Essential tool for finding blind injection attacks.
☆50Feb 6, 2019Updated 7 years ago
Alternatives and similar repositories for duct
Users that are interested in duct are comparing it to the libraries listed below
Sorting:
- The Python Password-Protected Obfuscator☆33Jul 7, 2019Updated 6 years ago
- Framework for exploiting local vulnerabilities☆83Nov 18, 2023Updated 2 years ago
- yet another dirbuster☆18Jan 14, 2021Updated 5 years ago
- A threaded, recursive, web directory brute-force scanner over HTTP/2.☆36Feb 11, 2020Updated 6 years ago
- DrMITM is a program designed to globally log all traffic of a website.☆28Feb 10, 2019Updated 7 years ago
- Automated SonarQube☆70Jun 3, 2019Updated 6 years ago
- DNS Enumeration with Asynchronicity☆45Oct 30, 2018Updated 7 years ago
- Linux, macOS and Windows Install scripts for cnquery & cnspec☆83Feb 17, 2026Updated last week
- Password Lense: reveal character types in a password☆23Oct 18, 2025Updated 4 months ago
- 一个对常见的web日志进行解析处理的粗糙DEMO☆21Jun 3, 2018Updated 7 years ago
- Pentesting-related Bash Scripts☆12Jan 4, 2020Updated 6 years ago
- a unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations…☆536Mar 27, 2022Updated 3 years ago
- SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing☆91May 10, 2020Updated 5 years ago
- HashCobra Hash Cracking tool.☆122Dec 1, 2020Updated 5 years ago
- ☆38Jul 3, 2020Updated 5 years ago
- ☆25May 9, 2021Updated 4 years ago
- Pown.js is a security testing an exploitation toolkit built on top of Node.js and NPM.☆261Apr 7, 2023Updated 2 years ago
- A command line security audit tool for Amazon Web Services☆82Mar 4, 2019Updated 6 years ago
- ☆14Aug 27, 2025Updated 6 months ago
- Blind SQL Injection Tool with Golang☆79Dec 31, 2021Updated 4 years ago
- Unofficial WhatCMS API package☆40Mar 25, 2021Updated 4 years ago
- RmiTaste allows security professionals to detect, enumerate, interact and exploit RMI services by calling remote methods with gadgets fro…☆109Oct 10, 2020Updated 5 years ago
- Scans for HTTP servers and finds given strings in HTTP body and HTTP response headers.☆35Dec 23, 2024Updated last year
- Toolkit to detect and keep track on Blind XSS, XXE & SSRF☆293Aug 23, 2019Updated 6 years ago
- Hayat is a script for report and analyze Google Cloud Platform resources.☆80Jan 7, 2020Updated 6 years ago
- PostShell - Post Exploitation Bind/Backconnect Shell☆83Sep 9, 2019Updated 6 years ago
- Unofficial api for cve.mitre.org☆40Aug 28, 2021Updated 4 years ago
- Boxer: A fast directory bruteforce tool written in Python with concurrency.☆14Feb 26, 2021Updated 5 years ago
- FockCache - Minimalized Test Cache Poisoning☆111Feb 3, 2020Updated 6 years ago
- This tool can be used during internal penetration testing to dump Windows credentials from an already-compromised host. It allows one to …☆111Apr 24, 2020Updated 5 years ago
- Use regular expressions to get sensitive information from a given repository (GitHub, pip or npm).☆37Sep 30, 2019Updated 6 years ago
- Hunt Open MongoDB instances☆79Sep 25, 2019Updated 6 years ago
- ☆15Oct 8, 2025Updated 4 months ago
- Tool to brute website sub-domains and dirs.☆49May 13, 2020Updated 5 years ago
- A tool written in python for scraping firebase data☆43Apr 5, 2020Updated 5 years ago
- wordpress hash cracker .☆66Sep 7, 2021Updated 4 years ago
- CVE-2019-12949☆26Jun 28, 2019Updated 6 years ago
- Just a silly recon tool that uses data from SSL Certificates to find potential host names☆29Feb 17, 2026Updated 2 weeks ago
- ☆92Dec 8, 2022Updated 3 years ago