owasp-amass / amass
In-depth attack surface mapping and asset discovery
☆11,798Updated this week
Related projects: ⓘ
- Fast passive subdomain enumeration tool.☆9,963Updated this week
- Fast web fuzzer written in Go☆12,270Updated 2 months ago
- Directory/File, DNS and VHost busting tool written in Go☆9,580Updated last week
- A Workflow Engine for Offensive Security☆5,269Updated 3 months ago
- Fast subdomains enumeration tool for penetration testers☆9,679Updated last month
- A Tool for Domain Flyovers☆5,604Updated 2 years ago
- Fast and customizable vulnerability scanner based on simple YAML based DSL.☆19,931Updated this week
- Attack Surface Management Platform☆7,936Updated last month
- EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.☆4,905Updated last month
- PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)☆15,744Updated this week
- Web application fuzzer☆5,866Updated last month
- Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application☆4,417Updated 7 months ago
- "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.☆4,756Updated last week
- This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.☆8,959Updated 2 weeks ago
- GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems☆10,628Updated 3 weeks ago
- Impacket is a collection of Python classes for working with network protocols.☆13,291Updated 2 weeks ago
- E-mails, subdomains and names Harvester - OSINT☆11,100Updated this week
- The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, f…☆3,983Updated last month
- HTTP parameter discovery suite.☆5,122Updated 2 months ago
- Adversary Emulation Framework☆8,239Updated this week
- A swiss army knife for pentesting networks☆8,355Updated 9 months ago
- Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of …☆10,634Updated 3 weeks ago
- Scripted Local Linux Enumeration & Privilege Escalation Checks☆6,938Updated last year
- Monitor linux processes without root permissions☆4,854Updated last year
- Knock Subdomain Scan☆3,839Updated last month
- Nikto web server scanner☆8,336Updated last week
- A toolkit for testing, tweaking and cracking JSON Web Tokens☆5,282Updated last month
- Web path scanner☆11,866Updated last month
- httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.☆7,478Updated this week
- A fast, simple, recursive content discovery tool written in Rust.☆5,790Updated this week