appsecco / spaces-finderView external linksLinks
A tool to hunt for publicly accessible DigitalOcean Spaces
☆156Jan 21, 2020Updated 6 years ago
Alternatives and similar repositories for spaces-finder
Users that are interested in spaces-finder are comparing it to the libraries listed below
Sorting:
- s3 brute force tool☆44May 7, 2021Updated 4 years ago
- This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtu…☆632Feb 5, 2019Updated 7 years ago
- This repository contains all the material from the talk "Practical recon techniques for bug hunters & pentesters" given at Bugcrowd Level…☆62Jan 24, 2019Updated 7 years ago
- A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.☆553May 26, 2023Updated 2 years ago
- This repository contains all the supplement material for the book "The art of sub-domain enumeration"☆662Jan 30, 2019Updated 7 years ago
- RFD Checker - security CLI tool to test Reflected File Download issues☆64Feb 26, 2019Updated 6 years ago
- Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]☆305Oct 14, 2018Updated 7 years ago
- Burp Extender plugin that generates a sitemap of a website using Wayback Machine☆227May 8, 2018Updated 7 years ago
- Evil snippets of Underhanded Red Team tactics☆11Jul 5, 2017Updated 8 years ago
- A tool to capture all the git secrets by leveraging multiple open source git searching tools☆1,143Jun 25, 2019Updated 6 years ago
- Enumeration and reconnaissance activities in the Microsoft Azure Cloud.☆254Feb 20, 2019Updated 6 years ago
- locate and attack Lync/Skype for Business☆346Oct 1, 2024Updated last year
- A tool to enumerate S3 buckets manually or via certstream☆82Apr 19, 2023Updated 2 years ago
- Collection of information security policies.☆29Apr 20, 2017Updated 8 years ago
- CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.☆534Mar 7, 2022Updated 3 years ago
- Security Tool to Look For Interesting Files in S3 Buckets☆1,456Apr 10, 2024Updated last year
- Security Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.☆750Apr 12, 2022Updated 3 years ago
- A security testing Slackbot built with a Kubernetes backend on the Google Cloud Platform☆166Sep 14, 2024Updated last year
- A Python script to parse net blocks & domain names from SPF record☆85Jun 2, 2020Updated 5 years ago
- Intelligence and Reconnaissance Package/Bundle installer.☆247Nov 11, 2020Updated 5 years ago
- Setup script for Regon-ng☆936Nov 17, 2020Updated 5 years ago
- An Out-of-Band XXE server for retrieving file contents over FTP.☆184May 27, 2020Updated 5 years ago
- This tool will scan all the URL's in the file and will provide Content-Length, Status-Code, Server and more.☆36Dec 22, 2021Updated 4 years ago
- This repository is a collection of Awesome XSS Payloads in 1 txt file☆11Dec 23, 2019Updated 6 years ago
- Crawl website extract links☆57Jun 1, 2020Updated 5 years ago
- A tool to extract database data from a blind SQL injection vulnerability.☆32Jan 4, 2016Updated 10 years ago
- Automated client-side template injection (sandbox escape/bypass) detection for AngularJS v1.x.☆325Oct 20, 2021Updated 4 years ago
- A toolset to track and organize output of reconnaissance tools☆346Jan 3, 2018Updated 8 years ago
- A script to enumerate virtual hosts on a server.☆691Dec 28, 2017Updated 8 years ago
- Transparently log all data passed into known JavaScript sinks - Sink Logger extension for Burp.☆49Jul 20, 2022Updated 3 years ago
- Gathers urls from common crawl☆35Nov 9, 2019Updated 6 years ago
- A collection of useful scripts for penetration testers☆83Oct 23, 2012Updated 13 years ago
- A tool for checking a hash:pass pot file for hashes from a user:hash file☆12Oct 23, 2016Updated 9 years ago
- A tool to link a domain with registered organisation names and emails, to other domains.☆846May 16, 2024Updated last year
- unix wildcard attacks☆137May 25, 2018Updated 7 years ago
- Metasploit Exploit Module for the Android addJavascriptInterface Issue (MITM)☆36Jan 15, 2015Updated 11 years ago
- An hourly updated list of subdomains gathered from certificate transparency logs☆349Oct 13, 2021Updated 4 years ago
- This script will create a POC that will steal NTML hashes from a remote computer. Do not use this for illegal purposes.The author does no…☆252Sep 27, 2023Updated 2 years ago
- Second-order subdomain takeover scanner☆406Aug 28, 2025Updated 5 months ago