Ostorlab / oxo
OXO is a security scanning orchestrator for the modern age.
☆548Updated this week
Alternatives and similar repositories for oxo:
Users that are interested in oxo are comparing it to the libraries listed below
- Ostorlab KEV: One-command to detect most remotely known exploitable vulnerabilities. Sourced from CISA KEV, Google's Tsunami, Ostorlab's …☆562Updated this week
- BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for c…☆405Updated 2 months ago
- Cloudlist is a tool for listing Assets from multiple Cloud Providers.☆917Updated 2 weeks ago
- Attack surface detector that identifies endpoints by static analysis☆677Updated this week
- A tool that allows you to convert NMAP results to html, csv, json, markdown, graphviz (dot), sqlite, excel and d2-lang. Simply put it's n…☆674Updated last week
- Curated list of open-source & paid Attack Surface Monitoring (ASM) tools.☆381Updated 5 months ago
- SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applic…☆447Updated last year
- Awesome cloud enumerator☆991Updated 3 weeks ago
- GitHub Actions Pipeline Enumeration and Attack Tool☆599Updated 3 weeks ago
- 🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.☆415Updated 5 months ago
- An automated tool which can simultaneously crawl, fill forms, trigger error/debug pages and "loot" secrets out of the client-facing code …☆402Updated 2 months ago
- Burp Suite Extension useful to verify OAUTHv2 and OpenID security☆186Updated 3 months ago
- Black box fuzzer for web applications☆426Updated 8 months ago
- Fast and customizable vulnerability scanner For JIRA written in Python☆317Updated 2 months ago
- API Security Project aims to present unique attack & defense methods in API Security field☆284Updated 3 years ago
- Zero-dollar attack surface management tool☆276Updated 11 months ago
- APIDetector: Efficiently scan for exposed Swagger endpoints across web domains and subdomains. Supports HTTP/HTTPS, multi-threading, and …☆311Updated last week
- Vulnerability Scan with Nuclei☆250Updated 4 months ago
- Web Security Scanner☆313Updated 10 months ago
- Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hac…☆946Updated 3 months ago
- A utility to detect various technology for a given IP address.☆814Updated this week
- ☆290Updated 7 months ago
- A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.☆607Updated last week
- Find authentication (authn) and authorization (authz) security bugs in web application routes.☆258Updated 2 weeks ago
- Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!☆861Updated last year
- Private key usage verification☆432Updated 3 months ago
- ☆318Updated 2 months ago
- TInjA is a CLI tool for testing web pages for template injection vulnerabilities and supports 44 of the most relevant template engines fo…☆345Updated 4 months ago
- CI/CD Security Analyzer☆655Updated last month
- VULNRΞPO - Free vulnerability report generator and repository, end-to-end encrypted! Templates of issues, CWE,CVE,MITRE ATT&CK,PCI DSS, i…☆478Updated this week