Domhttpx – A Google Search Engine Dorker With HTTP Toolkit Built With Python, Can Make It Easier For You To Find Many URLs/IPs At Once With Fast Time

domhttpx is a google search engine dorker with HTTP toolkit built with python, can make it easier for you to find many URLs/IPs at once with fast time. Usage Flags This will display help for the tool. Here are all the switches it supports. Flag Description Example -ip, –only-ip Show output as IP only domhttpxRead More

GraphQLmap – A Scripting Engine To Interact With A Graphql Endpoint For Pentesting Purposes

GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. Install $ git clone https://github.com/swisskyrepo/GraphQLmap$ python graphqlmap.py _____ _ ____ _ / ____| | | / __ | | | | __ _ __ __ _ _ __ | |__ | | | | | _ __ ___ __ _ _Read More

CrossLinked – LinkedIn Enumeration Tool To Extract Valid Employee Names From An Organization Through Search Engine Scraping

CrossLinked is a LinkedIn enumeration tool that uses search engine scraping to collect valid employee names from a target organization. This technique provides accurate results without the use of API keys, credentials, or even accessing the site directly. Formats can then be applied in the command line arguments to turn these names into email addresses,Read More

Scylla – The Simplistic Information Gathering Engine | Find Advanced Information On A Username, Website, Phone Number, Etc…

Scylla is an OSINT tool developed in Python 3.6. Scylla lets users perform advanced searches on Instagram & Twitter accounts, websites/webservers, phone numbers, and names. Scylla also allows users to find all social media profiles (main platforms) assigned to a certain username. In continuation, Scylla has shodan support so you can search for devices allRead More

OpenCSPM – Open Cloud Security Posture Management Engine

Open Cloud Security Posture Management, OpenCSPM, is an open-source platform for gaining deeper insight into your cloud configuration and metadata to help understand and reduce risk over time. Who is OpenCSPM for? Security teams running infrastructure in cloud environments looking to gain visibility into security risk across the entire account and track the resolution ofRead More

Censys-Python – An Easy-To-Use And Lightweight API Wrapper For The Censys Search Engine

An easy-to-use and lightweight API wrapper for the Censys Search Engine (censys.io). Python 3.6+ is currently supported. Getting Started The library can be installed using pip. $ pip install censys To configure your credentials run censys config or set both CENSYS_API_ID and CENSYS_API_SECRET environment variables. $ censys configCensys API ID: XXXCensys API Secret: XXXSuccessfully authenticatedRead More

Fawkes – Tool To Search For Targets Vulnerable To SQL Injection (Performs The Search Using Google Search Engine)

Fawkes is a tool to search for targets vulnerable to SQL Injection. Performs the search using Google search engine. Options -q, –query – Dork that will be used in the search engine. -r, –results – Number of results brought by the search engine. -s, –start-page – Home page of search results. -t, –timeout – TimeoutRead More

Fuzzilli – A JavaScript Engine Fuzzer

A (coverage-)guided fuzzer for dynamic language interpreters based on a custom intermediate language (“FuzzIL”) which can be mutated and translated to JavaScript. Usage The basic steps to use this fuzzer are: Download the source code for one of the supported JavaScript engines. See the Targets/ directory for the list of supported JavaScript engines. Apply theRead More

NERVE – Network Exploitation, Reconnaissance & Vulnerability Engine

NERVE is a vulnerability scanner tailored to find low-hanging fruit level vulnerabilities, in specific application configurations, network services, and unpatched services. It is not a replacement for Qualys, Nessus, or OpenVAS. It does not do authenticated scans, and operates in black-box mode only. NERVE will do “some” CVE checks, but this is primarily coming fromRead More

Anchore Engine – A Service That Analyzes Docker Images And Applies User-Defined Acceptance Policies To Allow Automated Container Image Validation And Certification

For the most up-to-date information on Anchore Engine, Anchore CLI, and other Anchore software, please refer to the Anchore DocumentationThe Anchore Engine is an open-source project that provides a centralized service for inspection, analysis, and certification of container images. The Anchore Engine is provided as a Docker container image that can be run standalone orRead More

X