FestIn - Open S3 Bucket Scanner
β230Dec 4, 2020Updated 5 years ago
Alternatives and similar repositories for festin
Users that are interested in festin are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Simple python script to check against hypothetical JWT vulnerability.β51Nov 29, 2020Updated 5 years ago
- Find cloud assets that no one wants exposed π βοΈβ347Jul 20, 2020Updated 5 years ago
- Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.β78Mar 4, 2022Updated 4 years ago
- Chalumeau is automated,extendable and customizable credential dumping tool based on powershell and python.β103Jul 26, 2020Updated 5 years ago
- Suite of programs meant to aid in bug hunting and security assessmentsβ77Dec 29, 2019Updated 6 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer β’ AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Search exposed EBS volumes for secretsβ302Apr 24, 2023Updated 3 years ago
- Searching for virtual hosts among non-resolvable domainsβ88Apr 29, 2020Updated 6 years ago
- Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to β¦β762Sep 23, 2024Updated last year
- Erebus is a fast tool for parameter-based vulnerability scanning using a Yaml based template engine like nuclei.β133Jul 11, 2021Updated 4 years ago
- Smart ssrf scanner using different methods like parameter brute forcing in post and get...β278Feb 11, 2021Updated 5 years ago
- Takeover subdomains using AWS dangling elastic ips and have a working POC for Subdomain Takeover.β92Jul 9, 2025Updated 10 months ago
- Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.β651Nov 21, 2019Updated 6 years ago
- Automation Recon tool which works with Large & Medium scopes. It performs a lot of tasks and gets back all the results in separated filesβ¦β685Jul 15, 2024Updated last year
- take a list of resolved subdomains and output any corresponding CNAMES en masse.β18Jan 29, 2026Updated 3 months ago
- GPUs on demand by Runpod - Special Offer Available β’ AdRun AI, ML, and HPC workloads on powerful cloud GPUsβwithout limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Awesome cloud enumeratorβ1,121Mar 9, 2025Updated last year
- automated web assets enumeration & scanning [DEPRECATED]β288Mar 7, 2023Updated 3 years ago
- WRecon, is a tool for the recognition of vulnerabilities and blackbox information for wordpress.β20Apr 12, 2026Updated 3 weeks ago
- Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.β214Jun 23, 2020Updated 5 years ago
- Take a list of domains/subdomains and probe for working http/https server.β193Sep 8, 2020Updated 5 years ago
- The Swiss Army knife for automated Web Application Testingβ2,335May 8, 2024Updated 2 years ago
- Scan for misconfigured S3 buckets across S3-compatible APIs!β3,068Apr 25, 2026Updated 2 weeks ago
- Python utility to takeover domains vulnerable to AWS NS Takeoverβ86Feb 2, 2023Updated 3 years ago
- π Enumerate git repository URL from list of URL / User / Org. Friendly to pipelineβ56Nov 24, 2024Updated last year
- Deploy on Railway without the complexity - Free Credits Offer β’ AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Making Favicon.ico based Recon Great again !β1,279Aug 29, 2023Updated 2 years ago
- CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.β536Mar 7, 2022Updated 4 years ago
- Recursive DNS Subdomain Enumerator with dead-end avoidance system (BETA)β146Apr 9, 2021Updated 5 years ago
- RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilitiesβ448Sep 7, 2022Updated 3 years ago
- SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcingβ92May 10, 2020Updated 5 years ago
- The format of various s3 buckets is convert in one format. for bugbounty and security testing.β87May 6, 2023Updated 3 years ago
- Pythonize Intruder Payloadβ13Dec 15, 2020Updated 5 years ago
- Petaq - Purple Team Command & Control Serverβ104Dec 8, 2022Updated 3 years ago
- Enumerate AWS cloud resources based on provided credentialβ52May 11, 2022Updated 3 years ago
- Deploy on Railway without the complexity - Free Credits Offer β’ AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweightβ220Apr 10, 2022Updated 4 years ago
- A handy DNS service written in Go to aid in the detection of several types of blind vulnerabilities. It monitors a pentester's server forβ¦β193Sep 6, 2020Updated 5 years ago
- Tool to search secrets in various filetypes.β1,033Apr 25, 2023Updated 3 years ago
- A bash script that automates the exfiltration of data over dns in case we have blind command execution on a server with egress filteringβ210Nov 29, 2020Updated 5 years ago
- β141Mar 29, 2023Updated 3 years ago
- A graph-based tool for visualizing effective access and resource relationships in AWS environments.β1,005Oct 4, 2022Updated 3 years ago
- Signatures for jaeles scanner by @j3ssieβ117Apr 20, 2024Updated 2 years ago