owasp-amass / amass
In-depth attack surface mapping and asset discovery
☆12,430Updated this week
Alternatives and similar repositories for amass:
Users that are interested in amass are comparing it to the libraries listed below
- Fast passive subdomain enumeration tool.☆11,069Updated this week
- A Tool for Domain Flyovers☆5,710Updated 2 years ago
- EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.☆5,146Updated 3 months ago
- Fast web fuzzer written in Go☆13,354Updated 7 months ago
- Fast subdomains enumeration tool for penetration testers☆10,095Updated 6 months ago
- Directory/File, DNS and VHost busting tool written in Go☆10,851Updated last month
- "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.☆5,002Updated 3 weeks ago
- Adversary Emulation Framework☆8,842Updated last week
- HTTP parameter discovery suite.☆5,411Updated last month
- A fast, simple, recursive content discovery tool written in Rust.☆6,196Updated this week
- Knock Subdomain Scan☆3,926Updated 2 months ago
- A Workflow Engine for Offensive Security☆5,452Updated this week
- Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application☆4,588Updated last month
- The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, f…☆4,120Updated 4 months ago
- Scripted Local Linux Enumeration & Privilege Escalation Checks☆7,182Updated last year
- Take a list of domains and probe for working HTTP and HTTPS servers☆2,938Updated 7 months ago
- Web application fuzzer☆6,045Updated 5 months ago
- AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.☆5,297Updated 7 months ago
- The fastest and complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, su…☆3,395Updated 11 months ago
- A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for att…☆4,941Updated this week
- A swiss army knife for pentesting networks☆8,564Updated last year
- GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems☆11,197Updated 3 months ago
- An OOB interaction gathering server and client library☆3,571Updated this week
- Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv…☆5,630Updated last week
- Monitor linux processes without root permissions☆5,086Updated 2 years ago
- Attack Surface Management Platform☆8,377Updated last month
- Automated All-in-One OS Command Injection Exploitation Tool.☆4,712Updated last week
- A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…☆3,729Updated 3 years ago
- Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.☆8,369Updated last year
- Find domains and subdomains related to a given domain☆3,136Updated 8 months ago