g0ldencybersec / EasyEASM
Zero-dollar attack surface management tool
☆247Updated 5 months ago
Related projects: ⓘ
- ☆424Updated 4 months ago
- Offensive security and Penetration Testing TTP for Cloud based environment (AWS / Azure / GCP)☆308Updated 2 months ago
- RedCloudOS is a Cloud Adversary Simulation Operating System for Red Teams to assess the Cloud Security of Leading Cloud Service Providers…☆515Updated 3 months ago
- An open-source self-hosted purple team management web application.☆232Updated last month
- Misconfig Mapper is a fast tool to help you uncover security misconfigurations on popular third-party services used by your company and/o…☆333Updated last week
- ☆398Updated 2 months ago
- Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration test…☆318Updated this week
- Curated list of open-source & paid Attack Surface Monitoring (ASM) tools.☆318Updated last week
- ☆189Updated 2 months ago
- ☆312Updated last week
- Community curated list of nuclei templates for finding "unknown" security vulnerabilities.☆41Updated 4 months ago
- A library for detecting known secrets across many web frameworks☆476Updated 3 months ago
- A RedTeam Toolkit☆377Updated 7 months ago
- Certainly is a offensive security toolkit to capture large amounts of traffic in various network protocols in bitflip and typosquat scena…☆115Updated 2 weeks ago
- Crtsh Subdomain Enumeration | This bash script makes it easy to quickly save and parse the output from https://crt.sh website.☆189Updated 2 weeks ago
- Tool to automatically exploit Active Directory privilege escalation paths shown by BloodHound☆402Updated 5 months ago
- A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.☆477Updated this week
- A suite for hunting suspicious targets, expose domains and phishing discovery☆322Updated last month
- A subdomain fuzzing tool☆147Updated 3 months ago
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …☆524Updated 9 months ago
- Nuclei templates for honeypots detection.☆185Updated 10 months ago
- Automated learning of regexes for DNS discovery☆350Updated last year
- SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applic…☆444Updated 5 months ago
- Compiled tools for internal assessments☆240Updated this week
- A streamlined tool for discovering TLDs, associated domains, and related domain names.☆103Updated this week
- BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for c…☆371Updated last month
- Session Hijacking Visual Exploitation☆189Updated 6 months ago
- Nuclei AI - Browser Extension for Rapid Nuclei Template Generation☆424Updated 10 months ago
- APIDetector: Efficiently scan for exposed Swagger endpoints across web domains and subdomains. Supports HTTP/HTTPS, multi-threading, and …☆294Updated last month
- An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer☆695Updated last year