michelin / ChopChop
ChopChop is a CLI to help developers scanning endpoints and identifying exposition of sensitive services/files/folders.
☆675Updated last year
Related projects ⓘ
Alternatives and complementary repositories for ChopChop
- Awesome cloud enumerator☆894Updated 3 months ago
- Cloudlist is a tool for listing Assets from multiple Cloud Providers.☆861Updated this week
- Golang client for querying SecurityTrails API data☆539Updated last year
- A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.☆496Updated 2 years ago
- Go client to communicate with Chaos DB API.☆641Updated this week
- Convolutional neural network for analyzing pentest screenshots☆1,040Updated 9 months ago
- Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!☆845Updated 10 months ago
- A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.☆483Updated last year
- A rapid API for the Project Sonar dataset☆641Updated last year
- 🍪 CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.☆833Updated last month
- PwnMachine is a self hosting solution based on docker aiming to provide an easy to use pwning station for bug hunters.☆302Updated 3 months ago
- HTTP Request Smuggling over HTTP/2 Cleartext (h2c)☆650Updated 2 years ago
- Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an outp…☆457Updated last year
- Scan only once by IP address and reduce scan times with Nmap for large amounts of data.☆386Updated last year
- Fetch web pages using headless Chrome, storing all fetched resources including JavaScript files. Run arbitrary JavaScript on many web pag…☆513Updated 4 months ago
- Vulnerability assessment and penetration testing automation and reporting platform for teams.☆434Updated this week
- MassDNS wrapper written in go to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard filtering…☆1,327Updated this week
- An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and…☆778Updated last year
- My subdomain enumeration script. It's unique in the way it is built upon.☆664Updated 3 months ago
- Port of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.☆976Updated 11 months ago
- Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.☆1,686Updated last month
- ☆555Updated 3 years ago
- bypass-url-parser☆1,021Updated this week
- Fast HTTP enumerator☆461Updated 3 months ago
- A fully automated, reliable, super-fast, mass scanning and validation toolkit for the Log4J RCE CVE-2021-44228 vulnerability.☆386Updated 6 months ago
- Curated list of open-source & paid Attack Surface Monitoring (ASM) tools.☆354Updated last month
- NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.☆356Updated 3 years ago
- Maintains a list of IPv4 DNS servers by verifying them against baseline servers, and ensuring accurate responses.☆655Updated 10 months ago
- Scrape domain names from SSL certificates of arbitrary hosts☆620Updated 7 months ago
- Peirates - Kubernetes Penetration Testing tool☆1,243Updated last month