GitHub Tools
Open-source security tools and utilities for penetration testing and bug bounty
LOXS
Efficiently detect critical web application vulnerabilities such as SQLi, XSS, LFI, CRLF injection, and Open Redirects.
OTY
One Tool and YAML - A flexible tool to automate your bug bounty workflow.
SQLmap
Automatic SQL injection and database takeover tool.
WPscan
Scan wordpress websites and get an instant report of vulnerabilities.
FFuF
Fast and efficient web fuzzer written in Go.
Gxss
A light weight tool to check a bunch of URLs that contain reflecting parameters.
Recx
Crawler for finding reflected parameters and reflecting special characters!
CustomBsqli
Test Blind SQL Injection (BSQLi) on multiple URLs, use verbose/non-verbose modes for quick testing.
Gau
Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
Subfinder
Very fast and effective passive subdomain discovery tool.
Httpx
Fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
Katana
A next-generation crawling and spidering framework.
Nuclei
Nuclei is a fast, customizable vulnerability scanner powered by the global security community.
SSRFmap
Automatic SSRF fuzzer and exploitation tool. Takes a Burp request file as input and a parameter to fuzz.
Ghauri
An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws.
Amass
Subdomain enumeration and OSINT tool, using open source information gathering.
Assetfinder
Find domains and subdomains related to a given domain.
Masscan
TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
Hakrawler
Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application.
URLfinder
A high-speed tool for passively gathering URLs, optimized for efficient and comprehensive web asset discovery without active scanning.
LinkFinder
A python script that finds endpoints in JavaScript files.
Waybackurls
Fetch all the URLs that the Wayback Machine knows about for a domain.
x8
Identify hidden parameters that could potentially be vulnerable or reveal interesting functionality.
Commix
Open source and automated tool for exploiting command injection vulnerabilities.
DotDotPwn
DotDotPwn - The Directory Traversal Fuzzer.
LFISuite
Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner.
SSTImap
Automatic SSTI detection tool with interactive interface that allows more advanced exploitation.
S3Scanner
Scan for misconfigured S3 buckets acrs S3-compatible APIs!
Gf
A wrapper around grep, to help you grep for things
KXSS
This a adaption of tomnomnom's kxss tool with a different output format
Go-Dork
The fastest dork scanner written in Go.