drtychai / penumView external linksLinks
Parallelized enumeration tool for red team engagements and bug bounty programs.
β16Mar 31, 2021Updated 4 years ago
Alternatives and similar repositories for penum
Users that are interested in penum are comparing it to the libraries listed below
Sorting:
- π A simple tool to obtain long lists of ips from domains using goroutinesβ26Jul 29, 2019Updated 6 years ago
- A tool to do basic fingerprinting across a large number of hostsβ11Oct 20, 2020Updated 5 years ago
- β12Apr 21, 2020Updated 5 years ago
- Take a list of IP addresses and probe for working HTTP and HTTPS serversβ12Mar 12, 2020Updated 5 years ago
- β12Oct 2, 2022Updated 3 years ago
- A notification script to help with Recon Stuffβ14Jun 8, 2021Updated 4 years ago
- Search for secrets inside user data attached to EC2 instances on multiple AWS accountsβ16Jun 19, 2024Updated last year
- Burp Extension for copying requests safely. It redacts headers like Cookie, Authorization and X-CSRF-Token for now. More support can be aβ¦β18May 17, 2020Updated 5 years ago
- Spins up a docker container with several useful tools for offensive security in macOS/cloud environments. Also installs the needed dependβ¦β18Nov 3, 2021Updated 4 years ago
- notorious BIG IPβ15Aug 8, 2019Updated 6 years ago
- A simple tool that aims to efficiently and quickly parse the outputs of web scraping tools like gauβ13Jun 28, 2021Updated 4 years ago
- take a list of resolved subdomains and output any corresponding CNAMES en masse.β18Jan 29, 2026Updated 2 weeks ago
- Burp Extension to manipulate AES encrypted payloadsβ13Feb 4, 2022Updated 4 years ago
- Find endpoints in archived versions of robots.txtβ14Nov 21, 2019Updated 6 years ago
- A multi-threaded scanner that helps identify CORS flaws/misconfigurationsβ19Nov 18, 2019Updated 6 years ago
- Passive reconnaissance/enumeration of interesting targets by watching for SSL certificates being issuedβ68Oct 11, 2022Updated 3 years ago
- FirePrint is a security tool for finding misconfigured Firebase realtime databases in Android or iOS applications.β22Apr 4, 2024Updated last year
- A National Vulnerability Database (NVD) API query toolβ17Jun 27, 2023Updated 2 years ago
- Send controlled amount of bytes, send msf-pattern, calculate offset, custom buffer, badcharacters all in one.β15Apr 20, 2024Updated last year
- eLdap is a tool that helps users searching and filtering queries in Ldap environment.β19Apr 22, 2022Updated 3 years ago
- 0x94 Scanner - Web Application Security Scannerβ14Sep 20, 2020Updated 5 years ago
- Subdomain Monitor A production-ready subdomain monitoring system with both API and CLI interfaces.β74Jan 28, 2026Updated 2 weeks ago
- This extension replaces the default repeater tab name with the URL path of the repeater request.β24Sep 3, 2021Updated 4 years ago
- Google Chrome Extension automates testing fundamental Web Problems via Chromeβ20Mar 18, 2021Updated 4 years ago
- OpenBugBounty - https://www.openbugbounty.org/ programs listβ23Mar 15, 2021Updated 4 years ago
- β21Aug 3, 2022Updated 3 years ago
- The wordlists that have been compiled using disclosed reports at HackerOne bug bounty platformβ23Jun 28, 2020Updated 5 years ago
- This is a collection of ZAProxy Automation Tools and scripts to automate security tests of WEB Applications and WEB Sitesβ26May 14, 2023Updated 2 years ago
- Containerized version of my fork of Nahamsec's Lazyrecon.β51Jul 7, 2025Updated 7 months ago
- Hostile Dropboxes Managementβ26Jan 8, 2020Updated 6 years ago
- Fast Endpoint Scannerβ55Dec 23, 2020Updated 5 years ago
- β57Sep 2, 2020Updated 5 years ago
- Blind spot is a python tool for blind injection vulnerabilities , SQLi time based , Command injection , code injection , SSTIβ26Jan 6, 2021Updated 5 years ago
- β24Aug 9, 2022Updated 3 years ago
- Bybit API client library for Go (ByBit API connector)β10Dec 19, 2025Updated last month
- qsinject (Query String Inject) is a tool that allows you to quickly substitute query string values with regex matches, one-at-a-time.β30May 6, 2020Updated 5 years ago
- Related subdomains finderβ29May 18, 2022Updated 3 years ago
- whoareyou is a tool to find the underlying technology/software used in a list of websites passed through stdin (using Wappalyzer dataset)β32Jun 15, 2020Updated 5 years ago
- A simple tool to detect wildcards domain based on Amass's wildcards detector.β65Apr 13, 2021Updated 4 years ago