ZenBuster is a multi-threaded, multi-platform URL enumeration tool written in Python by Zach Griffin (@0xTas). I wrote this tool as a way to deepen my familiarity with Python, and to help increase my understanding of Cybersecurity tooling in general. ZenBuster may not be the fastest or most comprehensive tool of its kind. It is however,Read More
Tool that tests MANY url bypasses to reach a 40X protected page. If you wonder why this code is nothing but a dirty curl wrapper, here’s why: Most of the python requests do url/path/parameter encoding/decoding, and I hate this. If I submit raw chars, I want raw chars to be sent. If I send aRead More
Scout is a URL fuzzer and spider for discovering undisclosed VHOSTS, files and directories on a web server. A full word list is included in the binary, meaning maximum portability and minimal configuration. Aim and fire! Usage Discover URLs on a given web server. version Display scout version. vhost Discover VHOSTs on a given webRead More
Scrape and download useful information from TikTok. No login or password are required This is not an official API support and etc. This is just a scraper that is using TikTok Web API to scrape media and related meta information. Important notes As of right now it is NOT possible to download video without theRead More
Enumerate git repository URL from list of URL / User / Org. Friendly to pipeline This tool is available when the repository, such as github, is included in the bugbounty scope. Sometimes specified as an org name or user name rather than a specific repository, you can use this tool to extract url from allRead More
MaskPhish is a simple script to hide phishing URL under a normal looking URL(google.com or facebook.com). Legal Disclaimer: Usage of MaskPhish for attacking targets without prior mutual consent is illegal. It’s the end user’s responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuseRead More
A simple script to generate a hidden url for social engineering.Legal disclaimer:Usage of URLCADIZ for attacking targets without prior mutual consent is illegal. It’s the end user’s responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program InstallingRead More
URLCrazy is an OSINT tool to generate and test domain typos or variations to detect or perform typo squatting, URL hijacking, phishing, and corporate espionage.Homepage: https://www.morningstarsecurity.com/research/urlcrazyUse Cases Detect typo squatters profiting from typos on your domain name Protect your brand by registering popular typos Identify typo domain names that will receive traffic intended for anotherRead More
Geolocator, Ip Tracker, Device Info by URL (Serveo and Ngrok). It uses tinyurl to obfuscate the Serveo link.Legal disclaimer:Usage of Locator for attacking targets without prior mutual consent is illegal. It’s the end user’s responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuseRead More
