Cdb – Automate Common Chrome Debug Protocol Tasks To Help Debug Web Applications From The Command-Line And Actively Monitor And Intercept HTTP Requests And Responses

Pown CDB is a Chrome Debug Protocol utility. The main goal of the tool is to automate common tasks to help debug web applications from the command-line and actively monitor and intercept HTTP requests and responses. This is particularly useful during penetration tests and other types of security assessments and investigations. Credits This tool isRead More

PersistBOF – Tool To Help Automate Common Persistence Mechanisms

A tool to help automate common persistence mechanisms. Currently supports Print Monitor (SYSTEM), Time Provider (Network Service), Start folder shortcut hijacking (User), and Junction Folder (User) Usage Clone, run make, add .cna to Cobalt Strike client. run: help persist-ice in CS console Syntax: persist-ice [PrintMon, TimeProv, Shortcut, Junction] [persist or clean] [key/folder name] [dll /Read More

Subdomains.Sh – A Wrapper Around Tools I Use For Subdomain Enumeration On A Given Domain. This Script Is Written With The Aim To Automate The Workflow

subdomains.sh wrapper around tools I use for subdomain enumeration, to automate the workflow, on a given domain. Usage To display this script’s help message, use the -h flag: subdomains.sh -h subdomains for * –use-passive-source comma(,) separated tools to use –exclude-passive-source comma(,) separated tools to exclude –skip-semi-active skip semi active techniques -r, –resolvers list of DNSRead More

Webdiscover – The Purpose Of This Script Is To Automate The Web Enumeration Process And Search For Exploits

The purpose of this script is to automate the web enumeration process and search for exploits and vulns. Added Tools (dependencies are installed during script execution): seclist ffuf namelist dnsrecon subfinder whatweb gospider nuclei searchsploit go-exploitdb It creates a directory with the scan outputs, as shown in the example below. Usage Prerequisites Docker service installedRead More

DorkScout – Golang Tool To Automate Google Dork Scan Against The Entiere Internet Or Specific Targets

dokrscout is a tool to automate the finding of vulnerable applications or secret files around the internet throught google searches, dorkscout first starts by fetching the dorks lists from https://www.exploit-db.com/google-hacking-database and then it scans a given target or everything it founds Installation dorkscout can be installed in different ways: Go Packages throught Golang Packages (golangRead More

Reconky – A Great Content Discovery Bash Script For Bug Bounty Hunters Which Automate Lot Of Task And Organized It

Reconky is a script written in bash to automate the task of recon and information gathering.This Bash Script allows you to collect some information that will help you identify what to do next and where to look for the required target. Usage ./reconky.sh <domain.com> Main-Features It will Gathers Subdomains with assetfinder and Sublist3r Duplex checkRead More

Lazyrecon – Tool To Automate Your Reconnaissance Process In An Organized Fashion

Lazyrecon is a subdomain discovery tool that finds and resolves valid subdomains then performs SSRF/LFI/SQLi fuzzing, brute-force and port scanning. It has a simple modular architecture and is optimized for speed while working with github and wayback machine. Features Super fast asynchronous execution CI/CD ready HTML/pdf reports Discord integration Background listen server Domain name, listRead More

Vajra – A Highly Customi zable Target And Scope Based Automated Web Hacking Framework To Automate Boring Recon Tasks

An automated web hacking framework for web applications Detailed insight about Vajra can be found at https://hackwithproxy.medium.com/introducing-vajra-an-advanced-web-hacking-framework-bd8307a01aa8  About Vajra   Vajra is an automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing. Vajra has highly customizable target scope based scan feature. Instead of runningRead More

Pagodo – Automate Google Hacking Database Scraping And Searching

The goal of this project was to develop a passive Google dork script to collect potentially vulnerable web pages and applications on the Internet. There are 2 parts. The first is ghdb_scraper.py that retrieves Google Dorks and the second portion is pagodo.py that leverages the information gathered by ghdb_scraper.py.What are Google Dorks?The awesome folks atRead More

X