CHOMTE.SH is a powerful shell script designed to automate reconnaissance tasks during penetration testing. It utilizes various Go-based tools to gather information and identify the attack surface, making it a valuable asset for bug bounty hunters and penetration testers.
☆132Mar 3, 2026Updated last month
Alternatives and similar repositories for chomtesh
Users that are interested in chomtesh are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A fuzzer for finding anomalies and analyzing how servers respond to different HTTP headers☆357Dec 14, 2023Updated 2 years ago
- Certina is an OSINT tool for red teamers and bug hunters to discover subdomains from web certificate data☆53Mar 7, 2024Updated 2 years ago
- Wireless Network Security Analysis Tool☆16Apr 27, 2025Updated 11 months ago
- Mine URLs from Browser's Heap Snapshot for fun and profit☆65Aug 9, 2023Updated 2 years ago
- Gouge is a simple Burp extension to extract or gouge all URLs which are seen in JS files as you visit different websites/webpages in Burp…☆29Jul 21, 2024Updated last year
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Checks for SSRF using built-in custom Payloads after fetching URLs from Multiple Passive Sources & applying complex patterns aimed at SSR…☆133Sep 6, 2024Updated last year
- Elyzer is an email header analyzer, written in python, capable of detecting potential spoofing attempts.☆49Dec 18, 2024Updated last year
- Convert domain lists to resolved IP without duplicated, useful for strong large recon, and Bug Bounty☆13Apr 30, 2021Updated 4 years ago
- Automate bug bounty recon using bash alias☆15Aug 6, 2024Updated last year
- Mind map for certifcation, vulnerability finding and recon for bug bounty and professional works.☆19Mar 17, 2024Updated 2 years ago
- Nodesub is a command-line tool for finding subdomains in bug bounty programs☆148Aug 1, 2024Updated last year
- An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and…☆807Jul 4, 2023Updated 2 years ago
- An offensive security tool used to enumerate and spray passwords for O365 accounts on both Managed and Federated AD services.☆48Nov 17, 2022Updated 3 years ago
- Smart context-based SSRF vulnerability scanner.☆361May 5, 2022Updated 3 years ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- My useful files for penetration tests, security assessments, bug bounty and other security related stuff☆203Updated this week
- [Automated | UpToDate] Daily Dumps of CertStream Subdomains Data For the World 🌐☆16Feb 15, 2025Updated last year
- SecretOpt1c is a Red Team tool that helps uncover sensitive information in websites using ACTIVE and PASSIVE Techniques for Superior Accu…☆243Sep 6, 2024Updated last year
- Contains a collection of Bash scripts designed for comprehensive security audits and network mapping of Active Directory (AD) environment…☆146May 17, 2024Updated last year
- Simple PoC for demonstrating Race Conditions on Websockets☆54Sep 14, 2023Updated 2 years ago
- Search for sensitive data in Postman public library. Original work from https://github.com/cosad3s/postleaks☆31Feb 13, 2026Updated 2 months ago
- A Tool for Bug Bounty Hunters that uses Passive and Active Techniques to fetch URLs as a strong Recon, so you can then create Attack Vect…☆76Sep 6, 2024Updated last year
- A Powerful Sensor Tool to discover login panels, and POST Form SQLi Scanning☆516Jul 5, 2023Updated 2 years ago
- Web Security Scanner☆382Nov 13, 2025Updated 5 months ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- SubDominator helps you discover subdomains associated with a target domain efficiently and with minimal impact for your Bug Bounty☆748Jan 25, 2026Updated 2 months ago
- Exposor is a tool using internet search engines to detect exposed technologies with a unified syntax.☆66Nov 12, 2025Updated 5 months ago
- A Multi-Processing Tool for collecting and extracting information to an Excel file from a Burp Suite output file.☆10Apr 8, 2024Updated 2 years ago
- ☆17Updated this week
- Vagrant Files to create a Virtualbox VM for Malware Analysis☆13Jun 1, 2021Updated 4 years ago
- Subprober is a powerful and efficient subdomain scanning tool written in Python. With the ability to handle large lists of subdomains. Th…☆266Mar 22, 2026Updated 3 weeks ago
- ☆15May 6, 2023Updated 2 years ago
- Melee: Tool to Detect Infections in MySQL Instances☆22Aug 6, 2023Updated 2 years ago
- Collection of Stuff☆14Nov 2, 2023Updated 2 years ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- A Lightning-Fast DNS Resolver written in Rust 🦀☆69Nov 19, 2024Updated last year
- This repository contains fully disclosed accepted reports for the null Ahmedabad's Bug Bounty CTF.☆10Oct 31, 2023Updated 2 years ago
- [Custom || Automated] Curation & Collection of BugBounty Wordlists☆69Updated this week
- Svendsen Tech's PowerShell nmap-like port scanner accepting IPv4 CIDR notation☆52Oct 31, 2022Updated 3 years ago
- DrShell is a cutting-edge tool designed for the dynamic management of reverse shell sessions. Whether you are a seasoned security profess…☆17Aug 20, 2025Updated 7 months ago
- Installs and adjusts Pentest tools.☆10Oct 19, 2022Updated 3 years ago
- SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applic…☆461Mar 28, 2024Updated 2 years ago