0xSearches / sandcastle
π° A Python script for AWS S3 bucket enumeration.
β142Updated 2 years ago
Alternatives and similar repositories for sandcastle:
Users that are interested in sandcastle are comparing it to the libraries listed below
- A tool used to check if a CNAME resolves to the scope address. If the CNAME resolves to a non-scope address it might be worth checking ouβ¦β132Updated last year
- Burp Suite extension to discover assets from HTTP response.β225Updated 3 months ago
- CollabOzark is a simple tool which helps the researchers track SSRF, RCE, Blind XSS, XXE, External Resource Access payloads triggers.β137Updated 5 years ago
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parametersβ102Updated last year
- Various Payload wordlistsβ235Updated 4 years ago
- A script to extract subdomains/emails for a given domain using SSL/TLS certificate dataset on Censysβ152Updated 2 years ago
- Push notifications for passive DNS dataβ109Updated 9 years ago
- A place to store my own wordlists, and link to others that are usefulβ108Updated last year
- Wordlist for content(directory) bruteforce discovering with Burp or dirsearchβ214Updated 6 months ago
- Automated reconnaissance wrapper β TomNomNom's meg on steroids. [DEPRECATED]β306Updated 6 years ago
- A tool to hunt for publicly accessible DigitalOcean Spacesβ155Updated 5 years ago
- Leverage certificate transparency live feed to monitor for newly issued subdomain certificates (last 90 days, configurable), for domains β¦β219Updated 2 years ago
- XSS Hunter Burp Pluginβ149Updated 6 years ago
- β275Updated 3 years ago
- β195Updated 5 years ago
- Enumerating IPs in X-Forwarded-Headers to bypass 403 restrictionsβ221Updated 3 years ago
- This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes β¦β258Updated 2 years ago
- GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fingβ¦β205Updated last year
- File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.β272Updated 4 years ago
- Recursive DNS Subdomain Enumerator with dead-end avoidance system (BETA)β146Updated 4 years ago
- Burp Bounty is a extension of Burp Suite that improve an active and passive scanner by yourself. This extension requires Burp Suite Pro.β71Updated 3 years ago
- subdomain bruteforce listβ101Updated 6 months ago
- A collection of scripts to extend Burp Suiteβ142Updated 6 years ago
- OSINT scanning tool which discovers and maps directories found in javascript files hosted on a website.β226Updated 6 years ago
- Resolve and quickly portscan a list of (sub)domains.β86Updated 8 years ago
- AWS Extender (Cloud Storage Tester) is a Burp plugin to assess permissions of cloud storage containers on AWS, Google Cloud and Azure.β249Updated 3 years ago
- a .js scanner, built in php. designed to scrape urls and other infoβ215Updated 7 years ago
- β242Updated 6 years ago
- Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures tβ¦β211Updated 5 years ago
- My Recon Automationβ194Updated 3 years ago