Skip to content
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
59 lines (42 sloc) 2.38 KB

Recording of the presentation is available via Twitch if you'd like to understand the context in which these tools were mentioned -


InterLace - Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

Directory BruteForcing

FFuF - Fast web fuzzer written in Go.

RecurseBuster - Rapid content discovery tool for recursively querying webservers, handy in pentesting and web application assessments.

XSS XSS payloads designed to turn alert(1) into P1 JavaScript functions intended to be used as an XSS payload against a WordPress admin account.

Subdomain Discovery

DNSValidator - Maintains a list of IPv4 DNS servers by verifying them against baseline servers, and ensuring accurate responses.

DNSGrep - Quickly Search Large DNS Datasets

findomain - The fastest and cross-platform subdomain enumerator, don't waste your time.

API Keys and Build Logs

KeyHacks - Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

secretz - Minimizing the large attack surface of Travis CI.

Dr.Watson - Dr. Watson is a simple Burp Suite extension that helps find assets, keys, subdomains, IP addresses, and other useful information! It's your very own discovery side kick, the Dr. Watson to your Sherlock!

Jenkinz - jenkinz is a tool to retrieve every build for every job ever created and run on a given Jenkins instance.

jLoot - JIRA Secure Attachment Looter

Cloud Based Services

Can I Take Over List - "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

Cloud_enum - Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.

You can’t perform that action at this time.