WebStor efficiently enumerates all websites across your organization’s networks and those in your DNS records - including cloud-hosted servers via zone transfer data - stores their responses, and lets you query for known web technologies, including those with zero-day vulnerabilities.
☆156Mar 31, 2024Updated last year
Alternatives and similar repositories for webstor
Users that are interested in webstor are comparing it to the libraries listed below
Sorting:
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider☆139Sep 14, 2021Updated 4 years ago
- Mole is a framework for identifying and exploiting out-of-band application vulnerabilities.☆58Aug 6, 2020Updated 5 years ago
- A *nix Enumerator & Auto Privilege Escalation tool.☆150Nov 19, 2021Updated 4 years ago
- PlasmaPup is designed to help central and departmental IT personnel understand their exposures in Active Directory by showing which accou…☆29Apr 10, 2024Updated last year
- Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load☆296Sep 22, 2024Updated last year
- OWASP Foundation Web Respository☆36Sep 1, 2021Updated 4 years ago
- A fast wordlist to nthash converter☆21Nov 22, 2021Updated 4 years ago
- 🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.☆426Feb 20, 2026Updated last month
- Dump all available paths and/or endpoints on WADL file.☆98Nov 24, 2025Updated 3 months ago
- macOS persistence tool☆229Feb 9, 2022Updated 4 years ago
- .Net Assembly loader for the [CVE-2021-42287 - CVE-2021-42278] Scanner & Exploit noPac☆61Feb 16, 2023Updated 3 years ago
- Winterfell hunt is a python script to perform auto threat hunting for malicious activities in windows OS based on collected data by winte…☆15Jul 23, 2020Updated 5 years ago
- Automatically grab and crack WPA-2 handshakes with distributed client-server architecture☆197Dec 22, 2021Updated 4 years ago
- Exactly what it sounds like, which is something rad☆22Oct 12, 2022Updated 3 years ago
- Just a PoC to turn xlsx (regular Excel files) into xlsm (Excel file with macro) and slipping inside a macro (vbaProject.bin)☆145Sep 4, 2021Updated 4 years ago
- Subcert is a subdomain enumeration tool, that finds all the subdomains from certificate transparency logs.☆80Jun 28, 2021Updated 4 years ago
- Ugly Duckling is a lightweight scanner built specifically for our Crowdsource community to submit proof-of-concept modules☆187Oct 30, 2021Updated 4 years ago
- Lookup for interesting stuff in SMB shares☆150Jun 16, 2023Updated 2 years ago
- Azur3Alph4 is a PowerShell module that automates red-team tasks for ops on objective. This module situates in a post-breach (RCE achieved…☆63Aug 11, 2021Updated 4 years ago
- ThreatBox is a standard and controlled Linux based attack platform. I've used a version of this for years. It started as a collection of …☆76Nov 19, 2024Updated last year
- Sandman is a NTP based backdoor for hardened networks.☆817Mar 31, 2024Updated last year
- Wicked sick v2.0 script is intended to automate your reconnaissance process in an organized fashion.☆149Mar 3, 2026Updated 2 weeks ago
- A cli for cracking, testing vulnerabilities on Json Web Token(JWT)☆136Jan 13, 2026Updated 2 months ago
- References, tools and sample payloads☆11Sep 16, 2016Updated 9 years ago
- Divide full port scan results and use it for targeted Nmap runs☆331Jul 1, 2024Updated last year
- Component Services Volatile Environment LPE☆12Jun 28, 2025Updated 8 months ago
- A bash script that automates the exfiltration of data over dns in case we have blind command execution on a server with egress filtering☆210Nov 29, 2020Updated 5 years ago
- Bypass 4xx HTTP response status codes and more. The tool is based on Python Requests, PycURL, and HTTP Client.☆257Feb 25, 2026Updated 3 weeks ago
- DNSrr is a tool written in bash, used to enumerate all the juicy stuff from DNS.☆122Aug 1, 2022Updated 3 years ago
- Transform your batch (bat) script into one binary.exe☆53Feb 11, 2024Updated 2 years ago
- RmiTaste allows security professionals to detect, enumerate, interact and exploit RMI services by calling remote methods with gadgets fro…☆109Oct 10, 2020Updated 5 years ago
- sgCheckup generates nmap output based on scanning your AWS Security Groups for unexpected open ports.☆81Sep 2, 2021Updated 4 years ago
- DNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover☆853Feb 13, 2023Updated 3 years ago
- Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.☆1,476Oct 8, 2022Updated 3 years ago
- This is a lazy enumeration script made to make bug bounty enum & pentest flyovers easy as cake!☆13Jun 13, 2020Updated 5 years ago
- A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certifica…☆867Mar 20, 2023Updated 3 years ago
- fully automated pentesting tool☆518Dec 8, 2022Updated 3 years ago
- Convert shellcode into different formats!☆357Jan 24, 2023Updated 3 years ago
- LittleCorporal: A C# Automated Maldoc Generator☆227Jul 30, 2021Updated 4 years ago