davwwwx
Follow
🤖 automated scanners
GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. - Do not use for illegal testing ;)
This tool generates gopher link for exploiting SSRF and gaining RCE in various servers
Rip web accessible (distributed) version control systems: SVN/GIT/HG...
WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via contact@wpscan.com
Directory/File, DNS and VHost busting tool written in Go
Fetch many paths for many hosts - without killing the hosts
Supercharge your API testing, catch bugs, and ensure compliance
Black-box fuzzer that fuzzes APIs based on OpenAPI specification. Find bugs for free!
CATS is a REST API Fuzzer and negative testing tool for OpenAPI endpoints. CATS automatically generates, runs and reports tests with minimum configuration and no coding effort. Tests are self-heali…
Nginxpwner is a simple tool to look for common Nginx misconfigurations and vulnerabilities.
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
The EXCLUSIVE Collection of 40,000+ Nuclei templates based on Wordfence intel. Daily updates for bulletproof WordPress security.
Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable SSRF candidates.
A Security Tool for Bug Bounty, Pentest and Red Teaming.
Simple tool to scan a website for (DOM-based) XSS vulnerabilities and Open Redirects.
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
A projectdiscovery driven attack surface monitoring bot powered by axiom