Adobe Experience Manager (AEM) hacking toolkit
☆107Sep 26, 2025Updated 5 months ago
Alternatives and similar repositories for hopgoblin
Users that are interested in hopgoblin are comparing it to the libraries listed below
Sorting:
- Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.☆17Jul 11, 2025Updated 7 months ago
- New exploitation tricks for hardened .NET Remoting servers☆31Aug 5, 2025Updated 7 months ago
- ☆20Jul 19, 2021Updated 4 years ago
- Scan websites for exposed Supabase JWTs, enumerate accessible tables, and detect sensitive data exposure automatically.☆120Dec 29, 2025Updated 2 months ago
- Tool to scan servers and hosts using dynamic paths.☆21Oct 1, 2025Updated 5 months ago
- ☆19Jul 14, 2025Updated 7 months ago
- Archive Alchemist is a tool for creating specially crafted archives to test extraction vulnerabilities.☆227Jul 24, 2025Updated 7 months ago
- A smarter web fuzzing tool that combines local LLM models and ffuf to optimize directory and file discovery☆384Nov 26, 2024Updated last year
- Gain another host's network access permissions by establishing a stateful connection with a spoofed source IP☆84May 17, 2025Updated 9 months ago
- MacOS Big Sur Sharing Host VPN with Guest☆14May 5, 2021Updated 4 years ago
- A quick way to perform a bulk whois query. Utilizes Team Cymru's service. Requires netcat.☆11Feb 11, 2012Updated 14 years ago
- LLM agent solving traces, leaderboards, and benchmark results across security CTF and hacking platforms☆48Updated this week
- The utility aims to clean up output generated by popular tools by calculating a hash based on specific JSON values to removing junk data.☆16Apr 5, 2024Updated last year
- API for Asset Service☆15Aug 15, 2024Updated last year
- Scripts that automate portions of pentests.☆57Updated this week
- POC tool to abuse windows server failover clusters☆55Aug 7, 2025Updated 6 months ago
- web cache deception detect☆38Jan 9, 2026Updated last month
- Discover related domains using Whois data from whoxy.com☆15May 30, 2023Updated 2 years ago
- ☆14Jul 9, 2024Updated last year
- Get 10k subdomains in securitytrails using cookie without apikey.☆36Oct 23, 2025Updated 4 months ago
- ☆28Apr 3, 2021Updated 4 years ago
- Extract Sensitive Keys, Secret, Token Or Interested thing from source☆52Jun 4, 2020Updated 5 years ago
- Offensive Security & Red Teaming Labs and Projects☆26Aug 26, 2025Updated 6 months ago
- Rust-powered HTTP Request Smuggling Scanner.☆107Updated this week
- Comprehensive Windows Syscall Extraction & Analysis Framework☆162Aug 30, 2025Updated 6 months ago
- Analysis of the Enterprise SAST/DAST product landscape☆38Feb 28, 2024Updated 2 years ago
- Some Cheat Sheet for Red Team☆18Dec 30, 2022Updated 3 years ago
- ☆19May 1, 2025Updated 10 months ago
- Easily gather all routes related to a NextJs application through parsing of _buildManifest.js☆67Dec 12, 2022Updated 3 years ago
- Python script to launch burp scans automatically☆32Jul 18, 2021Updated 4 years ago
- PoC for Exploiting CVE-2024-31848/49/50/51 - File Path Traversal☆18May 7, 2024Updated last year
- This repository stores some of my custom BCheck Scan configurations. Its goal is to identify intriguing elements that warrant further man…☆103Feb 9, 2024Updated 2 years ago
- ☆520Apr 29, 2024Updated last year
- CT Log Scanner☆516Dec 26, 2025Updated 2 months ago
- High-performance secrets scanner. CLI, Go library, Burp Suite extension, and Chrome extension. 459 detection rules with live credential v…☆277Feb 27, 2026Updated last week
- ☆21Sep 12, 2025Updated 5 months ago
- dEX is a powerful tool for transmitting OS command output over DNS. It is equipped with robust mechanisms for handling missing chunks, en…☆18Nov 21, 2024Updated last year
- One line command and control backdoors for APIs and web applications.☆51Apr 9, 2024Updated last year
- Progress Telerik Report Server pre-authenticated RCE chain (CVE-2024-4358/CVE-2024-1800)☆78Jun 6, 2024Updated last year