Kubei – A Flexible Kubernetes Runtime Scanner

Kubei is a vulnerabilities scanning tool that allows users to get an accurate and immediate risk assessment of their kubernetes clusters. Kubei scans all images that are being used in a Kubernetes cluster, including images of application pods and system pods. It doesn’t scan the entire image registries and doesn’t require preliminary integration with CI/CDRead More

Tsunami – A General Purpose Network Security Scanner With An Extensible Plugin System For Detecting High Severity Vulnerabilities With High Confidence

Tsunami is a general-purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.To learn more about Tsunami, visit our documentations.Tsunami relies heavily on its plugin system to provide basic scanning capabilities. All publicly available Tsunami plugins are hosted in a separate google/tsunami-security-scanner-plugins repository.Current Status Currently Tsunami is in ‘pre-alpha’ releaseRead More

FinDOM-XSS – A Fast DOM Based XSS Vulnerability Scanner With Simplicity

FinDOM-XSS is a tool that allows you to finding for possible and/ potential DOM based XSS vulnerability in a fast manner.Installation $ git clone https://github.com/dwisiswant0/findom-xss.git Dependencies: LinkFinder ConfigurationChange the value of LINKFINDER variable (on line 3) with your main LinkFinder file. UsageTo run the tool on a target, just use the following command. $ ./findom-xss.shRead More

dorkScanner – A Typical Search Engine Dork Scanner Scrapes Search Engines With Dorks That You Provide In Order To Find Vulnerable URLs

A typical search engine dork scanner that scrapes search engines with queries that you provide in order to find vulnerable URLs.IntroductionDorking is a technique used by newsrooms, investigative organisations, security auditors as well as tech savvy criminals to query various search engines for information hidden on public websites and vulnerabilities exposed by public servers. DorkingRead More

CorsMe – Cross Origin Resource Sharing MisConfiguration Scanner

A Misconfiguration Scanner cors misconfiguration scanner tool based on golang with speed and precision in mind ! Misconfiguration type this scanner can check for Reflect Origin checks Prefix Match Suffix Match Not Esacped Dots Null ThirdParties (Like => github.io, repl.it etc.) Taken from Chenjj’s github repo SpecialChars (Like => “}”,”(“, etc.) See more in AdvancedRead More

Sifter 7.4 – OSINT, Recon & Vulnerability Scanner

Sifter is a osint, recon & vulnerability scanner. It combines a plethara of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the ‘blue’ vulnerabilities within microsft and if unpatched, exploit them. It uses tools like blackwidow and konan for webdirRead More

Tangalanga – The Zoom Conference Scanner Hacking Tool

Zoom Conference scanner.This scanner will check for a random meeting id and return information if available.UsageThis are all the possible flags: tangalanga -token=user-token # [default: env TOKEN] user token to use. -colors=false # [default: true] enable/disable colors -censor=true # [default: false] censors output -output=history # [default: stdout] write found meetings to file -debug=true # [default:Read More

Jshole – A JavaScript Components Vulnrability Scanner, Based On RetireJS

A JavaScript components vulnrability scanner, based on RetireJS. Why use JShole instead of RetireJS?By default, RetireJS only searches one page, but JShole tries to crawl all pages.How it works? Get Started Requirements requests Install git clone https://github.com/callforpapers-source/jshole.git cd jshole pip3 install -r requirements python3 jshole.py usage: jshole [-h] -u URL [-d] [-l LIMIT] [-t THREAT]optionalRead More