k9 extracts parameters from URLs to create a custom parameter wordlist

A powerful Python tool designed to efficiently discover live subdomains for a specified domain.

XSS-Scanny is a powerful Python-based XSS (Cross-Site Scripting) scanner tool designed to detect and assess potential vulnerabilities in web applications.

Hacktivity Dump

Simple LFI Vulnerability Tester with Authentication Support

grepX is a multi-threaded CLI tool which extracts some special URLs with parameters that may be vulnerable. Each pattern will output different URLs according to its parameters.

get open port from ip address

Web Path Scanner

Pencrypt: a Framework for Web, Linux, Windows Pentesting and Cryptographic Operations, Exploit Development and Reverse Engineering, Malware Analysis

Developers often add sensitive information in comments for their internal use but sometimes they forgot to mask or remove them before launching it on the internet or public access. So you can use this tool to simply test the page for those HTML comments and check if any sensitive information you can get!!!

Python script for active and passive domain recognition for bug hunters, pentesters and red teamers.

WEAPOW é uma coleção de ferramentas criada para auxiliar em tarefas de segurança da informação, auditoria, PENTEST e BUGBOUNTY

Bug Bounty Hunter

Fast and reliable python tool that grabs robots.txt files from a bunch of subdomains asynchronously

Togomori is a comprehensive solution for web applications reconnaissance designed to simplify the process of information gathering and data visualization.

bug bounty automation tool

Automated NoSQL database enumeration and web application exploitation tool.

A BruteForcing Tool to Find All Hidden Directories/Files in A WebServer

http methods fuzzer