Skip to content
@redhuntlabs

RedHunt Labs

Discover and Assess your Attack Surface. To know more about our asset discovery and perimeter security offering, check out https://redhuntlabs.com/nvadr

Popular repositories

  1. Awesome-Asset-Discovery Awesome-Asset-Discovery Public

    List of Awesome Asset Discovery Resources

    1.9k 314

  2. RedHunt-OS RedHunt-OS Public

    Virtual Machine for Adversary Emulation and Threat Hunting

    1.2k 184

  3. Octopii Octopii Public

    An AI-powered Personal Identifiable Information (PII) scanner.

    Python 568 47

  4. HTTPLoot HTTPLoot Public

    An automated tool which can simultaneously crawl, fill forms, trigger error/debug pages and "loot" secrets out of the client-facing code of sites.

    Go 375 42

  5. BucketLoot BucketLoot Public

    BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for custom keywords as well as Regular Expressions from publicly-…

    Go 344 50

  6. BurpSuite-Asset_Discover BurpSuite-Asset_Discover Public

    Burp Suite extension to discover assets from HTTP response.

    Python 215 50

Repositories

Showing 10 of 17 repositories
  • BucketLoot Public

    BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for custom keywords as well as Regular Expressions from publicly-exposed storage buckets by scanning files that store data in plain-text.

    Go 344 MIT 50 0 1 Updated May 25, 2024
  • Python 31 GPL-3.0 9 0 0 Updated Feb 27, 2024
  • Octopii Public

    An AI-powered Personal Identifiable Information (PII) scanner.

    Python 568 47 2 0 Updated Nov 24, 2023
  • 0 0 0 0 Updated Oct 11, 2023
  • Awesome-Asset-Discovery Public

    List of Awesome Asset Discovery Resources

    1,883 CC0-1.0 314 4 5 Updated Sep 14, 2023
  • KubeStalk Public

    KubeStalk discovers Kubernetes and related infrastructure based attack surface from a black-box perspective.

    Python 157 BSD-3-Clause 14 0 1 Updated Apr 6, 2023
  • damntls Public

    A "really" damned TLS library.

    Go 0 MIT 0 0 0 Updated Dec 21, 2022
  • 46 14 0 0 Updated Nov 18, 2022
  • HTTPLoot Public

    An automated tool which can simultaneously crawl, fill forms, trigger error/debug pages and "loot" secrets out of the client-facing code of sites.

    Go 375 42 4 0 Updated Jun 29, 2022
  • ConfluentPwn Public

    Atlassian confluence unauthenticated ONGL injection remote code execution scanner (CVE-2022-26134).

    Go 12 MIT 3 0 0 Updated Jun 10, 2022