BishopFox / eyeballer
Convolutional neural network for analyzing pentest screenshots
☆1,020Updated 7 months ago
Related projects: ⓘ
- Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.☆1,192Updated 4 months ago
- Making Favicon.ico based Recon Great again !☆1,111Updated last year
- Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.☆1,628Updated 2 months ago
- ☆726Updated this week
- Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to …☆728Updated 5 months ago
- Leverages publicly available datasets from Google BigQuery to generate content discovery and subdomain wordlists☆686Updated last year
- A rapid API for the Project Sonar dataset☆641Updated last year
- Local file inclusion exploitation tool☆767Updated last year
- This repository contains all the supplement material for the book "The art of sub-domain enumeration"☆635Updated 5 years ago
- The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.☆1,089Updated 4 months ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…☆1,657Updated 4 months ago
- PwnFox is a Firefox/Burp extension that provide usefull tools for your security audit.☆1,028Updated last month
- A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..e…☆925Updated 2 months ago
- OSINT tools and more but without API key☆1,215Updated 5 months ago
- A Powerful Subdomain Takeover Tool☆919Updated 11 months ago
- TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!☆1,022Updated last month
- Generates combination of domain names from the provided input.☆886Updated 2 months ago
- Wordlists that have been compiled using Commonspeak2. This repo is updated every time new wordlists are generated.☆515Updated 6 years ago
- Awesome cloud enumerator☆855Updated last month
- An automated approach to performing recon for bug bounty hunting and penetration testing.☆441Updated 4 years ago
- Content discovery wordlists generated using BigQuery☆545Updated 4 years ago
- A wordlist of API names for web application assessments☆725Updated last year
- ⚡ Perform subdomain enumeration using the certificate transparency logs from Censys.☆726Updated last year
- A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.☆476Updated last year
- A collection of tools to perform searches on GitHub.☆1,320Updated last year
- An automated target reconnaissance pipeline.☆424Updated last year
- An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects☆937Updated 2 years ago
- A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, al…☆1,188Updated 9 months ago
- MassDNS wrapper written in go to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard filtering…☆1,295Updated this week
- Fetches javascript file from a list of URLS or subdomains.☆735Updated last year