CHOMTE.SH is a powerful shell script designed to automate reconnaissance tasks during penetration testing. It utilizes various Go-based tools to gather information and identify the attack surface, making it a valuable asset for bug bounty hunters and penetration testers.
☆130Mar 3, 2026Updated 3 weeks ago
Alternatives and similar repositories for chomtesh
Users that are interested in chomtesh are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A fuzzer for finding anomalies and analyzing how servers respond to different HTTP headers☆358Dec 14, 2023Updated 2 years ago
- Certina is an OSINT tool for red teamers and bug hunters to discover subdomains from web certificate data☆53Mar 7, 2024Updated 2 years ago
- Wireless Network Security Analysis Tool☆16Apr 27, 2025Updated 11 months ago
- Mine URLs from Browser's Heap Snapshot for fun and profit☆65Aug 9, 2023Updated 2 years ago
- Gouge is a simple Burp extension to extract or gouge all URLs which are seen in JS files as you visit different websites/webpages in Burp…☆28Jul 21, 2024Updated last year
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Checks for SSRF using built-in custom Payloads after fetching URLs from Multiple Passive Sources & applying complex patterns aimed at SSR…☆132Sep 6, 2024Updated last year
- Elyzer is an email header analyzer, written in python, capable of detecting potential spoofing attempts.☆49Dec 18, 2024Updated last year
- Automate bug bounty recon using bash alias☆15Aug 6, 2024Updated last year
- Convert domain lists to resolved IP without duplicated, useful for strong large recon, and Bug Bounty☆13Apr 30, 2021Updated 4 years ago
- Mind map for certifcation, vulnerability finding and recon for bug bounty and professional works.☆19Mar 17, 2024Updated 2 years ago
- An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and…☆804Jul 4, 2023Updated 2 years ago
- Nodesub is a command-line tool for finding subdomains in bug bounty programs☆148Aug 1, 2024Updated last year
- An offensive security tool used to enumerate and spray passwords for O365 accounts on both Managed and Federated AD services.☆48Nov 17, 2022Updated 3 years ago
- Smart context-based SSRF vulnerability scanner.☆360May 5, 2022Updated 3 years ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- My useful files for penetration tests, security assessments, bug bounty and other security related stuff☆202Updated this week
- [Automated | UpToDate] Daily Dumps of CertStream Subdomains Data For the World 🌐☆16Feb 15, 2025Updated last year
- SecretOpt1c is a Red Team tool that helps uncover sensitive information in websites using ACTIVE and PASSIVE Techniques for Superior Accu…☆243Sep 6, 2024Updated last year
- Contains a collection of Bash scripts designed for comprehensive security audits and network mapping of Active Directory (AD) environment…☆145May 17, 2024Updated last year
- Simple PoC for demonstrating Race Conditions on Websockets☆54Sep 14, 2023Updated 2 years ago
- Search for sensitive data in Postman public library. Original work from https://github.com/cosad3s/postleaks☆31Feb 13, 2026Updated last month
- A Tool for Bug Bounty Hunters that uses Passive and Active Techniques to fetch URLs as a strong Recon, so you can then create Attack Vect…☆76Sep 6, 2024Updated last year
- A Powerful Sensor Tool to discover login panels, and POST Form SQLi Scanning☆518Jul 5, 2023Updated 2 years ago
- Exposor is a tool using internet search engines to detect exposed technologies with a unified syntax.☆65Nov 12, 2025Updated 4 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- Web Security Scanner☆383Nov 13, 2025Updated 4 months ago
- A Multi-Processing Tool for collecting and extracting information to an Excel file from a Burp Suite output file.☆10Apr 8, 2024Updated last year
- ☆16Feb 11, 2026Updated last month
- Vagrant Files to create a Virtualbox VM for Malware Analysis☆13Jun 1, 2021Updated 4 years ago
- Subprober is a powerful and efficient subdomain scanning tool written in Python. With the ability to handle large lists of subdomains. Th…☆265Mar 22, 2026Updated last week
- ☆15May 6, 2023Updated 2 years ago
- Melee: Tool to Detect Infections in MySQL Instances☆22Aug 6, 2023Updated 2 years ago
- Collection of Stuff☆14Nov 2, 2023Updated 2 years ago
- SubDominator helps you discover subdomains associated with a target domain efficiently and with minimal impact for your Bug Bounty☆742Jan 25, 2026Updated 2 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- A Lightning-Fast DNS Resolver written in Rust 🦀☆69Nov 19, 2024Updated last year
- [Custom || Automated] Curation & Collection of BugBounty Wordlists☆67Updated this week
- This repository contains fully disclosed accepted reports for the null Ahmedabad's Bug Bounty CTF.☆10Oct 31, 2023Updated 2 years ago
- Stealing MFA/2FA tokens and using them to logon with VPN clients☆17Jun 4, 2018Updated 7 years ago
- A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.☆22Jul 17, 2024Updated last year
- Svendsen Tech's PowerShell nmap-like port scanner accepting IPv4 CIDR notation☆52Oct 31, 2022Updated 3 years ago
- DrShell is a cutting-edge tool designed for the dynamic management of reverse shell sessions. Whether you are a seasoned security profess…☆16Aug 20, 2025Updated 7 months ago