SqlInjection
https://github.com/Neohapsis/bbqsqlhttps://github.com/libeclipse/blind-sql-bitshiftinghttps://github.com/sqlmapproject/sqlmaphttps://github.com/HandsomeCam/Absinthe
Pentest Frameworkhttps://github.com/trustedsec/ptfhttps://github.com/georgiaw/Smartphone-Pentest-Frameworkhttps://github.com/dloss/python-pentest-toolshttps://github.com/enaqx/awesome-pentesthttps://github.com/PenturaLabs/Linux_Exploit_Suggester
Web Apphttp://www.websecurify.com/https://www.netsparker.com/http://www.acunetix.com/vulnerability-scanner/https://www.rapid7.com/products/nexpose/https://secapps.com/https://github.com/Arachni/arachnihttps://github.com/leebaird/discover/blob/master/discover.shBug Bounty tool List
Dnscan
GitHub - rbsec/dnscan
Contribute to rbsec/dnscan development by creating an account on GitHub.
github.com
GitHub - guelfoweb/knock: Knock Subdomain Scan
Knock Subdomain Scan. Contribute to guelfoweb/knock development by creating an account on GitHub.
github.com
GitHub - aboul3la/Sublist3r: Fast subdomains enumeration tool for penetration testers
Fast subdomains enumeration tool for penetration testers - aboul3la/Sublist3r
github.com
GitHub - blechschmidt/massdns: A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration) - blechschmidt/massdns
github.com
Nmap: the Network Mapper - Free Security Scanner
Nmap Free Security Scanner, Port Scanner, & Network Exploration Tool. Download open source software for Linux, Windows, UNIX, FreeBSD, etc.
nmap.org
GitHub - robertdavidgraham/masscan: TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes. - robertdavidgraham/masscan
github.com
GitHub - RedSiege/EyeWitness: EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible. - RedSiege/EyeWitness
github.com
DirBuster
Download DirBuster for free. DirBuster is a multi threaded java application designed to brute force directories and files names on web/application servers.
sourceforge.net
GitHub - maurosoria/dirsearch: Web path scanner
Web path scanner. Contribute to maurosoria/dirsearch development by creating an account on GitHub.
github.com
GitHub - michenriksen/gitrob: Reconnaissance tool for GitHub organizations
Reconnaissance tool for GitHub organizations. Contribute to michenriksen/gitrob development by creating an account on GitHub.
github.com
GitHub - awslabs/git-secrets: Prevents you from committing secrets and credentials into git repositories
Prevents you from committing secrets and credentials into git repositories - awslabs/git-secrets
github.com
Bucket_finder
Bucket Finder - DigiNinja
GitHub - ZephrFish/GoogD0rker: Note: Going through a full re-write of the tooling so the current versions in the repo do not work!
Note: Going through a full re-write of the tooling so the current versions in the repo do not work! - ZephrFish/GoogD0rker
github.com
Wayback Machine
050
Sn1per
GitHub - 1N3/Sn1per: Attack Surface Management Platform
Attack Surface Management Platform. Contribute to 1N3/Sn1per development by creating an account on GitHub.
github.com
GitHub - evilsocket/xray: XRay is a tool for recon, mapping and OSINT gathering from public networks.
XRay is a tool for recon, mapping and OSINT gathering from public networks. - evilsocket/xray
github.com
GitHub - xmendez/wfuzz: Web application fuzzer
Web application fuzzer. Contribute to xmendez/wfuzz development by creating an account on GitHub.
github.com
GitHub - lanjelot/patator: Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.
Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage. - lanjelot/patator
github.com
GitHub - DataSploit/datasploit: An #OSINT Framework to perform various recon techniques on Companies, People, Phone Number, Bitcoin Addresses, etc., aggregate all the raw data, and give data in multiple formats.
An #OSINT Framework to perform various recon techniques on Companies, People, Phone Number, Bitcoin Addresses, etc., aggregate all the raw data, and give data in multiple formats. - DataSploit/dat...
github.com
GitHub - vanhauser-thc/thc-hydra: hydra
hydra. Contribute to vanhauser-thc/thc-hydra development by creating an account on GitHub.
github.com
GitHub - ztgrace/changeme: A default credential scanner.
A default credential scanner. Contribute to ztgrace/changeme development by creating an account on GitHub.
github.com
GitHub - iBotPeaches/Apktool: A tool for reverse engineering Android apk files
A tool for reverse engineering Android apk files. Contribute to iBotPeaches/Apktool development by creating an account on GitHub.
github.com
dex2jar
Download dex2jar for free. Tools to work with android .dex and java .class files. Mirrors: * https://bitbucket.org/pxb1988/dex2jar * https://github.com/pxb1988/dex2jar dex2jar contains following compment * dex-reader is designed to read the Dalvik Executable (.dex/.odex) format. It has a...
sourceforge.net
http://sqlmap.org/…
