MandConsultingGroup / porch-pirate
Porch Pirate is the most comprehensive Postman recon / OSINT client and framework that facilitates the automated discovery and exploitation of API endpoints and secrets committed to workspaces, collections, requests, users and teams. Porch Pirate can be used as a client or be incorporated into your own applications.
☆347Updated 7 months ago
Related projects: ⓘ
- Misconfig Mapper is a fast tool to help you uncover security misconfigurations on popular third-party services used by your company and/o…☆333Updated last week
- ☆424Updated 4 months ago
- Local File Inclusion discovery and exploitation tool☆210Updated last month
- A suite for hunting suspicious targets, expose domains and phishing discovery☆321Updated last month
- ☆332Updated 4 months ago
- A Chrome/Firefox browser extension to show alerts for reflected query params, show Wayback archive links for the current path, show hidde…☆303Updated 2 months ago
- A lightweight tool for orchestrating and organizing your bug hunting recon / pentesting command-line workflows☆271Updated last year
- hakip2host takes a list of IP addresses via stdin, then does a series of checks to return associated domain names.☆422Updated 2 years ago
- Fast and customizable vulnerability scanner For JIRA written in Python☆318Updated 7 months ago
- ☆398Updated 2 months ago
- An extremely effective subdomain enumeration wordlist of 3,000,000 lines, crafted by harvesting SSL certs from the entire IPv4 space.☆515Updated last year
- A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.☆467Updated this week
- Session Hijacking Visual Exploitation☆189Updated 6 months ago
- LEAKEY is a bash script which checks and validates for leaked credentials. The idea behind LEAKEY is to make it highly customizable and e…☆342Updated 9 months ago
- Simple tool to scan a website for (DOM-based) XSS vulnerabilities and Open Redirects.☆204Updated 2 weeks ago
- Search for sensitive data in Postman public library.☆179Updated last month
- Simple Google Dorks search tool☆246Updated 6 months ago
- Discover new target domains using Content Security Policy☆360Updated this week
- Golang client for querying SecurityTrails API data☆529Updated last year
- Catspin rotates the IP address of HTTP requests making IP based blocks or slowdown measures ineffective. It is based on AWS API Gateway a…☆258Updated 6 months ago
- Web Application Security Testing Tools☆230Updated 6 months ago
- A tool to scrape the AWS ranges looking for a keyword in SSL certificate data.☆223Updated 8 months ago
- BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for c…☆370Updated last month
- ☆286Updated this week
- Crtsh Subdomain Enumeration | This bash script makes it easy to quickly save and parse the output from https://crt.sh website.☆189Updated 2 weeks ago
- Small tool to Grab subdomains using Shodan api.☆336Updated 2 months ago
- PDF Files for Web Pentesting☆411Updated 3 months ago
- SubDominator helps you discover subdomains associated with a target domain efficiently and with minimal impact for your Bug Bounty☆334Updated 3 weeks ago
- CT Log Scanner☆241Updated 3 months ago
- An Automated Subdomain Enumeration Tool☆220Updated 3 months ago