CHOMTE.SH is a powerful shell script designed to automate reconnaissance tasks during penetration testing. It utilizes various Go-based tools to gather information and identify the attack surface, making it a valuable asset for bug bounty hunters and penetration testers.
☆130Feb 17, 2026Updated 2 weeks ago
Alternatives and similar repositories for chomtesh
Users that are interested in chomtesh are comparing it to the libraries listed below
Sorting:
- Convert domain lists to resolved IP without duplicated, useful for strong large recon, and Bug Bounty☆13Apr 30, 2021Updated 4 years ago
- A fuzzer for finding anomalies and analyzing how servers respond to different HTTP headers☆357Dec 14, 2023Updated 2 years ago
- Certina is an OSINT tool for red teamers and bug hunters to discover subdomains from web certificate data☆52Mar 7, 2024Updated 2 years ago
- Elyzer is an email header analyzer, written in python, capable of detecting potential spoofing attempts.☆48Dec 18, 2024Updated last year
- Checks for SSRF using built-in custom Payloads after fetching URLs from Multiple Passive Sources & applying complex patterns aimed at SSR…☆132Sep 6, 2024Updated last year
- Mine URLs from Browser's Heap Snapshot for fun and profit☆64Aug 9, 2023Updated 2 years ago
- Nodesub is a command-line tool for finding subdomains in bug bounty programs☆148Aug 1, 2024Updated last year
- ☆23Jun 28, 2025Updated 8 months ago
- Smart context-based SSRF vulnerability scanner.☆360May 5, 2022Updated 3 years ago
- CrlfiX☆21Jan 30, 2025Updated last year
- Burp Suite extension to encode an IP address focused to bypass application IP / domain blacklist.☆46Mar 4, 2024Updated 2 years ago
- SecretOpt1c is a Red Team tool that helps uncover sensitive information in websites using ACTIVE and PASSIVE Techniques for Superior Accu…☆241Sep 6, 2024Updated last year
- An offensive security tool used to enumerate and spray passwords for O365 accounts on both Managed and Federated AD services.☆48Nov 17, 2022Updated 3 years ago
- Contains a collection of Bash scripts designed for comprehensive security audits and network mapping of Active Directory (AD) environment…☆144May 17, 2024Updated last year
- Exposor is a tool using internet search engines to detect exposed technologies with a unified syntax.☆65Nov 12, 2025Updated 3 months ago
- [Custom || Automated] Curation & Collection of BugBounty Wordlists☆63Updated this week
- Wireless Network Security Analysis Tool☆16Apr 27, 2025Updated 10 months ago
- Simple PoC for demonstrating Race Conditions on Websockets☆54Sep 14, 2023Updated 2 years ago
- An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and…☆802Jul 4, 2023Updated 2 years ago
- Web Security Scanner☆384Nov 13, 2025Updated 3 months ago
- Mind map for certifcation, vulnerability finding and recon for bug bounty and professional works.☆19Mar 17, 2024Updated last year
- A Powerful Sensor Tool to discover login panels, and POST Form SQLi Scanning☆522Jul 5, 2023Updated 2 years ago
- A simple tool to allows users to search for and analyze android apps for potential security threats and vulnerabilities☆87Apr 4, 2024Updated last year
- A rapid HTTP downgrade smuggling scanner written in Go.☆313May 16, 2024Updated last year
- A Tool for Bug Bounty Hunters that uses Passive and Active Techniques to fetch URLs as a strong Recon, so you can then create Attack Vect…☆76Sep 6, 2024Updated last year
- PowerShell wrapper for nmap, allows easy scanning of many hosts and subnets☆15Apr 1, 2018Updated 7 years ago
- This tool will resolve a list of Domains, IPs, Hosts, URLs and save the results for valid/invalid fast!☆16Aug 19, 2022Updated 3 years ago
- [Automated | UpToDate] Daily Dumps of CertStream Subdomains Data For the World 🌐☆16Feb 15, 2025Updated last year
- Simple and efficient file shredding☆14Sep 23, 2019Updated 6 years ago
- ☆15May 6, 2023Updated 2 years ago
- My useful files for penetration tests, security assessments, bug bounty and other security related stuff☆198Updated this week
- A really fast http prober.☆40Feb 1, 2024Updated 2 years ago
- LFI-FINDER is an open-source tool available on GitHub that focuses on detecting Local File Inclusion (LFI) vulnerabilities☆300Jan 7, 2024Updated 2 years ago
- Subprober is a powerful and efficient subdomain scanning tool written in Python. With the ability to handle large lists of subdomains. Th…☆264Jul 6, 2025Updated 8 months ago
- Nucleimonst3r is a powerful vulnerability scanner that can help Bug Bounty Hunters find low hanging fruit vulnerabilities for known CVEs …☆259Apr 3, 2025Updated 11 months ago
- A Lightning-Fast DNS Resolver written in Rust 🦀☆69Nov 19, 2024Updated last year
- The useful exploit finder☆828Jan 19, 2026Updated last month
- SubDominator helps you discover subdomains associated with a target domain efficiently and with minimal impact for your Bug Bounty☆732Jan 25, 2026Updated last month
- The process involves downloading the latest version and automatically configuring it within the Termux Android application. Subsequently,…☆19Aug 1, 2025Updated 7 months ago