LeeBrotherston / badflare
OSINT tool for discovering the real IP addresses of services which are behind Cloudflare but not properly locked down
☆132Updated 4 months ago
Related projects: ⓘ
- Wordlists handcrafted (and automated) with ♥☆189Updated 5 months ago
- mx-takeover focuses DNS MX records and detects misconfigured MX records.☆333Updated last year
- Turns any junk text into a usable wordlist for brute-forcing.☆214Updated 6 months ago
- Distribute ordinary bash commands over many systems☆161Updated 2 years ago
- A simple tool that helps to find assets/domains based on the Google Analytics ID.☆166Updated 4 months ago
- This could have been a bash one-liner but guess what. It's a small Go tool that lists the trending CVEs from cvetrends.com☆105Updated 2 years ago
- Filter and enrich a list of subdomains by level☆185Updated 11 months ago
- Complex payload encoder☆207Updated 8 months ago
- Generate tens of thousands of subdomain combinations in a matter of seconds☆251Updated 11 months ago
- A projectdiscovery driven attack surface monitoring bot powered by axiom☆175Updated 2 years ago
- Self-hosted passive subdomain continous monitoring tool.☆154Updated 7 months ago
- A quick ‘n dirty nmap parser written in Golang to convert nmap xml to IP:Port notation.☆118Updated 2 months ago
- IP Lookups for Open Ports and Vulnerabilities from internetdb.shodan.io☆115Updated 2 years ago
- WhereToGo - is a list of popular services that might be used in organizations. By having an account of the user - you can try to find ent…☆112Updated 2 years ago
- Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator☆169Updated 3 years ago
- Easy red team phishing with Puppeteer☆127Updated last year
- Zed Attack Proxy Scripts for finding CVEs and Secrets.☆125Updated 2 years ago
- A streamlined tool for discovering TLDs, associated domains, and related domain names.☆103Updated this week
- Nuclear Pond is a utility leveraging Nuclei to perform internet wide scans for the cost of a cup of coffee.☆169Updated 8 months ago
- Check subdomains for subdomain takeovers and other DNS tomfoolery☆96Updated this week
- this script will help you find favicon hashes which you can use to shodan to get more details about an asset☆26Updated 7 months ago
- A tool to scrape the AWS ranges looking for a keyword in SSL certificate data.☆223Updated 8 months ago
- Discover new target domains using Content Security Policy☆360Updated this week
- Nuclei templates for honeypots detection.☆185Updated 10 months ago
- Uncover the full name of a target on Linkedin.☆152Updated 2 years ago
- Fast website scraper and wordlist generator☆70Updated last year
- Archive of Potential Insider Threats☆138Updated 11 months ago
- A WLAN red team framework.☆141Updated 7 months ago
- Ultimate Tasks Automation Framework for Hackers, DevSecOps, Pentesters, and Bug-bounty hunters!☆141Updated last month
- A blazing-fast, thread-safe, straightforward and zero memory allocations tool to swiftly generate alternative IP(v4) address representati…☆84Updated last year