Ostorlab / oxoLinks
OXO is a security scanning orchestrator for the modern age.
☆552Updated this week
Alternatives and similar repositories for oxo
Users that are interested in oxo are comparing it to the libraries listed below
Sorting:
- Ostorlab KEV: One-command to detect most remotely known exploitable vulnerabilities. Sourced from CISA KEV, Google's Tsunami, Ostorlab's …☆574Updated this week
- Cloudlist is a tool for listing Assets from multiple Cloud Providers.☆939Updated last week
- Attack surface detector that identifies endpoints by static analysis☆712Updated last week
- APIDetector: Efficiently scan for exposed Swagger endpoints across web domains and subdomains. Supports HTTP/HTTPS, multi-threading, and …☆319Updated 2 months ago
- 🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.☆421Updated 7 months ago
- Curated list of open-source & paid Attack Surface Monitoring (ASM) tools.☆415Updated 8 months ago
- Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!☆871Updated last year
- SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applic…☆450Updated last year
- GitHub Actions Pipeline Enumeration and Attack Tool☆668Updated last week
- CI/CD Security Analyzer☆659Updated 4 months ago
- Awesome cloud enumerator☆1,018Updated 3 months ago
- A humble, and 𝗳𝗮𝘀𝘁, security-oriented HTTP headers analyzer.☆318Updated this week
- TInjA is a CLI tool for testing web pages for template injection vulnerabilities and supports 44 of the most relevant template engines fo…☆358Updated last month
- BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for c…☆421Updated 5 months ago
- Utility program to perform multiple operations for a given subnet/CIDR ranges.☆1,111Updated last week
- Fast and customizable vulnerability scanner For JIRA written in Python☆320Updated 5 months ago
- A utility to detect various technology for a given IP address.☆843Updated this week
- Vulnerability Scan with Nuclei☆255Updated 7 months ago
- Hourly updated database of exploit and exploitation reports☆254Updated 5 months ago
- A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.☆659Updated 2 months ago
- Fast and configurable TLS grabber focused on TLS based data collection.☆984Updated last week
- Nord Stream is a tool that allows you to extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently …☆281Updated 4 months ago
- ☆293Updated 10 months ago
- A fully automated, reliable, super-fast, mass scanning and validation toolkit for the Log4J RCE CVE-2021-44228 vulnerability.☆400Updated 6 months ago
- Black box fuzzer for web applications☆427Updated 11 months ago
- An automated tool which can simultaneously crawl, fill forms, trigger error/debug pages and "loot" secrets out of the client-facing code …☆402Updated 5 months ago
- openrisk is a tool that generates a risk score based on the results of a Nuclei scan.☆171Updated 4 months ago
- Extract URLs, paths, secrets, and other interesting bits from JavaScript☆1,574Updated last year
- GitHub Attack Toolkit - Extreme Edition - A static analysis and exploit toolkit for GitHub Actions.☆370Updated this week
- Eliminate dangling elastic IPs by performing analysis on your resources within all your AWS accounts.☆271Updated 9 months ago