michelin / ChopChop
ChopChop is a CLI to help developers scanning endpoints and identifying exposition of sensitive services/files/folders.
☆667Updated 11 months ago
Related projects: ⓘ
- Awesome cloud enumerator☆856Updated last month
- Cloudlist is a tool for listing Assets from multiple Cloud Providers.☆840Updated this week
- 🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.☆388Updated 3 weeks ago
- Golang client for querying SecurityTrails API data☆529Updated last year
- Go client to communicate with Chaos DB API.☆621Updated this week
- A fully automated, reliable, super-fast, mass scanning and validation toolkit for the Log4J RCE CVE-2021-44228 vulnerability.☆382Updated 4 months ago
- My subdomain enumeration script. It's unique in the way it is built upon.☆660Updated last month
- MassDNS wrapper written in go to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard filtering…☆1,295Updated this week
- A rapid API for the Project Sonar dataset☆641Updated last year
- Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!☆840Updated 8 months ago
- Private key usage verification☆402Updated 8 months ago
- Open Redirection Analyzer☆732Updated last year
- Curated list of open-source & paid Attack Surface Monitoring (ASM) tools.☆318Updated last week
- PwnMachine is a self hosting solution based on docker aiming to provide an easy to use pwning station for bug hunters.☆296Updated last month
- NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.☆351Updated 2 years ago
- bypass-url-parser☆996Updated this week
- Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an outp…☆451Updated last year
- Attack surface detector that identifies endpoints by static analysis☆555Updated this week
- PwnFox is a Firefox/Burp extension that provide usefull tools for your security audit.☆1,028Updated last month
- Vulnerability assessment and penetration testing automation and reporting platform for teams.☆421Updated 3 weeks ago
- Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one pl…☆853Updated 3 months ago
- An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and…☆771Updated last year
- Utility program to perform multiple operations for a given subnet/CIDR ranges.☆977Updated this week
- Convolutional neural network for analyzing pentest screenshots☆1,021Updated 7 months ago
- Scan only once by IP address and reduce scan times with Nmap for large amounts of data.☆383Updated last year
- Notify is a Go-based assistance package that enables you to stream the output of several tools (or read from a file) and publish it to a …☆1,277Updated this week
- A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.☆476Updated last year
- 🍪 CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.☆813Updated 11 months ago
- The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices☆608Updated 5 months ago
- Tool to check for dependency confusion vulnerabilities in multiple package management systems☆687Updated last month