A basic tool to check security headers of a website
☆808Jan 18, 2026Updated last month
Alternatives and similar repositories for shcheck
Users that are interested in shcheck are comparing it to the libraries listed below
Sorting:
- Check any website (or set of websites) for insecure security headers.☆255Jun 12, 2023Updated 2 years ago
- Python script to check HTTP security headers☆68Nov 16, 2025Updated 3 months ago
- A security scanner for HTTP response headers.☆298Jan 19, 2025Updated last year
- A Tool for Domain Flyovers☆5,906May 22, 2022Updated 3 years ago
- Automated Security Testing For REST API's☆2,640Jun 5, 2024Updated last year
- .NET IPv4/IPv6 machine-in-the-middle tool for penetration testers☆2,913Nov 19, 2025Updated 3 months ago
- nnposter's alternate fingerprint dataset for Nmap script http-default-accounts☆256Feb 15, 2026Updated 2 weeks ago
- Pentest Report Generator☆2,762Updated this week
- A WebDAV PROPFIND covert channel to deliver payloads☆52Nov 14, 2017Updated 8 years ago
- Customisable and automated HTTP header injection☆270Jun 27, 2024Updated last year
- A collection of Azure AD/Entra tools for offensive and defensive security purposes☆2,530Feb 5, 2026Updated 3 weeks ago
- SMBMap is a handy SMB enumeration tool☆2,020Jan 6, 2026Updated last month
- A toolkit for testing, tweaking and cracking JSON Web Tokens☆6,389May 1, 2025Updated 10 months ago
- a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )☆2,745Updated this week
- ANWI - All New Wireless IDS☆28Nov 28, 2025Updated 3 months ago
- rdp-sec-check is a Perl script to enumerate security settings of an RDP Service (AKA Terminal Services)☆241Mar 29, 2024Updated last year
- MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, i…☆3,213Aug 7, 2025Updated 6 months ago
- A swiss army knife for pentesting networks☆9,082Dec 6, 2023Updated 2 years ago
- ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the…☆908Oct 15, 2024Updated last year
- ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec.☆2,438Jun 11, 2025Updated 8 months ago
- The project is called Great SCT (Great Scott). Great SCT is an open source project to generate application white list bypasses. This tool…☆1,128Feb 10, 2021Updated 5 years ago
- ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the…☆1,888Jun 15, 2020Updated 5 years ago
- linWinPwn is a bash script that streamlines the use of a number of Active Directory tools☆2,156Updated this week
- AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.☆5,917Jan 28, 2026Updated last month
- Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.☆2,029Jul 12, 2025Updated 7 months ago
- HTTP parameter discovery suite.☆6,091Feb 20, 2025Updated last year
- A pentest reporting tool written in Python. Free yourself from Microsoft Word.☆1,464Mar 27, 2025Updated 11 months ago
- The Network Execution Tool☆5,296Updated this week
- Trying to tame the three-headed dog.☆4,904Nov 14, 2025Updated 3 months ago
- Files related to my presentation at SigSegV2 conference in 2019. You can find related papers on my blog☆13Dec 12, 2019Updated 6 years ago
- A script that monitors and extracts requested URLs and clients connected to the service by exploiting publicly accessible Apache server-s…☆441Sep 19, 2021Updated 4 years ago
- GoFetch is a tool to automatically exercise an attack plan generated by the BloodHound application.☆633Jun 20, 2017Updated 8 years ago
- A python script that finds endpoints in JavaScript files☆4,294Apr 13, 2024Updated last year
- This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage clou…☆2,803Sep 17, 2024Updated last year
- Hide your Powershell script in plain sight. Bypass all Powershell security features☆1,304Aug 19, 2019Updated 6 years ago
- Knock Subdomain Scan☆4,138Feb 19, 2026Updated last week
- Six Degrees of Domain Admin☆10,540Aug 1, 2025Updated 7 months ago
- Monitor linux processes without root permissions☆5,891Jan 17, 2023Updated 3 years ago
- A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automat…☆2,366Feb 25, 2026Updated last week