Private key usage verification
β431Apr 4, 2025Updated 11 months ago
Alternatives and similar repositories for driftwood
Users that are interested in driftwood are comparing it to the libraries listed below
Sorting:
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raiderβ139Sep 14, 2021Updated 4 years ago
- π Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.β426Feb 20, 2026Updated 2 weeks ago
- β73Nov 22, 2021Updated 4 years ago
- πͺ CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.β967Jan 10, 2025Updated last year
- β419Oct 16, 2021Updated 4 years ago
- Contextual Content Discovery Toolβ3,106Apr 29, 2024Updated last year
- A Passive SSH back-end and scanner.β104Jun 18, 2025Updated 8 months ago
- Find, verify, and analyze leaked credentialsβ24,933Updated this week
- Vandalize old emails. Like an NFT that's easy to prove ownership of.β34Jul 20, 2023Updated 2 years ago
- GraphQL security auditing script with a focus on performing batch GraphQL queries and mutationsβ409Dec 24, 2022Updated 3 years ago
- Automating situational awareness for cloud penetration tests.β2,303Updated this week
- Unleash the power of cloudβ815Nov 19, 2024Updated last year
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerabilityβ956Dec 31, 2021Updated 4 years ago
- Tool to check for dependency confusion vulnerabilities in multiple package management systemsβ778Aug 19, 2024Updated last year
- Dump all available paths and/or endpoints on WADL file.β98Nov 24, 2025Updated 3 months ago
- truffleproc β hunt secrets in process memory (TruffleHog & gdb mashup)β123Aug 20, 2023Updated 2 years ago
- Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.β1,286Sep 12, 2025Updated 5 months ago
- Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures tβ¦β213Mar 31, 2020Updated 5 years ago
- β705Nov 27, 2024Updated last year
- Rust-based high performance domain permutation generator.β299Dec 2, 2023Updated 2 years ago
- Fetch web pages using headless Chrome, storing all fetched resources including JavaScript files. Run arbitrary JavaScript on many web pagβ¦β529Apr 23, 2025Updated 10 months ago
- Generate a dynamic PAC script that will route traffic to your Burp proxy only if it matches the scope defined in your Burp target.β33Nov 8, 2021Updated 4 years ago
- Convolutional neural network for analyzing pentest screenshotsβ1,279Feb 19, 2024Updated 2 years ago
- Filter and enrich a list of subdomains by levelβ208Sep 25, 2023Updated 2 years ago
- Find cloud assets that no one wants exposed π βοΈβ348Jul 20, 2020Updated 5 years ago
- Tools to assess the DNS security of web applicationsβ127Oct 5, 2022Updated 3 years ago
- Research on the enumeration of IAM permissions without logging to CloudTrailβ60Jun 11, 2021Updated 4 years ago
- Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.β6,089Aug 14, 2024Updated last year
- A GraphQL enumeration and extraction toolβ133Jan 29, 2023Updated 3 years ago
- Eliminate dangling elastic IPs by performing analysis on your resources within all your AWS accounts.β277Sep 20, 2024Updated last year
- β95Sep 18, 2021Updated 4 years ago
- A high performance TCP SYN port scanner.β316Mar 2, 2024Updated 2 years ago
- π¦π Awesome list of secrets in environment variables π₯οΈβ902Sep 21, 2022Updated 3 years ago
- A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attβ¦β5,789Updated this week
- Leverages publicly available datasets from Google BigQuery to generate content discovery and subdomain wordlistsβ767Feb 12, 2023Updated 3 years ago
- Amazingly fast response crawler to find juicy stuff in the source code! ππ₯β156Sep 18, 2023Updated 2 years ago
- Go scripts for checking API key / access token validityβ221Aug 3, 2021Updated 4 years ago
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable β¦β753Dec 19, 2023Updated 2 years ago
- WebStor efficiently enumerates all websites across your organizationβs networks and those in your DNS records - including cloud-hosted seβ¦β156Mar 31, 2024Updated last year