summary: The “awesome-web-hacking” repository serves as a comprehensive resource for individuals seeking to enhance their knowledge of web application security. It includes categorized lists of books, documentation, tools, cheat sheets, and educational courses, making it a valuable starting point for learning about penetration testing and various security vulnerabilities. Notable features include contributions from the community through pull requests and a diverse array of resources for both beginners and experienced security professionals.

AI Summary: Awesome YARA is a curated repository that aggregates a comprehensive collection of YARA rules, tools, and resources aimed at enhancing malware detection and analysis. It serves as a valuable resource for cybersecurity professionals and researchers, featuring contributions from various practitioners, performance guidelines, and annual challenges to foster community engagement in YARA rule creation. Notable features include a wide array of rule collections from established cybersecurity entities and active maintenance status indicators for repositories of interest.

AI Summary: Bandit is a security linter specifically designed to identify common security vulnerabilities in Python code by analyzing the Abstract Syntax Tree (AST) of the source files. Its primary use case is to enhance code security through comprehensive scanning and reporting, and it features the ability to run various plugins to detect different types of security issues. Bandit also supports containerization, allowing it to be easily deployed as a Docker image for versatile integration into development workflows.

AI Summary: BBOT is a versatile reconnaissance tool designed primarily for automating tasks related to bug bounties and attack surface management (ASM). Notable features include comprehensive subdomain enumeration, web crawling to extract sensitive information, and an efficient integration of multiple APIs to enhance data gathering effectiveness. The tool also boasts a real-time visualization capability, allowing users to intuitively analyze results.

README

BEE·bot is a multipurpose scanner inspired by Spiderfoot, built to automate your Recon, Bug Bounties, and ASM!

https://github.com/blacklanternsecurity/bbot/assets/20261699/e539e89b-92ea-46fa-b893-9cde94eebf81

AI Summary: BinAbsInspector is a static analysis tool designed for automated reverse engineering and vulnerability scanning of binary files, utilizing abstract interpretation and integrating with Ghidra. It supports multiple architectures including x86, x64, armv7, and aarch64, and can operate in headless mode, GUI mode, or within a Docker environment. Notable features include customizable analysis parameters, Z3 integration for constraint solving, and the ability to output results in JSON format.

README

What is BinAbsInspector?

BinAbsInspector (Binary Abstract Inspector) is a static analyzer for automated reverse engineering and scanning vulnerabilities in binaries, which is a long-term research project incubated at Keenlab. It is based on abstract interpretation with the support from Ghidra. It works on Ghidra’s Pcode instead of assembly. Currently it supports binaries on x86,x64, armv7 and aarch64.

AI Summary: Black Hat Rust is a specialized resource for understanding and implementing offensive security techniques using the Rust programming language. It covers a broad spectrum of offensive security concepts, including building custom tools for cyber attacks, phishing, and exploitation, while emphasizing practical application and real-world Rust programming practices. Notable features include multi-threaded attack surface discovery and async operations, making it suitable for both developers looking to enhance their security skills and security engineers aiming to leverage Rust for offensive purposes.

AI Summary: BlackWidow is a Python-based web application spider designed for gathering critical information from target websites, including subdomains, URLs, dynamic parameters, email addresses, and phone numbers. It features an integrated fuzzer, Inject-X, which scans dynamic URLs for common OWASP vulnerabilities, and automatically saves collected data into organized text files. Notable functionalities include deep crawling with customizable levels, verbose logging, and support for fuzzing unique parameters for enhanced security testing.

AI Summary: Bluing is a specialized intelligence gathering tool designed to exploit vulnerabilities in Bluetooth protocols, facilitating various hacking techniques on Bluetooth devices. It provides essential features such as device address cleaning, hardware compatibility checks, and command options for managing Bluetooth connections, including Basic Rate and Low Energy systems. The tool is primarily intended for use on Linux operating systems, leveraging dependencies like BlueZ and requires Python 3.10 for installation.

AI Summary: Brakeman is a static analysis tool designed to identify security vulnerabilities in Ruby on Rails applications. It supports a wide range of output formats, includes features for ignoring specific checks, and allows for comparing current scans with previous results. Built to be compatible with various Rails versions, it can be run locally or via Docker, providing extensive configuration options for detailed security assessments.

README

AI Summary: Brutespray is a credential brute-forcing tool designed to automatically test default credentials against discovered services from various scan outputs, including Nmap and Nessus. It supports over 30 protocols and features capabilities such as multi-auth support, password spray mode, an interactive terminal UI, and resume functionality, allowing for efficient and comprehensive credential testing across networks. The tool is built in Go and offers extensive customization options through YAML configuration files and embedded wordlists.

AI Summary: Burp AI Agent is an extension for Burp Suite that enhances security testing workflows by integrating AI capabilities. It supports multiple AI backends, allowing users to run both passive and active vulnerability scans across a wide array of vulnerability classes, while featuring options for privacy settings and audit logging for compliance. Additionally, it can connect to external AI agents via the MCP, enabling autonomous operation and enriching the security analysis process.

AI Summary: Burp Bounty is a Burp Suite extension designed to enhance both active and passive scanning capabilities by allowing users to create personalized scanning rules through an intuitive graphical interface. The tool offers advanced pattern search and payload improvement features to build custom issue profiles, catering to automated and manual penetration testing workflows. A notable aspect is the availability of profiles shared by the community, which further augments its functionality.

AI Summary: BurpGPT is an advanced security extension that integrates with Burp Suite to analyze web traffic using AI-driven techniques, specifically utilizing OpenAI’s models to uncover security vulnerabilities that conventional scanners may overlook. Its notable features include customizable prompts for tailored analysis, automated report generation summarizing potential security issues, and granular control over the analysis parameters. This tool streamlines the vulnerability assessment process, improving the efficiency and accuracy of security professionals while handling the complexities of web application security.

AI Summary: BurpSuite-collections is a repository containing various non-BApp Store plugins for Burp Suite, aimed at enhancing penetration testing capabilities. Notable features include SQL injection detection, automated SSRF vulnerability scanning, and the ability to manage variables within Burp, allowing security professionals to effectively discover and exploit vulnerabilities. The project serves primarily as a resource for learning and research related to Burp Suite plugins.

README

Burp-Suite-collections

BurpSuite 相关收集项目，插件主要是非BApp Store（商店）

所有的汉化或者使用burpsuite都是在你配置好了Java环境的前提下！！！相关教程

最新版（202212之后）激活参考这个项目 自己解决，本项目不提供

AI Summary: The Censys Subdomain Finder is a command-line tool designed to enumerate subdomains associated with a specified domain using Certificate Transparency logs from Censys. It retrieves subdomains that have ever been issued an SSL certificate by a public Certificate Authority, offering features such as output to a text file and support for API authentication. Notably, users must set up an account with Censys to access the API, as free accounts will face limitations beginning in late 2024.

AI Summary: changeme is a default credential scanner designed to identify default and backdoor credentials, with a focus beyond common credentials. It features support for multiple protocols, including HTTP, MSSQL, MySQL, PostgreSQL, SSH, SNMP, and FTP, and allows users to easily configure new credentials via YAML files without code changes. The tool offers flexible target loading options and can run efficiently using Docker, particularly with Redis as a queue backend, making it suitable for diverse scanning tasks across network environments.

AI Summary: Claude Bug Bounty is an AI-powered agent harness tailored for professional bug bounty hunting, enabling users to streamline their testing processes. It intelligently orchestrates over 25 tools, remembers past findings across targets, validates vulnerabilities to reduce false positives, and generates ready-to-submit reports in under a minute. Notable features include Burp MCP integration for live traffic monitoring and an autonomous hunting mode that simplifies the testing workflow.

README

Claude Bug Bounty

The AI-Powered Agent Harness for Professional Bug Bounty Hunting

Your AI copilot that sees live traffic, remembers past hunts, and hunts autonomously.

AI Summary: CloudFail is a reconnaissance tool designed to uncover the origin server of targets protected by Cloudflare by utilizing three distinct attack phases: misconfigured DNS scans, querying the Crimeflare database, and brute-forcing over 2500 subdomains. The tool operates through Tor to maintain anonymity while performing these scans, making it particularly useful for security researchers conducting penetration tests or academic inquiries. Key features include seamless integration with Tor for privacy, a focus on potential DNS misconfigurations, and an easy-to-use scanning interface.

AI Summary: Commix is an open-source penetration testing tool designed for automating the detection and exploitation of command injection vulnerabilities in web applications. It supports multiple Python versions and includes extensive documentation with usage examples, facilitating ease of deployment and operation for security professionals. Notable features include comprehensive exploitation capabilities and a user-friendly interface for navigating various commands and options.

README

Commix (short for [comm]and [i]njection e[x]ploiter) is an open source penetration testing tool, written by Anastasios Stasinopoulos (@ancst), that automates the detection and exploitation of command injection vulnerabilities.

AI Summary: Corsy is a lightweight CORS misconfiguration scanner designed to identify vulnerabilities in web applications’ Cross-Origin Resource Sharing implementations. It features a versatile command-line interface that supports scanning URLs directly or from files, utilizes customizable HTTP headers, and provides options for threading, request delays, and exporting results to JSON. Notably, it implements a comprehensive suite of tests to uncover various CORS-related bypass opportunities.

README

Corsy

CORS Misconfiguration Scanner

AI Summary: crawlergo is a robust web vulnerability scanner that utilizes a headless Chrome browser to collect URLs and interact with web pages, capable of intelligent form submission and JavaScript event triggering. Its key features include automatic URL de-duplication, support for different browser environments, request proxying, and the ability to push results to passive vulnerability scanners, making it an essential tool for comprehensive web application security assessments.

README

crawlergo

AI Summary: CRLFuzz is a specialized tool for detecting CRLF injection vulnerabilities in web applications, developed in Go for high performance. It offers flexible scanning options, including targeting individual URLs or multiple URLs from a list, and provides various command line flags to customize request methods, output results to files, and adjust concurrency levels. Notable features include support for custom headers, proxy usage, and integration capabilities with other security tools through standard input.

AI Summary: CVE-bin-tool is a static analysis tool designed to identify vulnerable dependencies in binary artifacts by comparing them against known Common Vulnerabilities and Exposures (CVEs). Its primary use case is to streamline the security assessment process in software projects, enabling developers to detect and remediate vulnerabilities efficiently. Notable features include support for various package formats, a comprehensive vulnerability database, and integration capabilities with CI/CD pipelines for automated security checks.

AI Summary: The RootSec Archive is a comprehensive collection of tools and resources designed for conducting Distributed Denial-of-Service (DDoS) attacks, vulnerability scanning, and botnet management. Notable features include a variety of botnet variants (such as Mirai and QBot), password cracking tools, real-time statistics through DStat, and C2 sources for effective botnet control. This archive serves both as a point of reference and a toolkit for security testing and exploitation practices.

AI Summary: OWASP dep-scan is an advanced security audit tool designed for analyzing project dependencies against known vulnerabilities, advisories, and license issues, applicable to both local repositories and container images. Its primary use case is to facilitate integration within Application Security Posture Management (ASPM) and Vulnerability Management (VM) platforms, especially in Continuous Integration (CI) environments. Notable features include advanced reachability analysis, fast local vulnerability scanning without a server, generation of Software Bills of Materials (SBOM), and clear insights for prioritization of vulnerabilities.

AI Summary: The Digital Forensics Guide serves as a comprehensive resource for those engaged in digital forensics, providing a compilation of applications, libraries, and tools essential for effectively conducting forensic investigations. The guide includes sections on various forensic fields such as computer, mobile, and network forensics, along with curated lists of tutorials, certifications, and frameworks to enhance practitioners’ skills and knowledge. Notable features include playbooks for practical application and a structured format for easy navigation through key topics.

AI Summary: Dirhunt is a web crawling tool designed to search for and analyze directories on web servers, identifying interesting content even when directory listings are disabled. It efficiently detects false 404 errors and empty index files while minimizing server requests, supporting features such as multiple site processing, detection of redirectors, and integration with various data sources for enhanced directory discovery. The tool is aimed at audit teams and is intended for use on owned or authorized servers only.

AI Summary: Dirmap is an advanced web directory scanning tool designed for comprehensive directory discovery and vulnerability assessment, surpassing the capabilities of tools like DirBuster and Dirsearch. Its notable features include support for concurrent scanning across multiple targets and payloads, recursive scanning with customizable status code triggers, dynamic dictionary creation through web crawling, and extensive configuration options for request handling and response processing. This makes Dirmap particularly effective for security professionals conducting thorough penetration testing and vulnerability assessments on web applications.

AI Summary: Discover is a customizable suite of bash scripts designed to automate various tasks in penetration testing, including recon, scanning, enumeration, and malicious payload creation with Metasploit, ideal for use on Kali Linux or Ubuntu systems. Notable features include multiple reconnaissance options for domains and persons, automated scanning tools that utilize Nmap and other utilities, and web application testing facilities incorporating tools like Nikto and SSL analysers. The tool simplifies complex penetration testing workflows through an organized menu structure, enabling swift task execution.

AI Summary: dnstwist is a DNS-centric tool designed for domain name permutation and reconnaissance, allowing security researchers to discover potential phishing domains and domain variations. Its primary use case is to enhance domain security assessments by identifying lookalike domains and subdomain enumeration. Notable features include support for various DNS record lookups, historical data integration, and API access for automation.

README

docs/README.md

AI Summary: The DoublePulsar Detection Script is a Python tool designed to identify the presence of the DoublePulsar implant on systems through SMB and RDP protocols. It supports scanning single IPs or lists of IPs with multi-threading capabilities, and includes functionality for remote uninstall of the implant for remediation. Key features include detection capabilities for both protocols, an early release for urgent network compromise identification, and associated Snort signatures for enhanced detection.

AI Summary: Faraday is an open-source vulnerability management tool designed to facilitate the organization, aggregation, and visualization of security data in a multiuser environment. Its primary use case is to streamline vulnerability discovery and management by integrating various community tools while providing insightful visualizations for both managers and analysts. Notable features include its command-line interface for direct terminal access, support for multiple installation methods (including Docker and PyPi), and the ability to automate scanning tools within CI/CD pipelines.

AI Summary: FinalRecon is an automated web reconnaissance tool designed to efficiently gather comprehensive information about a target in a short time, maintaining high accuracy without the overhead of multiple dependencies. Notable features include detailed data collection on headers, WHOIS, SSL certificate information, DNS enumeration, subdomain and directory enumeration, web crawling, and a port scanning functionality, all in one compact solution. This tool is especially useful for OSINT practitioners seeking quick and reliable data during the reconnaissance phase of security assessments.

AI Summary: Findomain is a comprehensive domain recognition tool designed for efficient subdomain enumeration and monitoring. It utilizes Certificate Transparency Logs and various APIs to discover subdomains without brute-force methods, supports multi-threading for quick searches, and offers integration with notification services such as Discord and Slack. Notable features include DNS over TLS support, parallel resolution capabilities, and extensive configuration options across multiple formats.

README

AI Summary: Fscan is a comprehensive internal network scanning tool designed for automated vulnerability assessment and information gathering. Its primary use case encompasses host discovery, port scanning, credential brute-forcing across various protocols, system vulnerability detection, and web application scanning, including comprehensive support for various databases and frameworks. Notable features include the ability to exploit vulnerabilities such as MS17-010, SSH remote command execution, and the storage of scan results for further analysis.

AI Summary: Fsociety is a comprehensive penetration testing framework designed to provide a wide array of hacking tools utilized in the Mr. Robot series. It features modules for information gathering, password attacks, wireless testing, exploitation, web hacking, and post-exploitation, all implemented in Python 2, with detailed installation instructions for various platforms, including Docker support. Notable tools included are Nmap, sqlmap, WPScan, and several others tailored for diverse security testing scenarios.

AI Summary: Fuxploider is an open-source penetration testing tool designed to automate the detection and exploitation of vulnerabilities in file upload forms. Its primary use case is to identify permissible file types and effectively upload web shells or malicious files to targeted web servers using optimized techniques. Notable features include support for Python 3.6 and the ability to utilize Docker for installation, providing flexibility across different environments.

README

fuxploider

AI Summary: Garud is an automation tool designed for reconnaissance, specifically targeting sub-domain enumeration and vulnerability scanning for injection points such as XSS, SSRF, and SSTI. It integrates multiple popular bug bounty tools, including Assetfinder, Subfinder, and Nuclei, to streamline the scanning process, outputting results systematically while notifying the user upon completion. Notable features include the ability to filter and identify low-hanging vulnerabilities, along with systematic data collection and reporting functionalities.

AI Summary: GDA (GJoy Dex Analyzer) is a powerful Dalvik bytecode decompiler designed for fast analysis of APK, DEX, ODEX, OAT, JAR, CLASS, and AAR files, with minimal memory and disk consumption. It features advanced capabilities including malicious behavior detection, vulnerability scanning, path solving, and deobfuscation, as well as various utilities for interactive operation and assisted analysis. GDA operates natively without requiring a Java VM, making it suitable for use on various Windows systems and virtual machines.

AI Summary: GitHound is a secret detection tool designed to identify exposed API keys, secrets, and credentials across GitHub repositories using advanced pattern matching and commit-history analysis. Its notable features include global GitHub search capabilities, smart API key detection mechanisms, and the ability to visualize results in real-time through the GitHound Explore dashboard. This tool is particularly useful for security professionals in corporate environments and bug bounty hunters seeking to uncover sensitive information that may lead to vulnerabilities.

AI Summary: GitGot is a semi-automated tool designed for the quick identification of sensitive information and secrets stored in public GitHub repositories. It leverages user feedback to refine search results, allowing for the dynamic creation of blacklists based on filenames, repository names, or file content matches. Notable features include session persistence, the ability to query GitHub Gists or self-hosted instances, and support for advanced search syntax using the GitHub Search API.

AI Summary: Goby is a network security assessment tool designed for efficient vulnerability scanning and comprehensive attack surface analysis of target enterprises. It features over 100,000 rule recognition engines and 200 protocol recognition engines, facilitating identification of various network and software vulnerabilities, along with access to preset account information for more than 1,000 devices. Additionally, Goby supports cross-platform functionality on Windows, MacOS, and Linux, and employs a user-friendly interface built with Electron and Vue.

AI Summary: gogo is a versatile network scanning tool designed for both active and passive fingerprinting, featuring customizable port configurations and the extraction of key information such as titles and certificates through regex patterns. It supports the integration of Nuclei proof of concepts (POCs) and offers a heuristic scanning mode for improved performance with minimal resource usage, making it highly efficient for vulnerability detection. The tool is entirely written in Go, ensuring compatibility with minimal dependencies across various operating systems, including legacy versions like Windows 2003.

AI Summary: The golang-tls repository provides tools for generating TLS certificates and creating simple HTTPS/TLS servers and clients using Go. It supports both RSA and ECDSA key generation and facilitates the creation of self-signed certificates. Notable features include configurations for achieving optimal security scores with SSL Labs and the implementation of basic server-client communication over secure connections.

README

Generate private key (.key)

# Key considerations for algorithm "RSA" ≥ 2048-bit
openssl genrsa -out server.key 2048

# Key considerations for algorithm "ECDSA" (X25519 || ≥ secp384r1)
# https://safecurves.cr.yp.to/
# List ECDSA the supported curves (openssl ecparam -list_curves)
openssl ecparam -genkey -name secp384r1 -out server.key

Generation of self-signed(x509) public key (PEM-encodings .pem|.crt) based on the private (.key)

openssl req -new -x509 -sha256 -key server.key -out server.crt -days 3650

Simple Golang HTTPS/TLS Server

package main

import (
    // "fmt"
    // "io"
    "net/http"
    "log"
)

func HelloServer(w http.ResponseWriter, req *http.Request) {
    w.Header().Set("Content-Type", "text/plain")
    w.Write([]byte("This is an example server.\n"))
    // fmt.Fprintf(w, "This is an example server.\n")
    // io.WriteString(w, "This is an example server.\n")
}

func main() {
    http.HandleFunc("/hello", HelloServer)
    err := http.ListenAndServeTLS(":443", "server.crt", "server.key", nil)
    if err != nil {
        log.Fatal("ListenAndServe: ", err)
    }
}

Hint: visit, please do not forget to use https begins, otherwise chrome will download a file as follows:

AI Summary: GoScan is an interactive network scanner client designed to automate and provide abstraction over nmap, facilitating host discovery, port scanning, and service enumeration. It is particularly suitable for use in CTFs, OSCP exams, or professional engagements, capable of maintaining scan state in an SQLite database, allowing for asynchronous results upload even in unstable network conditions. Notable features include service enumeration integration with additional tools such as EyeWitness and Hydra, real-time auto-completion, and support for importing data at various stages of the scanning process.

AI Summary: GoSearch is an OSINT tool designed to automate the process of searching for online profiles associated with specific usernames, utilizing concurrency for efficiency. It integrates searches across multiple extensive databases, including 900,000 leaked credentials from HudsonRock and over 18 billion from BreachDirectory, enhancing its capability to detect compromised accounts. Notable features include the ability to filter results for accuracy with the --no-false-positives flag and the option to crack found password hashes using Weakpass, significantly boosting the tool’s effectiveness in cybersecurity investigations.

AI Summary: The “hack-tools” repository offers a comprehensive collection of cybersecurity tools including DOS, information gathering utilities, malware creation kits, and remote administration tools, catering to a wide audience from enthusiasts to professionals. Key features include multi-platform support for Windows and Linux, compatibility with several programming languages, and the availability of free tools; however, users are cautioned about the legal implications and varying development statuses of the tools provided.

README

AI Summary: HackerPro is a comprehensive pentesting toolkit designed for security professionals, offering a wide array of tools for information gathering, password attacks, wireless testing, web hacking, and post-exploitation. Notable features include Nmap for network scanning, sqlmap for SQL injection, and a suite of tools for scanning and exploiting web applications. This tool facilitates multi-faceted penetration testing, making it essential for those engaged in cybersecurity assessments.

README

AI Summary: Hollows Hunter is a command-line tool designed to identify and dump potentially malicious implants in processes by utilizing the PE-sieve passive memory scanner. Its primary use case includes scanning processes based on various criteria, such as process name and creation time, and it offers capabilities for continuous memory scanning and ETW listening. Notable features include the ability to scan all processes if no specific targets are specified, and support for multiple input criteria for enhanced targeting.

AI Summary: htrace.sh is a shell script designed for troubleshooting and profiling HTTP/HTTPS communications, serving as a wrapper for various open-source security tools. Its primary use case includes diagnosing web application vulnerabilities, analyzing SSL configurations, and extracting response headers and body content through an array of customizable parameters and options. Notable features include the ability to integrate with tools such as testssl, Mozilla’s Observatory, and Nmap’s NSE for comprehensive security assessments.

AI Summary: InQL is an open-source Burp Suite extension tailored for advanced GraphQL testing, enabling security professionals to effectively identify vulnerabilities within GraphQL APIs. It features a user-friendly interface, robust query manipulation capabilities, and integration with Burp’s existing tools, significantly enhancing the testing process for GraphQL applications.

README

InQL v6.1.2 - Burp Extension for Advanced GraphQL Testing

AI Summary: IVRE (Instrument de veille sur les réseaux extérieurs) is a comprehensive network reconnaissance framework designed for both passive and active reconnaissance. It integrates multiple data sources and tools such as Zeek, Nmap, and Masscan, enabling users to gather extensive information about networks efficiently. Notable features include a web interface for data visualization, support for various database backends, and a modular architecture that allows for easy integration of additional tools.

AI Summary: Jaeles is a robust and extensible web application scanning framework developed in Go, designed to facilitate the creation of customized scanners for identifying vulnerabilities. Its primary use case is in the security assessment of web applications, featuring capabilities such as signature-based scanning, integration with Burp Suite, and extensive reporting options. Notable features include the ability to scan multiple URLs concurrently, customizable signature definitions, and Docker support for streamlined deployment.

AI Summary: Jok3r is a Python CLI application designed to assist penetration testers in executing automated network infrastructure and web security assessments. With over 50 integrated open-source tools, it streamlines vulnerability identification through context-aware checks, CVE lookups, and brute force attacks, all packaged within a Docker image for ease of use and customization. Notable features include automatic service fingerprinting, a comprehensive library of security checks for various network services, and automated post-authentication testing.

AI Summary: OWASP JoomScan is an open-source vulnerability scanning tool designed specifically for Joomla CMS deployments, enabling automated detection of vulnerabilities and misconfigurations that could be exploited by attackers. Developed in Perl, it features a lightweight, modular architecture and provides a user-friendly interface with comprehensive reporting capabilities in both text and HTML formats. Notable features include component enumeration, version checks, firewall detection, and the ability to compile detailed reports to assist administrators in maintaining system security.

AI Summary: K8tools is a collection of security research and penetration testing tools designed for use in various environments, including remote command execution and web shells. Notably, these tools are modified to enhance compatibility and stability, catering to security professionals who require reliable functionalities. The repository serves as a hub for downloading tools, accessing documentation, and submitting feedback for continuous improvement.

README

K8tools

声明: 工具仅供安全研究或授权渗透，非法用途后果自负。
下载: https://github.com/k8gege/K8tools
文档: http://k8gege.org/p/72f1fea6.html

AI Summary: KICS (Keeping Infrastructure as Code Secure) is an open-source tool designed to identify security vulnerabilities, compliance issues, and infrastructure misconfigurations in infrastructure-as-code early in the development cycle. It supports various platforms and offers a comprehensive set of queries for thorough analysis, making it essential for maintaining security in cloud-native projects. Notable features include its integration capabilities and extensive documentation for ease of use, enhancing security throughout the software development lifecycle.

AI Summary: KillShot is a comprehensive penetration testing framework designed for information gathering and website vulnerability scanning. Its primary use case involves automating data collection through integrated tools such as WhatWeb and Nmap, while offering features like a CMS Exploit Scanner and web application vulnerability assessments, including XSS and SQL injection detection. The framework also facilitates backdoor generation and includes a fuzzer, making it a versatile tool for security professionals.

AI Summary: Krane is a Kubernetes RBAC static analysis tool designed to identify security risks within K8s RBAC configurations and provide mitigation suggestions. Key features include a customizable set of built-in and user-defined risk rules, a user-friendly dashboard for visualizing RBAC posture, continuous analysis capabilities within clusters, and integration with Slack for alerting on significant risks. Additionally, Krane offers reporting in machine-readable formats and can be deployed locally, within CI/CD pipelines, or as a standalone service.

AI Summary: Leaky Paths is a curated repository of high-quality wordlists designed for web content discovery, targeting misconfigurations and sensitive API endpoints in major web frameworks and infrastructure projects. It serves as a rapid assessment tool for pentesters, security engineers, and bug bounty hunters, emphasizing modern tech stack paths that yield valuable insights while intentionally maintaining a concise list for optimal efficiency. Notable features include paths associated with known vulnerabilities and endpoints that typically expose sensitive data, facilitating quick identification of potential security issues.

AI Summary: Lonkero is a professional-grade web security scanner engineered for advanced penetration testing, boasting over 125 sophisticated scanning modules written in Rust. Its notable features include an intelligent mode for context-aware scanning, machine learning capabilities to minimize false positives to 5%, and unique proof-based XSS detection that eliminates reliance on browsers, significantly increasing scan speed and accuracy. By leveraging a robust architecture that focuses on real vulnerabilities, Lonkero delivers efficient and precise security assessments for modern web technologies.

AI Summary: LunaTrace is an open-source supply chain security and auditing tool that monitors software dependencies for vulnerabilities, integrating seamlessly with GitHub to notify users of new CVEs before deployment. It offers both a free SaaS option and self-hosted deployment capabilities, making it a versatile alternative to commercial tools like GitHub Dependabot and Snyk. Notable features include automatic monitoring, GitHub Pull Request integration, and active development support.

README

AI Summary: Lynis is a security auditing and hardening tool designed for UNIX-based systems, including Linux, macOS, and BSD. It conducts comprehensive security scans to evaluate system defenses, identify vulnerabilities, and suggest improvements for hardening systems against potential threats. Notable features include automated compliance testing, vulnerability detection, configuration management assistance, and adaptability for use by system administrators, auditors, and penetration testers.

README

Documentation

Do you like this software? Star the project and become a stargazer.

AI Summary: Malicious PDF is a tool designed to generate various malicious PDF files featuring phone-home capabilities for use in penetration testing and red-teaming. It supports integration with platforms like Burp Collaborator and Interact.sh, providing a diverse set of attack vectors through ten different crafted PDF examples meant for testing web applications, security products, and PDF readers. Key features include the ability to create PDFs exploiting vulnerabilities like external file access, JavaScript injection, and form data exfiltration.

AI Summary: Malwoverview is a versatile malware analysis tool designed for cybersecurity professionals to visualize and understand malware architecture without submitting samples to external endpoints, thereby ensuring compliance with Non-Disclosure Agreements. Its primary use case involves generating detailed reports on malware characteristics, and it offers a variety of analysis features, including dynamic and static analysis capabilities, and an intuitive user interface for enhanced usability. The tool is free and open-source, allowing users to modify and redistribute it under the GNU General Public License.

AI Summary: Mantis is a command-line framework that automates the processes of asset discovery, reconnaissance, and scanning for vulnerabilities. It efficiently identifies subdomains, certificates, and active assets, culminating in comprehensive scans for misconfigurations and secrets using a combination of open-source and custom tools. Notable features include distributed scanning capabilities, customizable scans, a dashboard for vulnerability management, and integration with various DNS services.

README

Features • Modules • Installation • Command Line Options • Documentation • Contributors • Join Discord

AI Summary: MetaRadar is a Bluetooth Low Energy (BLE) analysis tool designed for educational and security research purposes, enabling users to scan, analyze, and track nearby BLE devices. Its notable features include customizable filtering of BLE broadcasts, deep analysis of device GATT services, and real-time alerts for suspicious devices, thereby enhancing user awareness and control over device privacy. The application operates offline and does not share personal or geolocation data, emphasizing user privacy and security.

AI Summary: Monkey365 is an open-source PowerShell module designed for security configuration reviews of Microsoft 365, Azure, and Microsoft Entra ID environments. It enables users to identify potential security misconfigurations and provides actionable recommendations for compliance with best practices. Notable features include its user-friendly approach that minimizes the need for in-depth knowledge of APIs and complex dashboards while facilitating comprehensive scans for security gaps.

README

AI Summary: n0kovo_subdomains is a comprehensive subdomain enumeration wordlist containing 3,000,000 entries sourced from SSL certificate data across the entire IPv4 space. This tool is designed to enhance the efficacy of subdomain discovery activities for penetration testing and security assessments, utilizing a robust dataset that offers a balanced trade-off between size and search effectiveness. Users can leverage this highly efficient wordlist to improve the success rate of finding subdomains in various target domains.

AI Summary: OWASP Nettacker is an automated penetration testing and information-gathering framework designed for cybersecurity professionals to conduct reconnaissance, vulnerability assessments, and network security audits. Key features include a modular architecture for customizable task execution, support for multi-protocol and multithreaded scanning, comprehensive output formats, and a user-friendly interface for managing scans, all of which enhance its efficacy in identifying weaknesses across diverse systems and applications.

README

OWASP Nettacker

AI Summary: The Ullaakut/nmap library offers Go developers a comprehensive interface to leverage the features of the Nmap network scanner within their applications, facilitating the creation of security audit tools. By utilizing the Go language’s capabilities, the library allows for robust network scans, service detection, and easy parsing of XML outputs produced by the Nmap binary. Notable features include support for various scan types and the ability to manage scan timeouts, enhancing both flexibility and performance in penetration testing scenarios.

AI Summary: NMAP-Formatter is a versatile tool designed to convert NMAP XML output into various formats such as HTML, CSV, JSON, Excel, and more, facilitating the analysis and reporting of network scan results. Notable features include support for output via stdin, the ability to generate diagrams using Graphviz, and options to skip down hosts, enhancing usability for security professionals and network administrators. This tool can also be utilized as a library in Golang for integration into other applications.

AI Summary: Nosey Parker is a command-line interface (CLI) tool designed for scanning textual data to identify secrets and sensitive information, essentially functioning as a specialized grep for secret detection. Targeted primarily at offensive security operations, it offers features such as flexible scanning of various data sources, usage of 188 precision-focused regex rules, deduplication of matches to streamline review processes, and high-speed scanning capabilities, making it suitable for large-scale security engagements. Note that Nosey Parker has been officially retired and replaced by the tool Titus.

AI Summary: NoSQLMap is a Python tool designed for auditing and automating injection attacks on NoSQL databases, primarily targeting MongoDB and CouchDB, while also preparing for support of others like Redis and Cassandra. It helps identify and exploit default configuration vulnerabilities to disclose or replicate database data through a user-friendly menu-based interface. Key features include options for NoSQL DB access attacks, web application attacks, and scanning for anonymous MongoDB access.

AI Summary: npq is a tool designed to audit npm packages prior to installation, enhancing security during the package management process. It performs multiple checks, including vulnerability assessments using the Snyk database, package age, popularity metrics, and the presence of essential documentation files. Notable features include an auto-continue mode after warnings and customizable settings for strict security reviews.

README

npq allows you to audit npm packages before you install them

AI Summary: The Nuclei + Wordfence CVE project provides a comprehensive set of 71,889 Nuclei templates specifically designed for assessing security vulnerabilities in WordPress, including core, plugins, and themes. Notably, the templates are regularly updated to reflect the latest threats identified by Wordfence, offering users a robust tool for proactive site protection and vulnerability identification. This open-source solution allows for customization, giving users the flexibility to adapt templates to meet specific security needs.

AI Summary: The Open Source Security Guide serves as a comprehensive resource for enhancing the security of systems and networks by providing tutorials, standards, and tools relevant to open-source security practices. It includes sections on security certifications, threat models, and various security frameworks, along with a curated list of tools and resources to improve security operations. Notably, it aims to foster a collaborative environment for sharing best practices and advancing security through community initiatives.

AI Summary: openSquat is an open-source intelligence (OSINT) tool designed to identify cyber squatting threats against brands or domains. It leverages advanced detection techniques, such as similarity detection using the Levenshtein distance algorithm, and integrates with services like VirusTotal for domain reputation checks. Key features include daily updates on newly registered domains, DNS validation, and multiple output formats, enhancing its utility for security professionals monitoring potential domain-related threats.

README

AI Summary: Ossa is an open-source security architecture tool designed to assist small to medium-sized enterprises in implementing security measures through accessible tools and resources. Its primary use case is to guide users in the installation and practical application of various security tools to address common vulnerabilities and improve overall security posture. Notable features include a focus on application security fundamentals, intrusion detection, and detailed documentation on tool usage, aimed at enhancing security for organizations lacking dedicated security personnel.

AI Summary: OSV-Scanner is a tool designed to identify vulnerabilities in project dependencies by leveraging the OSV database through a user-friendly CLI interface. It supports a diverse range of programming languages, package managers, and includes features such as vulnerability detection in container images and guided remediation recommendations based on various criteria. The tool’s extensibility and comprehensive data sourcing improve the accuracy and effectiveness of vulnerability notifications for developers.

README

AI Summary: The OSV.dev tool provides a platform for scanning software dependencies against a comprehensive database of known vulnerabilities. It features a Go-based scanner capable of analyzing various types of lockfiles, Docker containers, SBOMs, and git repositories, while enabling users to access a web UI and APIs for data integration and management. Notably, it includes tools for vulnerability data publishing, bisection, impact analysis, and leverages Google Cloud Platform for deployment and scalability.

AI Summary: PE-sieve is a lightweight malware detection tool that scans individual processes for malicious implants such as injected PEs, shellcodes, and various in-memory modifications. It effectively identifies techniques like Process Hollowing and Reflective DLL Injection, allowing for the extraction and analysis of detected threats. Additionally, PE-sieve can be integrated as a DLL with a simple API for use in other applications, enhancing its versatility in malware analysis workflows.

README

AI Summary: The Penetration Testing Cheat Sheet is a comprehensive checklist designed to assist cybersecurity professionals in performing penetration testing tasks. It aggregates various tools and techniques for phases such as reconnaissance, scanning, and vulnerability exploitation, while emphasizing the importance of complementarity among tools for better results. Noteworthy features include automation of certain tasks and links to crucial resources for penetration testing methodologies.

README

Penetration Testing Cheat Sheet

This is more of a checklist for myself. May contain useful tips and tricks.

AI Summary: pentest-tools is a collection of customizable security scripts designed for quick penetration testing needs, facilitating various tasks in security assessments. Notable features include domain enumeration, CORS vulnerability testing, subdomain extraction, and DNS requests handling, all provided in multiple programming languages such as Bash, Python, and PHP for versatile usability. This toolkit streamlines common pentesting workflows with efficient tools aimed at both novice and experienced security professionals.

README

pentest-tools

A collection of custom security tools for quick needs.

AI Summary: Pentest Tools is a comprehensive catalog of penetration testing resources, referencing tools primarily from Kali Linux, and featuring both open-source and readily accessible software. It includes a wide array of categories such as information gathering, vulnerability analysis, and exploitation tools, aimed at facilitating various aspects of security assessments. Notable features include a curated list of essential tools, categorized functionalities, and a long-term commitment to updates and supplementary resources.

AI Summary: PHP Antimalware Scanner is a PHP-based tool designed to scan projects for malicious code embedded within PHP files. Its primary use case is to detect potential malware through an interactive console interface or in a reporting mode that generates results in HTML or text. Notable features include customizable scanning options for file paths, action prompts upon detection of malware, and compatibility with various PHP configurations.

README

AI Summary: POC-T (Pentest Over Concurrent Toolkit) is a versatile framework designed for penetration testing that facilitates concurrent tasks such as data collection, web crawling, brute-force attacks, and bulk PoC management. Its notable features include support for both multithreading and Gevent concurrency modes, simplified script writing without extensive documentation, built-in script extensions, and integration with popular search engine APIs like ZoomEye, Shodan, and Google.

README

POC-T: Pentest Over Concurrent Toolkit

AI Summary: pythem is a versatile penetration testing framework written in Python, designed for use by security researchers and professionals to conduct various security assessments within legal boundaries. Notable features include support for attacks such as ARP spoofing, DNS manipulation, brute force attacks on SSH and web forms, as well as tools for exploit development and packet filtering. The framework can be installed on Debian-based Linux distributions, or run as a Docker container, facilitating accessibility and ease of deployment.

AI Summary: Raccoon is an offensive security tool designed for reconnaissance and information gathering, offering a wide range of features like DNS enumeration, WHOIS lookup, TLS data analysis, port scanning, and directory fuzzing. With support for asynchronous scanning via Python’s asyncio and anonymity through Tor/proxies, it provides efficient and robust scanning capabilities while organizing outputs by target and scan type. Additionally, it leverages default wordlists from SecLists for various reconnaissance tasks, enhancing its operational effectiveness.

AI Summary: Randar is a Minecraft exploit targeting versions Beta 1.8 to 1.12.2 that uses LLL lattice reduction to manipulate the game’s random number generator, java.util.Random, allowing attackers to derive the precise coordinates of other players’ locations based on item drop positions from mined blocks. The exploit hinges on a vulnerability in the game’s code, where improper reuse of RNG instances can be exploited to track players across vast distances, making it particularly significant on anarchic servers like 2b2t, where player anonymity and location security are critical. Notable features include the ability to reverse-engineer the RNG state to pinpoint player coordinates efficiently and the reliance on advanced mathematical techniques to achieve this.

AI Summary: RapidScan is a multifaceted web vulnerability scanner that automates the execution of various security scanning tools to efficiently uncover and assess vulnerabilities in web applications. Notable features include its one-step installation, support for multiple tools like nmap and nikto, the ability to correlate results to reduce false positives, and the provision of detailed vulnerability definitions and remediation strategies. The tool is designed to streamline the penetration testing process, saving valuable time while offering comprehensive reporting and future plans for AI-driven tool deployment based on detected issues.

AI Summary: Reconmap is an open-source penetration testing management and automation platform that aids security professionals throughout the engagement lifecycle by efficiently planning, executing, and reporting on security assessments. Its notable features include real-time execution and scheduling of security commands, automated output capture, vulnerability tracking, and the generation of professional reports in multiple formats, all aimed at streamlining workflows and enhancing collaboration among InfoSec teams.

README

AI Summary: Reconnoitre is a reconnaissance tool designed for automating information gathering and service enumeration tailored for OSCP labs. Its primary use case involves creating a structured directory for storing results, findings, and recommended commands for each target host while offering features like DNS and SNMP sweeps, service scanning, and virtual host discovery using customizable wordlists. The tool emphasizes ease of use and flexibility, allowing users to execute tailored reconnaissance operations efficiently.

AI Summary: ReconPi is a lightweight reconnaissance tool designed for extensive domain analysis and asset discovery using a Raspberry Pi or a VPS. Its primary functionality includes resolving domain names, subdomain enumeration, vulnerability scanning using Nmap, and integrating tools like Nuclei for template-based security assessments. Notable features include automated reporting, Slack notifications, and easy installation through a straightforward script, making it accessible for cyber reconnaissance tasks.

README

Recon Pi

__________                          __________.__ 
\______   \ ____   ____  ____   ____\______   \__|
 |       _// __ \_/ ___\/  _ \ /    \|     ___/  |
 |    |   \  ___/\  \__(  <_> )   |  \    |   |  |
 |____|_  /\___  >\___  >____/|___|  /____|   |__|
        \/     \/     \/           \/             
                            
			v2.2 - @x1m_martijn 

ReconPi - A lightweight recon tool that performs extensive reconnaissance with the latest tools using a Raspberry Pi.

AI Summary: The remote-method-guesser (rmg) is a Java RMI vulnerability scanner designed to identify and verify common security vulnerabilities on Java RMI endpoints. It features practical examples, including servers that facilitate testing for standard RMI services, SSRF attacks, and Spring Remoting integration, making it a valuable tool for penetration testers and security researchers. The tool’s compatibility with Docker allows for efficient setup and execution of security assessments in isolated environments.

AI Summary: reNgine is a comprehensive web reconnaissance and vulnerability scanning tool aimed at security professionals, penetration testers, and bug bounty hunters. It features a highly configurable engine, data correlation capabilities, continuous monitoring, and a database-backed reconnaissance system, with the latest update including enhancements like a bounty hub integration, subdomain enumeration tools, and customizable reporting templates. This tool streamlines the reconnaissance process, enhancing efficiency and effectiveness in identifying vulnerabilities across web applications.

AI Summary: RustScan is an advanced port scanner designed for high-speed operation, capable of scanning all 65,000 ports in just 3 seconds. Its notable features include a flexible scripting engine that supports Python, Lua, and Shell for automated processing, as well as adaptive learning capabilities that enhance its performance over time, making it a highly effective tool for network security assessments.

README

AI Summary: sandmap is a reconnaissance tool that enhances the capabilities of the Nmap engine, providing a simplified command line interface for automating and expediting network and system scanning processes. It offers 31 modules with 459 predefined scan profiles, support for the Nmap Scripting Engine (NSE), and integration with TOR for enhanced privacy during scans, allowing users to execute multiple scans simultaneously.

README

sandmap

Description • How To Use • Command Line • Configuration • Requirements • Other • Contributing • License • Wiki

AI Summary: scan4all is a versatile cybersecurity tool designed for automated web scanning and vulnerability detection, integrating various tools such as vscan, nuclei, and subfinder. It supports a wide range of protocols for password blasting and includes built-in detection capabilities for over 15,000 proof-of-concept (PoC) exploits. Built on Golang, it is cross-platform, lightweight, customizable, and features intelligent scanning mechanisms that optimize performance while ensuring comprehensive coverage of vulnerabilities.

README

💬

AI Summary: Scanners Box is a comprehensive hacker toolkit that consolidates over 335 open-source scanners across various categories, such as subdomain enumeration, SQL injection vulnerability detection, and malware detection. The tool is designed for modular vulnerability assessment and does not include well-known scanning tools like Nmap or Metasploit, focusing instead on specialized scanning capabilities. Notable features include AI-powered autonomous scanners, dynamic and static code analysis, and comprehensive scanning for web applications and IoT devices.

AI Summary: Scilla is an information gathering tool designed for DNS, subdomains, ports, and directories enumeration. Its primary use case is for penetration testing, providing capabilities for extensive reconnaissance on target domains. Notable features include customizable wordlists for subdomain and directory enumeration, multiple output formats, and ease of installation through various methods such as Homebrew, Snap, and Docker.

README

🏴‍☠️ Information Gathering tool 🏴‍☠️ - DNS / Subdomains / Ports / Directories enumeration


_{Coded with 💙 by edoardottt}
Share on Twitter!

AI Summary: Scope Sentry is a versatile cybersecurity tool that provides functionalities such as asset mapping, subdomain enumeration, vulnerability scanning, and information leakage detection. Its primary use case is to facilitate comprehensive security assessments of web assets through a distributed scanning approach, allowing users to configure multiple scanning nodes. Notably, it features a plugin system for extensibility, supports multi-node scanning, and includes components for web monitoring and sensitive data leakage detection.

AI Summary: Deepfence SecretScanner is a standalone tool designed to identify unprotected secrets, such as API keys and passwords, within container images and file systems. It matches content against a comprehensive database of approximately 140 secret types, outputting detailed findings in JSON format. Furthermore, SecretScanner can be integrated into the ThreatMapper platform, allowing for holistic vulnerability scanning and risk assessment in cloud-native applications.

README

SecretScanner

SecretScanner

Deepfence SecretScanner can find unprotected secrets in container images or file systems.

AI Summary: security-tools is a collection of small security utilities developed in Python and Bash, aimed at assisting CTF competitors, bug bounty hunters, penetration testers, and developers. The primary use case is to facilitate various security tasks and streamline the testing process. Notable features include a diverse range of tools tailored for different security challenges and scenarios.

README

security-tools

Small security related tools created in Python and Bash for CTF players, bug bounty hunters, pentesters and developers.

AI Summary: Shortscan is an IIS short filename enumeration tool that rapidly identifies files with short filenames on an IIS web server and attempts to discover their corresponding full filenames using a unique checksum matching method. Its notable features include support for custom headers, concurrency settings, and vulnerability checks without full file enumeration, as well as the ability to utilize custom wordlists and generate rainbow tables through an accompanying utility named shortutil.

AI Summary: Silver is a mass vulnerability scanner that integrates with masscan and nmap to provide rapid, comprehensive TCP port scanning and vulnerability assessment. Notable features include resumable scanning, multi-core utilization, caching of vulnerability data, and integration with Shodan, allowing for efficient parallel processing and streamlined notifications through Slack. Its support for various input formats and customizable scanning options enhances its usability for security assessments across different environments.

README

Silver

Mass Vulnerability Scanner

AI Summary: SIPVicious OSS is a comprehensive toolset designed for auditing SIP-based VoIP systems. Its primary functions include discovering SIP servers, enumerating extensions, and facilitating password cracking through various methods, making it an essential resource for penetration testing of VoIP infrastructures. Notable features include its scanning capabilities (svmap), extension identification (svwar), password cracking (svcrack), session reporting (svreport), and the ability to exploit vulnerabilities in SIP systems (svcrash).

README

Welcome to SIPVicious OSS security tools

AI Summary: Skanuvaty is a high-performance DNS/network/port scanning tool that allows users to quickly analyze a domain by discovering its subdomains and resolving their corresponding IPs. Notable features include support for concurrent scans, with the ability to test thousands of subdomains within seconds, and the generation of a comprehensive output file in JSON format for further analysis.

README

Skanuvaty

Dangerously fast dns/network/port scanner, all-in-one.

Start with a domain, and we’ll find everything about it.

AI Summary: sn0int is a semi-automatic OSINT framework and package manager designed for IT security professionals and researchers to gather intelligence on targets or themselves. It facilitates the enumeration of attack surfaces by processing public information through flexible, modular analysis tools and provides features such as subdomain harvesting, IP address enrichment, login breach discovery, and social media profile analysis. Its extensible architecture allows users to create and share custom modules, enhancing its versatility in investigations.

AI Summary: Spoilerwall is a network hardening tool that obscures open ports by serving movie spoilers whenever a scan is performed, effectively misleading potential attackers. Its primary use case is to create a deceptive environment that appears vulnerable but instead provides mundane content, deterring unwanted attention and scans. Notable features include customizable spoiler content, easy server setup, and the ability to redirect all TCP traffic to the Spoilerwall service, enhancing security through obfuscation.

AI Summary: sqlmap is an open-source penetration testing tool designed for automating the detection and exploitation of SQL injection vulnerabilities in web applications. It features a robust detection engine with capabilities such as database fingerprinting, data extraction, file system access, and command execution through out-of-band connections, making it a comprehensive tool for security professionals. The tool is compatible with Python 2.7 and 3.x, ensuring broad platform support.

README

sqlmap

AI Summary: SubDomainizer is a reconnaissance tool that identifies hidden subdomains and secrets from specified URLs, web pages, and external JavaScript files. It supports various cloud storage services and can detect S3 buckets and CloudFront URLs, potentially exposing vulnerabilities such as open read/write permissions and subdomain takeover risks. The tool is capable of scanning both individual URLs and lists, with a feature for extracting secrets based on keyword searches and Shannon Entropy calculations, although this is currently in beta phase.

AI Summary: SubScraper is a subdomain enumeration tool designed for penetration testers and bug bounty hunters, enabling the discovery of an organization’s attack surface through multiple techniques. It supports DNS resolution, HTTP(S) requests, and CNAME lookups, along with modular support for various data sources and the capability to handle multiple targets. Key features include compatibility with Windows CLI, output formatting in .txt or .csv, and easy extensibility to add new enumeration methods.

AI Summary: Sudomy is a subdomain enumeration and analysis tool designed for advanced automated reconnaissance and OSINT activities. It features both active and passive enumeration methods, utilizing efficient techniques such as DNS brute-forcing via Gobuster and data collection from 22 curated third-party sources. Additional capabilities include subdomain testing, virtual host classification, port scanning, and technology identification, making it a comprehensive solution for penetration testing and bug bounty applications.

README

Sudomy

AI Summary: Template is a heuristic internal network scanning tool designed for security assessments and vulnerability detection. It features a producer-consumer model for efficient data handling, employs heuristic scanning methods to minimize packet sending, and includes robust web fingerprinting capabilities with over 900 fingerprints. Additionally, it supports extreme concurrency in its modules, optimizing performance during scans and brute force attacks.

README

Template - 启发式内网扫描

AI Summary: The Terrapin Vulnerability Scanner is a Go-based utility designed to assess the vulnerability of SSH clients and servers against the Terrapin Attack. It utilizes a single connection to retrieve supported algorithms without initiating a full SSH key exchange, allowing it to identify potential vulnerabilities and support for known countermeasures like strict key exchange. Notable features include JSON output for results, support for various operating systems via pre-compiled binaries and Docker, and ease of building from source.

AI Summary: TIDoS is an advanced offensive web application penetration testing framework designed to facilitate comprehensive security assessments by automating tasks across multiple phases, including reconnaissance, scanning, and vulnerability analysis. With over 100 modules and features such as multiprocessing for performance enhancement, a Metasploit-like console interface, and a graphical user interface, TIDoS streamlines the penetration testing process, enabling users to conduct efficient and thorough web application security assessments with minimal configuration. Additional capabilities like Tor integration further enhance anonymity during testing efforts.

AI Summary: The Trivy Operator is a Kubernetes-native security toolkit that utilizes Trivy to perform continuous security scans of Kubernetes clusters. It automatically generates and updates comprehensive security reports, including vulnerability assessments, configuration audits, and compliance checks, which are accessible through the Kubernetes API. Notable features include automated scans for workloads, RBAC assessments, secret exposure detection, and generation of Software Bill of Materials (SBOM) for workloads, aiding in the identification and mitigation of potential security risks in real-time.

AI Summary: URLFinder is a high-speed, passive URL discovery tool optimized for efficient web asset discovery without active scanning, making it particularly useful for penetration testers and security researchers. It features curated passive sources for comprehensive URL gathering, supports multiple output formats, and provides integration capabilities through STDIN/OUT support.

README

URLFinder

A high-speed tool for passively gathering URLs, optimized for efficient web asset discovery without active scanning.

Features • Installation • Usage • Examples • Join Discord

AI Summary: User Scanner is an advanced email and username OSINT tool designed to verify the registration status of emails and the availability of usernames across multiple platforms, including GitHub, X (formerly Twitter), Reddit, and Instagram. It features dual-mode usage for email and username scanning, supports bulk scanning, utilizes wildcard-based username permutations, and provides clear output formats such as JSON and CSV, along with proxy support for enhanced anonymity. The tool’s modular architecture allows for easy integration of new platforms, making it a versatile choice for security professionals and branding efforts.

AI Summary: V3n0M-Scanner is an offensive security framework designed for vulnerability scanning and penetration testing, offering a Python-based toolkit that operates across both Linux and Windows platforms. Notable features include advanced scanning capabilities for SQL injection, local file inclusion to remote code execution, and a Cloudflare resolver, along with extensive target lists and efficient scanning of potentially millions of IPs for known vulnerabilities. The tool is open-source and aims to provide transparency and ease of use for security professionals.

AI Summary: Validity90 is a tool focused on reverse engineering the communication protocol of various Validity fingerprint readers, such as models 138a:0090 and 138a:0094. It aims to create an open-source driver for integration with the libfprint library, featuring a Wireshark dissector for analyzing encrypted communication and a standalone prototype for testing device functionalities. Notably, the project is actively developing specifications and protocols for multiple devices, with partial implementation already achieving scan and internal database check capabilities.

AI Summary: VHostScan is a virtual host scanner designed to enhance the discovery of virtual hosts and identify catch-all scenarios, aliases, and dynamic default pages. This tool is particularly useful for penetration testers and security professionals, as it features a modernized codebase, improved wordlists for various environments, robust error handling, and performance optimizations. Notable capabilities include support for both HTTP and HTTPS, customizable wordlist inputs, and the ability to identify new targets through reverse lookups.

AI Summary: VulnX is an intelligent bot designed for automatic shell injection that identifies vulnerabilities across various content management systems (CMS). Key features include multi-threaded vulnerability scanning, target information gathering, subdomain enumeration, and the ability to search for exploits using dorks, which streamline the injection process as opposed to manual methods. The tool supports multiple CMS platforms, enhancing its usability for security assessments and penetration testing.

README

VulnX

Vulnx 🕷️ is An Intelligent Bot Auto Shell Injector that detects vulnerabilities in multiple types of Cms

AI Summary: Vulscan is a powerful Nmap module that transforms the commonly used network scanning tool into an effective vulnerability scanner by leveraging version detection to identify potential flaws in services. It utilizes various pre-defined vulnerability databases such as VulDB and CVE, with the capability of supporting custom databases for enhanced flexibility. Notable features include automatic updates for vulnerability databases and configurable settings to optimize match priority and version detection.

AI Summary: W13Scan is an open-source web vulnerability scanner written in Python3, capable of both active and passive scanning modes across Windows, Linux, and Mac platforms. It features a comprehensive suite of detection plugins, including XSS, SQL injection, and file leakage checks, along with customizable modules for specialized environments, ensuring high accuracy and adaptability for security professionals.

README

W13Scan

W13scan 是基于Python3的一款开源的Web漏洞发现工具,它支持主动扫描模式和被动扫描模式，能运行在Windows、Linux、Mac上。

html模板源码:w13scan-report

声明

使用W13Scan前请遵守当地法律,W13Scan仅提供给教育行为使用。

AI Summary: Web Cache Vulnerability Scanner (WCVS) is a command-line interface tool designed to identify and exploit web cache poisoning and deception vulnerabilities across various web applications. It supports multiple techniques for both attack types, features a crawler for discovering additional URLs, and can be integrated into CI/CD processes to streamline security practices. Notable functionalities include customizable request handling, JSON report generation, and the ability to route traffic through a proxy for enhanced testing versatility.

AI Summary: Webanalyze is a performance-oriented tool written in Go that identifies technologies used by web applications by analyzing HTTP responses from specified hosts. Its primary use case is for security assessments and technology profiling, supporting bulk analysis of multiple hosts via input files and offering output in various formats such as CSV and JSON. Notable features include the ability to crawl links from a root page, search for subdomains, and download updated app definitions from the Wappalyzer repository.

AI Summary: WebCopilot is an automation tool for security assessments that enumerates subdomains of a target domain and scans for vulnerabilities such as XSS, SQLi, and RCE. It employs various open-source tools for subdomain enumeration, active scanning, endpoint crawling, and filtering of vulnerability parameters, ultimately presenting the results in a structured manner. Notable features include comprehensive subdomain enumeration, endpoint crawling, and integration with multiple vulnerability scanning tools.

README

WebCopilot

An automation tool that enumerate subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.

AI Summary: WPScan is a specialized security scanner for WordPress sites, primarily used to identify vulnerabilities in themes and plugins as well as misconfigurations. Its notable features include support for user enumeration, integration with the WordPress Vulnerability Database for real-time risk assessment, and customizable scanning options for stealth or aggressive detection modes. The tool can be easily installed via RubyGems or Docker and offers extensive usage documentation for diverse scanning approaches.

AI Summary: XAttacker is a comprehensive exploitation tool designed for scanning and auto-exploiting vulnerabilities in web applications, particularly those using popular Content Management Systems (CMS). It identifies the target website’s architecture, detects vulnerabilities, generates exploits, and provides the user with the relevant exploit link. Notable features include a vulnerability scanner, auto-exploiting capabilities, and support for multiple CMS platforms, along with dork search functionality across various search engines.

README

XAttacker V2.5 Tool FREE

XATTACKER A Massive Exploiting Tool capable of scanning and auto-exploiting vulnerabilities in web applications, By providing a target website to the tool, it auto detects its’ architecture if using a Content Management Service (CMS) and tries to find vulnerabilities based on the detected CMS, After finding the vulnerabilities the tool will generate an exploit for the website and send the user the link of the exploit.

AI Summary: Yakit is an interactive application security testing platform that integrates the CyberSecurity Domain Specific Language (CDSL) for enhanced security operations. Its primary use case is to provide a comprehensive GUI for manipulating security testing capacities via a gRPC server, fully replacing tools like BurpSuite and offering unique features such as a visual web fuzzing tool and a plugin store for customizable security scripts. Additionally, Yakit allows non-coders to harness advanced security capabilities without programming knowledge, facilitating both local and remote deployment.

AI Summary: Zero Attacker is a suite of ethical hacking tools designed for penetration testing and includes both free and paid advanced tools. It offers a user-friendly interface for quick setup and execution via Python, with additional features available upon request through their Discord server. The tool emphasizes community engagement and support, aiming to facilitate a comprehensive hacking experience for users.

README

Zero Attacker

launching new version beta testing is here add me on discord .asjad asap