[
  {
    "path": ".github/FUNDING.yml",
    "content": "github: hahwul"
  },
  {
    "path": ".github/labeler.yml",
    "content": "⚔️ Weapons:\n- changed-files:\n  - any-glob-to-any-file: \n    - weapons/**\n\n⚙️ Development:\n- changed-files:\n  - any-glob-to-any-file: \n    - scripts/**\n    - .github/labeler.yml\n\n🎨 Image:\n- changed-files:\n  - any-glob-to-any-file: \n    - images/**\n\n🦺 Github Action:\n- changed-files:\n  - any-glob-to-any-file: .github/workflows/**"
  },
  {
    "path": ".github/workflows/cd.yml",
    "content": "---\nname: Continuous Deployment\non:\n  push:\n    branches: [main]\n  workflow_dispatch:\njobs:\n  Deploy:\n    runs-on: ubuntu-latest\n    steps:\n      - uses: actions/checkout@v2\n      - name: Set up Ruby\n        uses: ruby/setup-ruby@v1\n        with:\n          ruby-version: 3.0\n      - name: Install dependencies\n        run: gem install erb yaml\n      - name: Run app\n        run: |\n          ruby ./scripts/erb.rb\n      - name: Make last_change\n        run: date > ./scripts/last_change\n      - name: Commit files\n        run: |\n          git config --local user.email \"hahwul@gmail.com\"\n          git config --local user.name \"WHW\"\n          git add README.md ./scripts/last_change\n          git add ./categorize/*\n          git commit -m \"Deploy README.md and Categorize Docs\"\n      - name: Push changes\n        uses: ad-m/github-push-action@master\n        with:\n          github_token: ${{ secrets.GITHUB_TOKEN }}\n          branch: ${{ github.ref }}\n  Contributors:\n    needs: Deploy\n    runs-on: ubuntu-latest\n    steps:\n      - uses: wow-actions/contributors-list@v1\n        with:\n          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}\n          round: true\n          svgPath: images/CONTRIBUTORS.svg"
  },
  {
    "path": ".github/workflows/labeler.yml",
    "content": "name: \"Pull Request Labeler\"\non: [pull_request_target]\n\njobs:\n  labeler:\n    permissions:\n      contents: read\n      pull-requests: write\n    runs-on: ubuntu-latest\n    steps:\n    - uses: actions/labeler@v5"
  },
  {
    "path": ".github/workflows/yaml-lint.yml",
    "content": "---\nname: YAML Lint\non:\n  pull_request:\n    branches: [main]\njobs:\n  lintAllTheThings:\n    runs-on: ubuntu-latest\n    steps:\n      - uses: actions/checkout@v3\n      - name: yaml-lint\n        uses: ibiqlik/action-yamllint@v3\n        with:\n          file_or_dir: weapons/*.yaml\n          config_file: .yamllint.yml\n"
  },
  {
    "path": ".gitignore",
    "content": ".DS_Store"
  },
  {
    "path": ".yamllint.yml",
    "content": "---\nrules:\n  anchors: enable\n  braces: enable\n  brackets: enable\n  colons: enable\n  commas: enable\n  comments:\n    level: warning\n  comments-indentation:\n    level: warning\n  document-end: disable\n  document-start:\n    level: warning\n  empty-lines: enable\n  empty-values: disable\n  float-values: disable\n  hyphens: enable\n  indentation: enable\n  key-duplicates: enable\n  key-ordering: disable\n  line-length: disable\n  new-line-at-end-of-file: enable\n  new-lines: enable\n  octal-values: disable\n  quoted-strings: disable\n  trailing-spaces: enable\n  truthy:\n    level: warning"
  },
  {
    "path": "AGENTS.md",
    "content": "# WebHackersWeapons Repository\nWebHackersWeapons is a curated collection of web security tools and utilities. It contains 409+ security tools categorized by type (Army-knife, Proxy, Recon, Fuzzer, Scanner, Exploit, Utils, etc.), platform, language, and tags.\n\nAlways reference these instructions first and fallback to search or bash commands only when you encounter unexpected information that does not match the info here.\n\n## Working Effectively\n- **NEVER CANCEL**: All build operations complete in under 2 seconds. No timeouts needed.\n- Bootstrap and validate the repository:\n  - Ruby 3.x with erb and yaml gems (pre-installed in GitHub Actions)\n  - `ruby ./scripts/erb.rb` -- builds README.md and categorize/* files. Takes ~0.3 seconds.\n  - `ruby ./scripts/validate_weapons.rb` -- validates weapon definitions. Takes ~0.1 seconds.\n  - `yamllint weapons/*.yaml` -- validates YAML syntax. Takes ~1 second.\n- The build process is extremely fast - **ALL commands complete in under 2 seconds**.\n\n## Repository Structure\nKey directories and files:\n- `weapons/*.yaml` -- Individual weapon definitions (409 files, 3800+ lines total)\n- `scripts/erb.rb` -- Main build script that generates all documentation\n- `scripts/validate_weapons.rb` -- Validation script for weapon definitions\n- `README.md` -- Auto-generated main documentation (DO NOT edit manually)\n- `categorize/langs/*.md` -- Auto-generated language-specific lists (19 languages)\n- `categorize/tags/*.md` -- Auto-generated tag-specific lists (73 tags)\n- `.github/workflows/` -- CI/CD automation\n- `.yamllint.yml` -- YAML linting configuration\n\n## Build Process\n**CRITICAL**: The `README.md` and `categorize/*` files are AUTO-GENERATED. Never edit them manually.\n\nBuild and validate workflow:\n1. `ruby ./scripts/erb.rb` -- Generates README.md and all categorize/* files\n2. `ruby ./scripts/validate_weapons.rb` -- Shows validation warnings for incomplete entries\n3. `yamllint weapons/*.yaml` -- Validates YAML syntax and formatting\n\nAll operations complete in under 2 seconds total.\n\n## Adding New Weapons\nCreate a new file in `weapons/<toolname>.yaml` with this exact format:\n\n```yaml\n---\nname: Tool Name\ndescription: Tool description\nurl: https://github.com/owner/repo  # Tool URL\ncategory: tool  # tool | tool-addon | browser-addon | bookmarklet\ntype: Scanner   # Army-knife | Proxy | Recon | Fuzzer | Scanner | Exploit | Env | Utils | Etc\nplatform: [linux, macos, windows]  # linux | macos | windows | firefox | safari | chrome | zap | burpsuite\nlang: Python    # Language: Go | Python | Ruby | JavaScript | etc.\ntags: [xss, sqli]  # Vulnerability/feature tags\n```\n\n**CRITICAL YAML Requirements**:\n- File MUST end with a newline character (yamllint requirement)\n- Use exact platform values: `linux`, `macos`, `windows`, `firefox`, `safari`, `chrome`, `zap`, `burpsuite`\n- Use exact type values from the list above\n- Use exact category values from the list above\n\n## Validation Workflow\n**ALWAYS run these steps after making changes:**\n\n1. **YAML Validation**: `yamllint weapons/*.yaml`\n2. **Build Validation**: `ruby ./scripts/erb.rb`\n3. **Content Validation**: `ruby ./scripts/validate_weapons.rb`\n4. **Manual Check**: Verify your tool appears in the generated README.md\n\n## CI/CD Process\n- **Pull Requests**: Automatically run YAML linting via `.github/workflows/yaml-lint.yml`\n- **Main Branch**: Automatically regenerates README.md and categorize/* files via `.github/workflows/cd.yml`\n- The CI uses Ruby 3.0 and installs `erb` and `yaml` gems\n\n## Common Validation Issues\n- **\"no new line character at the end of file\"**: Add a blank line at the end of YAML files\n- **\"none-lang\" warnings**: Add appropriate `lang:` field for GitHub-hosted tools  \n- **\"undefined method length\"**: Ensure `tags:` field exists and is an array\n- **\"Is a directory\" errors**: Normal warnings from validation script reading directory entries\n\n## Error Examples\n```bash\n# Missing newline error:\n::error file=weapons/tool.yaml,line=9,col=13::9:13 [new-line-at-end-of-file] no new line character at the end of file\n\n# Fix by adding blank line at end of file:\necho \"\" >> weapons/tool.yaml\n```\n\n## Manual Validation Scenarios\nAfter adding a new weapon, verify:\n1. **YAML Syntax**: `yamllint weapons/yourfile.yaml` returns no errors\n2. **Build Success**: `ruby ./scripts/erb.rb` completes without errors\n3. **README Generation**: Your tool appears in the main README.md table\n4. **Tag Creation**: If using new tags, verify `categorize/tags/newtag.md` is created\n5. **Language Categorization**: Verify tool appears in `categorize/langs/Language.md`\n\n## Timing Expectations\n- YAML linting: ~1 second for all 409 files\n- Build script: ~0.3 seconds to generate all documentation\n- Validation script: ~0.1 seconds to check all weapons\n- **Total validation time: ~1.5 seconds**\n\n## Development Notes\n- The repository contains 409+ weapon definitions\n- 73 different tags for categorization\n- 19 programming languages represented\n- All documentation is auto-generated from YAML source files\n- Images are stored in `/images/` directory for badges and logos\n\n## Troubleshooting Workflows\n\n### Complete Weapon Addition Workflow\n```bash\n# 1. Create weapon file\ncat > weapons/newtool.yaml << EOF\n---\nname: New Tool\ndescription: Description of the tool\nurl: https://github.com/owner/repo\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: [xss]\nEOF\n\n# 2. Validate YAML syntax\nyamllint weapons/newtool.yaml\n\n# 3. Build documentation\nruby ./scripts/erb.rb\n\n# 4. Verify tool appears in README\ngrep \"New Tool\" README.md\n\n# 5. Check validation warnings\nruby ./scripts/validate_weapons.rb\n```\n\n### CI/CD Validation Process\nThe GitHub Actions workflows automatically:\n1. **On PR**: Run `yamllint weapons/*.yaml` \n2. **On merge to main**: Run `ruby ./scripts/erb.rb` and commit changes\n\n## Git Workflow Best Practices\n- **Fork the repository** before making changes\n- **Create feature branches** for new weapons or modifications\n- **Test locally** before pushing:\n  ```bash\n  yamllint weapons/*.yaml\n  ruby ./scripts/erb.rb\n  git status  # Check what files changed\n  ```\n- **Commit only** `weapons/*.yaml` changes in PRs\n- **Never commit** auto-generated `README.md` or `categorize/*` files in PRs\n\n## Do NOT Modify\n**These files are auto-generated and will be overwritten:**\n- `README.md`\n- All files in `categorize/langs/`\n- All files in `categorize/tags/`\n\n**Only modify these directories:**\n- `weapons/` -- Add new weapon YAML files\n- `scripts/` -- Modify generation scripts (advanced users only)\n- `images/` -- Add new badges or logos"
  },
  {
    "path": "CODE_OF_CONDUCT.md",
    "content": "# Contributor Covenant Code of Conduct\n\n## Our Pledge\n\nIn the interest of fostering an open and welcoming environment, we as\ncontributors and maintainers pledge to making participation in our project and\nour community a harassment-free experience for everyone, regardless of age, body\nsize, disability, ethnicity, sex characteristics, gender identity and expression,\nlevel of experience, education, socio-economic status, nationality, personal\nappearance, race, religion, or sexual identity and orientation.\n\n## Our Standards\n\nExamples of behavior that contributes to creating a positive environment\ninclude:\n\n* Using welcoming and inclusive language\n* Being respectful of differing viewpoints and experiences\n* Gracefully accepting constructive criticism\n* Focusing on what is best for the community\n* Showing empathy towards other community members\n\nExamples of unacceptable behavior by participants include:\n\n* The use of sexualized language or imagery and unwelcome sexual attention or\n advances\n* Trolling, insulting/derogatory comments, and personal or political attacks\n* Public or private harassment\n* Publishing others' private information, such as a physical or electronic\n address, without explicit permission\n* Other conduct which could reasonably be considered inappropriate in a\n professional setting\n\n## Our Responsibilities\n\nProject maintainers are responsible for clarifying the standards of acceptable\nbehavior and are expected to take appropriate and fair corrective action in\nresponse to any instances of unacceptable behavior.\n\nProject maintainers have the right and responsibility to remove, edit, or\nreject comments, commits, code, wiki edits, issues, and other contributions\nthat are not aligned to this Code of Conduct, or to ban temporarily or\npermanently any contributor for other behaviors that they deem inappropriate,\nthreatening, offensive, or harmful.\n\n## Scope\n\nThis Code of Conduct applies both within project spaces and in public spaces\nwhen an individual is representing the project or its community. Examples of\nrepresenting a project or community include using an official project e-mail\naddress, posting via an official social media account, or acting as an appointed\nrepresentative at an online or offline event. Representation of a project may be\nfurther defined and clarified by project maintainers.\n\n## Enforcement\n\nInstances of abusive, harassing, or otherwise unacceptable behavior may be\nreported by contacting the project team at hahwul@gmail.com. All\ncomplaints will be reviewed and investigated and will result in a response that\nis deemed necessary and appropriate to the circumstances. The project team is\nobligated to maintain confidentiality with regard to the reporter of an incident.\nFurther details of specific enforcement policies may be posted separately.\n\nProject maintainers who do not follow or enforce the Code of Conduct in good\nfaith may face temporary or permanent repercussions as determined by other\nmembers of the project's leadership.\n\n## Attribution\n\nThis Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,\navailable at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html\n\n[homepage]: https://www.contributor-covenant.org\n\nFor answers to common questions about this code of conduct, see\nhttps://www.contributor-covenant.org/faq\n"
  },
  {
    "path": "CONTRIBUTING.md",
    "content": "## ⚠️ Important\nThe paths below is automatically generated. \n\n- `README.md`\n- `categorize/*`\n\nPlease contribute only the `./weapons` and `./scripts`, `./images` directories 😉\n\n## ❤️ Contribute\n### First, Fork Repository\nFork this repository :D\n\n### Second, Write `./weapons/<appname>.yaml` and Commit/PR\nWrite YAML Code. \n```yaml\n---\nname: App Name\ndescription: App Description\nurl: App URL   # https://github.com/hahwul/dalfox\ncategory: tool # tool / tool-addon / browser-addon / bookmarklet\ntype:          # Army-knife / Proxy / Recon / Fuzzer / Scanner / Exploit / Env / Utils / Etc\nplatform:\n- linux        # linux \n- macos        # macos application\n- windows      # windows application\n- firefox      # firefox addon\n- safari       # safari addon\n- chrome       # chrome addon\n- zap          # anything to do with zap (addons, scripts, etc..)\n- burpsuite    # anything to do with burpsuite (extensions, payloads, etc..)\n# If supported crossplatform (OS), you write out all three (linux/macos/windows)\n# If supported zap and burpsuite addon, you write both (zap/burpsuite)\nlang:          # go / python / ruby / rust / etc...\ntags: []       # xss / sqli / ssrf / oast / http / subdomains / etc...\n```\n\n*Sample*\n```yaml\n---\nname: HUNT\ndescription: Identifies common parameters vulnerable to certain vulnerability classes\nurl: https://github.com/bugcrowd/HUNT\ncategory: tool-addon\ntype: Recon\nplatform: [linux, macos, windows, zap, burpsuite]\nlang: Kotlin\ntags: [param]\n```\n\n![1415](https://user-images.githubusercontent.com/13212227/98445635-00db1e00-215c-11eb-8a59-d7d21dd98db0.png)\n\n### Third, There's no third.\n"
  },
  {
    "path": "LICENSE",
    "content": "MIT License\n\nCopyright (c) 2025 하훌\n\nPermission is hereby granted, free of charge, to any person obtaining a copy\nof this software and associated documentation files (the \"Software\"), to deal\nin the Software without restriction, including without limitation the rights\nto use, copy, modify, merge, publish, distribute, sublicense, and/or sell\ncopies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all\ncopies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\nFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\nLIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\nSOFTWARE.\n"
  },
  {
    "path": "README.md",
    "content": "\n<div align=\"center\">\n  <picture>\n    <source media=\"(prefers-color-scheme: dark)\" srcset=\"images/whw-dark.png\" width=\"500px;\">\n    <source media=\"(prefers-color-scheme: light)\" srcset=\"images/whw-light.png\" width=\"500px;\">\n    <img alt=\"WebHackersWeapons Logo\" src=\"images/whw-dark.png\" width=\"500px;\">\n  </picture>\n  <p>A collection of awesome tools used by Web hackers. Happy hacking , Happy bug-hunting!</p>\n</div>\n\n<p align=\"center\">\n<a href=\"https://github.com/hahwul/WebHackersWeapons/blob/main/CONTRIBUTING.md\">\n<img src=\"https://img.shields.io/badge/CONTRIBUTIONS-WELCOME-000000?style=for-the-badge&labelColor=black\"></a>\n</p>\n\n## Family project\n[![WebHackersWeapons](https://img.shields.io/github/stars/hahwul/WebHackersWeapons?label=WebHackersWeapons)](https://github.com/hahwul/WebHackersWeapons)\n[![MobileHackersWeapons](https://img.shields.io/github/stars/hahwul/MobileHackersWeapons?label=MobileHackersWeapons)](https://github.com/hahwul/MobileHackersWeapons)\n\n## Table of Contents\n- [Weapons](#weapons)\n  - [Tools](#tools)\n  - [Bookmarklets](#bookmarklets)\n  - [Browser Addons](#browser-addons)\n  - [Burpsuite, Caido and ZAP Addons](#burpsuite-caido-and-zap-addons)\n- [Contribute](CONTRIBUTING.md)\n- [Thanks to contributor](#thanks-to-contributor)\n\n## Weapons\n*Attributes*\n|       | Attributes                                        |\n|-------|---------------------------------------------------|\n| Types | `Army-Knife` `Proxy` `Recon` `Fuzzer` `Scanner` `Exploit` `Env` `Utils` `Etc`|\n| Tags  | [`mitmproxy`](/categorize/tags/mitmproxy.md) [`live-audit`](/categorize/tags/live-audit.md) [`crawl`](/categorize/tags/crawl.md) [`osint`](/categorize/tags/osint.md) [`recon`](/categorize/tags/recon.md) [`forensics`](/categorize/tags/forensics.md) [`social-engineering`](/categorize/tags/social-engineering.md) [`steganography`](/categorize/tags/steganography.md) [`pentest`](/categorize/tags/pentest.md) [`exploit`](/categorize/tags/exploit.md) [`infra`](/categorize/tags/infra.md) [`http`](/categorize/tags/http.md) [`repeater`](/categorize/tags/repeater.md) [`asn`](/categorize/tags/asn.md) [`network-mapping`](/categorize/tags/network-mapping.md) [`cloud`](/categorize/tags/cloud.md) [`asset-discovery`](/categorize/tags/asset-discovery.md) [`subdomains`](/categorize/tags/subdomains.md) [`dns`](/categorize/tags/dns.md) [`apk`](/categorize/tags/apk.md) [`url`](/categorize/tags/url.md) [`endpoint`](/categorize/tags/endpoint.md) [`csp`](/categorize/tags/csp.md) [`param`](/categorize/tags/param.md) [`ssl`](/categorize/tags/ssl.md) [`tls`](/categorize/tags/tls.md) [`certificates`](/categorize/tags/certificates.md) [`attack-surface`](/categorize/tags/attack-surface.md) [`port`](/categorize/tags/port.md) [`favicon`](/categorize/tags/favicon.md) [`js-analysis`](/categorize/tags/js-analysis.md) [`takeover`](/categorize/tags/takeover.md) [`portscan`](/categorize/tags/portscan.md) [`domain`](/categorize/tags/domain.md) [`online`](/categorize/tags/online.md) [`graphql`](/categorize/tags/graphql.md) [`wordlist`](/categorize/tags/wordlist.md) [`permutation`](/categorize/tags/permutation.md) [`cache-vuln`](/categorize/tags/cache-vuln.md) [`path-traversal`](/categorize/tags/path-traversal.md) [`prototypepollution`](/categorize/tags/prototypepollution.md) [`prototype-pollution`](/categorize/tags/prototype-pollution.md) [`smuggle`](/categorize/tags/smuggle.md) [`fuzz`](/categorize/tags/fuzz.md) [`ssrf`](/categorize/tags/ssrf.md) [`jwt`](/categorize/tags/jwt.md) [`crlf`](/categorize/tags/crlf.md) [`header`](/categorize/tags/header.md) [`ssti`](/categorize/tags/ssti.md) [`vulnerability-scanner`](/categorize/tags/vulnerability-scanner.md) [`dependency-scanning`](/categorize/tags/dependency-scanning.md) [`xss`](/categorize/tags/xss.md) [`s3`](/categorize/tags/s3.md) [`container-security`](/categorize/tags/container-security.md) [`sbom`](/categorize/tags/sbom.md) [`broken-link`](/categorize/tags/broken-link.md) [`cors`](/categorize/tags/cors.md) [`sqli`](/categorize/tags/sqli.md) [`lfi`](/categorize/tags/lfi.md) [`rfi`](/categorize/tags/rfi.md) [`open-redirect`](/categorize/tags/open-redirect.md) [`nosqli`](/categorize/tags/nosqli.md) [`oast`](/categorize/tags/oast.md) [`web-scanner`](/categorize/tags/web-scanner.md) [`aaa`](/categorize/tags/aaa.md) [`dependency-confusion`](/categorize/tags/dependency-confusion.md) [`403`](/categorize/tags/403.md) [`secret-scanning`](/categorize/tags/secret-scanning.md) [`credentials`](/categorize/tags/credentials.md) [`sast`](/categorize/tags/sast.md) [`code-analysis`](/categorize/tags/code-analysis.md) [`aws`](/categorize/tags/aws.md) [`security`](/categorize/tags/security.md) [`terraform`](/categorize/tags/terraform.md) [`xxe`](/categorize/tags/xxe.md) [`RMI`](/categorize/tags/RMI.md) [`rop`](/categorize/tags/rop.md) [`authentication`](/categorize/tags/authentication.md) [`zipbomb`](/categorize/tags/zipbomb.md) [`cidr`](/categorize/tags/cidr.md) [`network`](/categorize/tags/network.md) [`ip-manipulation`](/categorize/tags/ip-manipulation.md) [`deserialize`](/categorize/tags/deserialize.md) [`web3`](/categorize/tags/web3.md) [`gRPC-Web`](/categorize/tags/gRPC-Web.md) [`notify`](/categorize/tags/notify.md) [`documents`](/categorize/tags/documents.md) [`cookie`](/categorize/tags/cookie.md) [`note`](/categorize/tags/note.md) [`blind-xss`](/categorize/tags/blind-xss.md) [`encode`](/categorize/tags/encode.md) [`payload`](/categorize/tags/payload.md) [`darkmode`](/categorize/tags/darkmode.md) [`nuclei-templates`](/categorize/tags/nuclei-templates.md) [`package-manager`](/categorize/tags/package-manager.md) [`tools-management`](/categorize/tags/tools-management.md) [`dom`](/categorize/tags/dom.md) [`race-condition`](/categorize/tags/race-condition.md) [`diff`](/categorize/tags/diff.md) [`clipboard`](/categorize/tags/clipboard.md) [`json`](/categorize/tags/json.md) [`browser-record`](/categorize/tags/browser-record.md) [`report`](/categorize/tags/report.md)                         |\n| Langs | [`Java`](/categorize/langs/Java.md) [`Python`](/categorize/langs/Python.md) [`Ruby`](/categorize/langs/Ruby.md) [`Go`](/categorize/langs/Go.md) [`Shell`](/categorize/langs/Shell.md) [`JavaScript`](/categorize/langs/JavaScript.md) [`Rust`](/categorize/langs/Rust.md) [`Kotlin`](/categorize/langs/Kotlin.md) [`Crystal`](/categorize/langs/Crystal.md) [`C`](/categorize/langs/C.md) [`Perl`](/categorize/langs/Perl.md) [`C#`](/categorize/langs/C%23.md) [`TypeScript`](/categorize/langs/TypeScript.md) [`Txt`](/categorize/langs/Txt.md) [`HTML`](/categorize/langs/HTML.md) [`BlitzBasic`](/categorize/langs/BlitzBasic.md) [`CSS`](/categorize/langs/CSS.md) [`C++`](/categorize/langs/C++.md) [`PHP`](/categorize/langs/PHP.md)                        |\n\n### Tools\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Army-Knife|[ZAP](https://github.com/zaproxy/zaproxy)|The ZAP core project|![](https://img.shields.io/github/stars/zaproxy/zaproxy?label=%20)|[`mitmproxy`](/categorize/tags/mitmproxy.md) [`live-audit`](/categorize/tags/live-audit.md) [`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Army-knife|[Baudrillard Suite](https://github.com/bad-antics/baudrillard-suite)|Cross-platform security research toolkit with OSINT aggregation, memory forensics, social engineering tools, steganography, and predictive threat modeling.|![](https://img.shields.io/github/stars/bad-antics/baudrillard-suite?label=%20)|[`osint`](/categorize/tags/osint.md) [`recon`](/categorize/tags/recon.md) [`forensics`](/categorize/tags/forensics.md) [`social-engineering`](/categorize/tags/social-engineering.md) [`steganography`](/categorize/tags/steganography.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Army-Knife|[Metasploit](https://github.com/rapid7/metasploit-framework)|The world’s most used penetration testing framework|![](https://img.shields.io/github/stars/rapid7/metasploit-framework?label=%20)|[`pentest`](/categorize/tags/pentest.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Army-Knife|[BurpSuite](https://portswigger.net/burp)|The BurpSuite Project||[`mitmproxy`](/categorize/tags/mitmproxy.md) [`live-audit`](/categorize/tags/live-audit.md) [`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Army-knife|[Ronin](https://ronin-rb.dev)|Free and Open Source Ruby Toolkit for Security Research and Development||[`pentest`](/categorize/tags/pentest.md) [`crawl`](/categorize/tags/crawl.md) [`recon`](/categorize/tags/recon.md) [`exploit`](/categorize/tags/exploit.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Army-Knife|[jaeles](https://github.com/jaeles-project/jaeles)|The Swiss Army knife for automated Web Application Testing |![](https://img.shields.io/github/stars/jaeles-project/jaeles?label=%20)|[`live-audit`](/categorize/tags/live-audit.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Army-Knife|[axiom](https://github.com/pry0cc/axiom)|A dynamic infrastructure toolkit for red teamers and bug bounty hunters! |![](https://img.shields.io/github/stars/pry0cc/axiom?label=%20)|[`infra`](/categorize/tags/infra.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Proxy|[Glorp](https://github.com/denandz/glorp)|A CLI-based HTTP intercept and replay proxy|![](https://img.shields.io/github/stars/denandz/glorp?label=%20)|[`mitmproxy`](/categorize/tags/mitmproxy.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Proxy|[Caido](https://caido.io)|A lightweight web security auditing toolkit||[`mitmproxy`](/categorize/tags/mitmproxy.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![caido](/images/caido.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Proxy|[proxify](https://github.com/projectdiscovery/proxify)|Swiss Army knife Proxy tool for HTTP/HTTPS traffic capture, manipulation and replay|![](https://img.shields.io/github/stars/projectdiscovery/proxify?label=%20)|[`mitmproxy`](/categorize/tags/mitmproxy.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Proxy|[hetty](https://github.com/dstotijn/hetty)|Hetty is an HTTP toolkit for security research. It aims to become an open source alternative to commercial software like Burp Suite Pro, with powerful features tailored to the needs of the infosec and bug bounty community.|![](https://img.shields.io/github/stars/dstotijn/hetty?label=%20)|[`mitmproxy`](/categorize/tags/mitmproxy.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Proxy|[mitmproxy](https://github.com/mitmproxy/mitmproxy)|An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.|![](https://img.shields.io/github/stars/mitmproxy/mitmproxy?label=%20)|[`mitmproxy`](/categorize/tags/mitmproxy.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Proxy|[EvilProxy](https://github.com/bbtfr/evil-proxy)|A ruby http/https proxy to do EVIL things.|![](https://img.shields.io/github/stars/bbtfr/evil-proxy?label=%20)|[`mitmproxy`](/categorize/tags/mitmproxy.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Proxy|[Echo Mirage](https://sourceforge.net/projects/echomirage.oldbutgold.p/)|A generic network proxy that uses DLL injection to capture and alter TCP traffic.||[`mitmproxy`](/categorize/tags/mitmproxy.md)|![windows](/images/windows.png)|\n|Recon|[lazyrecon](https://github.com/nahamsec/lazyrecon)|This script is intended to automate your reconnaissance process in an organized fashion |![](https://img.shields.io/github/stars/nahamsec/lazyrecon?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Recon|[asnmap](https://github.com/projectdiscovery/asnmap)|Go CLI and Library for quickly mapping organization network ranges using ASN information|![](https://img.shields.io/github/stars/projectdiscovery/asnmap?label=%20)|[`asn`](/categorize/tags/asn.md) [`network-mapping`](/categorize/tags/network-mapping.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[uncover](https://github.com/projectdiscovery/uncover)|Quickly discover exposed hosts on the internet using multiple search engine.|![](https://img.shields.io/github/stars/projectdiscovery/uncover?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[parameth](https://github.com/maK-/parameth)|This tool can be used to brute discover GET and POST parameters|![](https://img.shields.io/github/stars/maK-/parameth?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[Chaos Web](https://chaos.projectdiscovery.io)| actively scan and maintain internet-wide assets' data. enhance research and analyse changes around DNS for better insights.|||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)|\n|Recon|[cloudlist](https://github.com/projectdiscovery/cloudlist)|Cloudlist is a tool for listing Assets from multiple Cloud Providers|![](https://img.shields.io/github/stars/projectdiscovery/cloudlist?label=%20)|[`cloud`](/categorize/tags/cloud.md) [`asset-discovery`](/categorize/tags/asset-discovery.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[puredns](https://github.com/d3mondev/puredns)|Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.|![](https://img.shields.io/github/stars/d3mondev/puredns?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`dns`](/categorize/tags/dns.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[spiderfoot](https://github.com/smicallef/spiderfoot)|SpiderFoot automates OSINT collection so that you can focus on analysis.|![](https://img.shields.io/github/stars/smicallef/spiderfoot?label=%20)|[`osint`](/categorize/tags/osint.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[subs_all](https://github.com/emadshanab/subs_all)|Subdomain Enumeration Wordlist. 8956437 unique words. Updated. |![](https://img.shields.io/github/stars/emadshanab/subs_all?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)|\n|Recon|[hakrevdns](https://github.com/hakluke/hakrevdns)|Small, fast tool for performing reverse DNS lookups en masse. |![](https://img.shields.io/github/stars/hakluke/hakrevdns?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[3klCon](https://github.com/eslam3kl/3klCon)|Automation Recon tool which works with Large & Medium scopes. It performs more than 20 tasks and gets back all the results in separated files.|![](https://img.shields.io/github/stars/eslam3kl/3klCon?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[apkleaks](https://github.com/dwisiswant0/apkleaks)|Scanning APK file for URIs, endpoints & secrets. |![](https://img.shields.io/github/stars/dwisiswant0/apkleaks?label=%20)|[`apk`](/categorize/tags/apk.md) [`url`](/categorize/tags/url.md) [`endpoint`](/categorize/tags/endpoint.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[waybackurls](https://github.com/tomnomnom/waybackurls)|Fetch all the URLs that the Wayback Machine knows about for a domain |![](https://img.shields.io/github/stars/tomnomnom/waybackurls?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[csprecon](https://github.com/edoardottt/csprecon)|Discover new target domains using Content Security Policy|![](https://img.shields.io/github/stars/edoardottt/csprecon?label=%20)|[`csp`](/categorize/tags/csp.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[dirsearch](https://github.com/maurosoria/dirsearch)|Web path scanner |![](https://img.shields.io/github/stars/maurosoria/dirsearch?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[meg](https://github.com/tomnomnom/meg)|Fetch many paths for many hosts - without killing the hosts |![](https://img.shields.io/github/stars/tomnomnom/meg?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[tlsx](https://github.com/projectdiscovery/tlsx)|Fast and configurable TLS grabber focused on TLS based data collection|![](https://img.shields.io/github/stars/projectdiscovery/tlsx?label=%20)|[`ssl`](/categorize/tags/ssl.md) [`tls`](/categorize/tags/tls.md) [`certificates`](/categorize/tags/certificates.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[rusolver](https://github.com/Edu4rdSHL/rusolver)|Fast and accurate DNS resolver.|![](https://img.shields.io/github/stars/Edu4rdSHL/rusolver?label=%20)|[`dns`](/categorize/tags/dns.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Recon|[Osmedeus](https://github.com/j3ssie/Osmedeus)|Fully automated offensive security framework for reconnaissance and vulnerability scanning |![](https://img.shields.io/github/stars/j3ssie/Osmedeus?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[Sudomy](https://github.com/screetsec/Sudomy)|subdomain enumeration tool to collect subdomains and analyzing domains|![](https://img.shields.io/github/stars/screetsec/Sudomy?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Recon|[ParamWizard](https://github.com/iamunixtz/ParamWizard)|ParamWizard is a powerful Python-based tool designed for extracting and identifying URLs with parameters from a specified website.|![](https://img.shields.io/github/stars/iamunixtz/ParamWizard?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[sn0int](https://github.com/kpcyrd/sn0int)|Semi-automatic OSINT framework and package manager|![](https://img.shields.io/github/stars/kpcyrd/sn0int?label=%20)|[`osint`](/categorize/tags/osint.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Recon|[pagodo](https://github.com/opsdisk/pagodo)|pagodo (Passive Google Dork) - Automate Google Hacking Database scraping and searching|![](https://img.shields.io/github/stars/opsdisk/pagodo?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[reconftw](https://github.com/six2dez/reconftw)|reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities|![](https://img.shields.io/github/stars/six2dez/reconftw?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Recon|[gauplus](https://github.com/bp0lr/gauplus)|A modified version of gau for personal usage. Support workers, proxies and some extra things.|![](https://img.shields.io/github/stars/bp0lr/gauplus?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[SecretFinder](https://github.com/m4ll0k/SecretFinder)|SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files |![](https://img.shields.io/github/stars/m4ll0k/SecretFinder?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[Parth](https://github.com/s0md3v/Parth)|Heuristic Vulnerable Parameter Scanner |![](https://img.shields.io/github/stars/s0md3v/Parth?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[waymore](https://github.com/xnl-h4ck3r/waymore)|Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan, VirusTotal & Intelligence X!|![](https://img.shields.io/github/stars/xnl-h4ck3r/waymore?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[htcat](https://github.com/htcat/htcat)|Parallel and Pipelined HTTP GET Utility |![](https://img.shields.io/github/stars/htcat/htcat?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[github-endpoints](https://github.com/gwen001/github-endpoints)|Find endpoints on GitHub.|![](https://img.shields.io/github/stars/gwen001/github-endpoints?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[scilla](https://github.com/edoardottt/scilla)|🏴‍☠️ Information Gathering tool 🏴‍☠️ dns/subdomain/port enumeration|![](https://img.shields.io/github/stars/edoardottt/scilla?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`dns`](/categorize/tags/dns.md) [`port`](/categorize/tags/port.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[urx](https://github.com/hahwul/urx)|Extracts URLs from OSINT Archives for Security Insights|![](https://img.shields.io/github/stars/hahwul/urx?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Recon|[zdns](https://github.com/zmap/zdns)|Fast CLI DNS Lookup Tool|![](https://img.shields.io/github/stars/zmap/zdns?label=%20)|[`dns`](/categorize/tags/dns.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[bbot](https://github.com/blacklanternsecurity/bbot)|OSINT automation for hackers|![](https://img.shields.io/github/stars/blacklanternsecurity/bbot?label=%20)|[`osint`](/categorize/tags/osint.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[favirecon](https://github.com/edoardottt/favirecon)|Use favicon.ico to improve your target recon phase. Quickly detect technologies, WAF, exposed panels, known services.|![](https://img.shields.io/github/stars/edoardottt/favirecon?label=%20)|[`favicon`](/categorize/tags/favicon.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[httpx](https://github.com/projectdiscovery/httpx)|httpx is a fast and multi-purpose HTTP toolkit allow to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads. |![](https://img.shields.io/github/stars/projectdiscovery/httpx?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[CT_subdomains](https://github.com/internetwache/CT_subdomains)|An hourly updated list of subdomains gathered from certificate transparency logs |![](https://img.shields.io/github/stars/internetwache/CT_subdomains?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)|\n|Recon|[shosubgo](https://github.com/incogbyte/shosubgo)|Small tool to Grab subdomains using Shodan api.|![](https://img.shields.io/github/stars/incogbyte/shosubgo?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[noir](https://github.com/noir-cr/noir)|Attack surface detector that identifies endpoints by static analysis|![](https://img.shields.io/github/stars/noir-cr/noir?label=%20)|[`endpoint`](/categorize/tags/endpoint.md) [`url`](/categorize/tags/url.md) [`attack-surface`](/categorize/tags/attack-surface.md)|![linux](/images/linux.png)![macos](/images/apple.png)[![Crystal](/images/crystal.png)](/categorize/langs/Crystal.md)|\n|Recon|[gowitness](https://github.com/sensepost/gowitness)|🔍 gowitness - a golang, web screenshot utility using Chrome Headless |![](https://img.shields.io/github/stars/sensepost/gowitness?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[Shodan](https://www.shodan.io/)| World's first search engine for Internet-connected devices||[`osint`](/categorize/tags/osint.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)|\n|Recon|[altdns](https://github.com/infosec-au/altdns)|Generates permutations, alterations and mutations of subdomains and then resolves them |![](https://img.shields.io/github/stars/infosec-au/altdns?label=%20)|[`dns`](/categorize/tags/dns.md) [`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[xnLinkFinder](https://github.com/xnl-h4ck3r/xnLinkFinder)|A python tool used to discover endpoints (and potential parameters) for a given target|![](https://img.shields.io/github/stars/xnl-h4ck3r/xnLinkFinder?label=%20)|[`js-analysis`](/categorize/tags/js-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[go-dork](https://github.com/dwisiswant0/go-dork)|The fastest dork scanner written in Go. |![](https://img.shields.io/github/stars/dwisiswant0/go-dork?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[gobuster](https://github.com/OJ/gobuster)|Directory/File, DNS and VHost busting tool written in Go |![](https://img.shields.io/github/stars/OJ/gobuster?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[JSFScan.sh](https://github.com/KathanP19/JSFScan.sh)|Automation for javascript recon in bug bounty. |![](https://img.shields.io/github/stars/KathanP19/JSFScan.sh?label=%20)|[`js-analysis`](/categorize/tags/js-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Recon|[dnsx](https://github.com/projectdiscovery/dnsx)|dnsx is a fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolvers.|![](https://img.shields.io/github/stars/projectdiscovery/dnsx?label=%20)|[`dns`](/categorize/tags/dns.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[goverview](https://github.com/j3ssie/goverview)|goverview - Get an overview of the list of URLs|![](https://img.shields.io/github/stars/j3ssie/goverview?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[BLUTO](https://github.com/darryllane/Bluto)|DNS Analysis Tool|![](https://img.shields.io/github/stars/darryllane/Bluto?label=%20)|[`dns`](/categorize/tags/dns.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[crawlergo](https://github.com/Qianlitp/crawlergo)|A powerful browser crawler for web vulnerability scanners|![](https://img.shields.io/github/stars/Qianlitp/crawlergo?label=%20)|[`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[recon_profile](https://github.com/nahamsec/recon_profile)|Recon profile (bash profile) for bugbounty |![](https://img.shields.io/github/stars/nahamsec/recon_profile?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Recon|[Sub404](https://github.com/r3curs1v3-pr0xy/sub404)|A python tool to check subdomain takeover vulnerability|![](https://img.shields.io/github/stars/r3curs1v3-pr0xy/sub404?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`takeover`](/categorize/tags/takeover.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[Arjun](https://github.com/s0md3v/Arjun)|HTTP parameter discovery suite. |![](https://img.shields.io/github/stars/s0md3v/Arjun?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[xurlfind3r](https://github.com/hueristiq/xurlfind3r)|A command-line utility designed to discover URLs for a given domain in a simple, efficient way.|![](https://img.shields.io/github/stars/hueristiq/xurlfind3r?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[HydraRecon](https://github.com/aufzayed/HydraRecon)|All In One, Fast, Easy Recon Tool|![](https://img.shields.io/github/stars/aufzayed/HydraRecon?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[cariddi](https://github.com/edoardottt/cariddi)|Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more|![](https://img.shields.io/github/stars/edoardottt/cariddi?label=%20)|[`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[knock](https://github.com/guelfoweb/knock)|Knock Subdomain Scan |![](https://img.shields.io/github/stars/guelfoweb/knock?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[Sublist3r](https://github.com/aboul3la/Sublist3r)|Fast subdomains enumeration tool for penetration testers |![](https://img.shields.io/github/stars/aboul3la/Sublist3r?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[uro](https://github.com/s0md3v/uro)|declutters url lists for crawling/pentesting|![](https://img.shields.io/github/stars/s0md3v/uro?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[OneForAll](https://github.com/shmilylty/OneForAll)|OneForAll是一款功能强大的子域收集工具 |![](https://img.shields.io/github/stars/shmilylty/OneForAll?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[Silver](https://github.com/s0md3v/Silver)|Mass scan IPs for vulnerable services |![](https://img.shields.io/github/stars/s0md3v/Silver?label=%20)|[`port`](/categorize/tags/port.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[haktrails](https://github.com/hakluke/haktrails)|Golang client for querying SecurityTrails API data|![](https://img.shields.io/github/stars/hakluke/haktrails?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[dmut](https://github.com/bp0lr/dmut)|A tool to perform permutations, mutations and alteration of subdomains in golang.|![](https://img.shields.io/github/stars/bp0lr/dmut?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[assetfinder](https://github.com/tomnomnom/assetfinder)|Find domains and subdomains related to a given domain |![](https://img.shields.io/github/stars/tomnomnom/assetfinder?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[gospider](https://github.com/jaeles-project/gospider)|Gospider - Fast web spider written in Go |![](https://img.shields.io/github/stars/jaeles-project/gospider?label=%20)|[`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[megplus](https://github.com/EdOverflow/megplus)|Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED] |![](https://img.shields.io/github/stars/EdOverflow/megplus?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Recon|[naabu](https://github.com/projectdiscovery/naabu)|A fast port scanner written in go with focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests |![](https://img.shields.io/github/stars/projectdiscovery/naabu?label=%20)|[`portscan`](/categorize/tags/portscan.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[dnsprobe](https://github.com/projectdiscovery/dnsprobe)|DNSProb (beta) is a tool built on top of retryabledns that allows you to perform multiple dns queries of your choice with a list of user supplied resolvers. |![](https://img.shields.io/github/stars/projectdiscovery/dnsprobe?label=%20)|[`dns`](/categorize/tags/dns.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[longtongue](https://github.com/edoardottt/longtongue)|Customized Password/Passphrase List inputting Target Info|![](https://img.shields.io/github/stars/edoardottt/longtongue?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[GitMiner](https://github.com/UnkL4b/GitMiner)|Tool for advanced mining for content on Github |![](https://img.shields.io/github/stars/UnkL4b/GitMiner?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[ParamSpider](https://github.com/devanshbatham/ParamSpider)|Mining parameters from dark corners of Web Archives |![](https://img.shields.io/github/stars/devanshbatham/ParamSpider?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[urlhunter](https://github.com/utkusen/urlhunter)|a recon tool that allows searching on URLs that are exposed via shortener services|![](https://img.shields.io/github/stars/utkusen/urlhunter?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[hakrawler](https://github.com/hakluke/hakrawler)|Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application |![](https://img.shields.io/github/stars/hakluke/hakrawler?label=%20)|[`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[github-subdomains](https://github.com/gwen001/github-subdomains)|Find subdomains on GitHub|![](https://img.shields.io/github/stars/gwen001/github-subdomains?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[BugBountyScanner](https://github.com/chvancooten/BugBountyScanner)|A Bash script and Docker image for Bug Bounty reconnaissance.|![](https://img.shields.io/github/stars/chvancooten/BugBountyScanner?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Recon|[x8](https://github.com/Sh1Yo/x8)|Hidden parameters discovery suite|![](https://img.shields.io/github/stars/Sh1Yo/x8?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Recon|[gitrob](https://github.com/michenriksen/gitrob)|Reconnaissance tool for GitHub organizations |![](https://img.shields.io/github/stars/michenriksen/gitrob?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[Hunt3r](https://github.com/EasyRecon/Hunt3r)|Made your bugbounty subdomains reconnaissance easier with Hunt3r the web application reconnaissance framework|![](https://img.shields.io/github/stars/EasyRecon/Hunt3r?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Recon|[aquatone](https://github.com/michenriksen/aquatone)|A Tool for Domain Flyovers |![](https://img.shields.io/github/stars/michenriksen/aquatone?label=%20)|[`domain`](/categorize/tags/domain.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[DNSDumpster](https://dnsdumpster.com)| Online dns recon & research, find & lookup dns records||[`dns`](/categorize/tags/dns.md) [`online`](/categorize/tags/online.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)|\n|Recon|[dnsvalidator](https://github.com/vortexau/dnsvalidator)|Maintains a list of IPv4 DNS servers by verifying them against baseline servers, and ensuring accurate responses.|![](https://img.shields.io/github/stars/vortexau/dnsvalidator?label=%20)|[`dns`](/categorize/tags/dns.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[STEWS](https://github.com/PalindromeLabs/STEWS)|A Security Tool for Enumerating WebSockets|![](https://img.shields.io/github/stars/PalindromeLabs/STEWS?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[Amass](https://github.com/OWASP/Amass)|In-depth Attack Surface Mapping and Asset Discovery |![](https://img.shields.io/github/stars/OWASP/Amass?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[SubBrute](https://github.com/aboul3la/Sublist3r)|https://github.com/TheRook/subbrute|![](https://img.shields.io/github/stars/aboul3la/Sublist3r?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[getJS](https://github.com/003random/getJS)|A tool to fastly get all javascript sources/files|![](https://img.shields.io/github/stars/003random/getJS?label=%20)|[`js-analysis`](/categorize/tags/js-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[HostHunter](https://github.com/SpiderLabs/HostHunter)|Recon tool for discovering hostnames using OSINT techniques.|![](https://img.shields.io/github/stars/SpiderLabs/HostHunter?label=%20)|[`osint`](/categorize/tags/osint.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[masscan](https://github.com/robertdavidgraham/masscan)|TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes. |![](https://img.shields.io/github/stars/robertdavidgraham/masscan?label=%20)|[`portscan`](/categorize/tags/portscan.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![C](/images/c.png)](/categorize/langs/C.md)|\n|Recon|[subgen](https://github.com/pry0cc/subgen)|A really simple utility to concate wordlists to a domain name - to pipe into your favourite resolver!|![](https://img.shields.io/github/stars/pry0cc/subgen?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[shuffledns](https://github.com/projectdiscovery/shuffledns)|shuffleDNS is a wrapper around massdns written in go that allows you to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard handling and easy input-output support. |![](https://img.shields.io/github/stars/projectdiscovery/shuffledns?label=%20)|[`dns`](/categorize/tags/dns.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[subfinder](https://github.com/projectdiscovery/subfinder)|Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing. |![](https://img.shields.io/github/stars/projectdiscovery/subfinder?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[Photon](https://github.com/s0md3v/Photon)|Incredibly fast crawler designed for OSINT. |![](https://img.shields.io/github/stars/s0md3v/Photon?label=%20)|[`osint`](/categorize/tags/osint.md) [`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[Lepus](https://github.com/gfek/Lepus)|Subdomain finder|![](https://img.shields.io/github/stars/gfek/Lepus?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[SubOver](https://github.com/Ice3man543/SubOver)|A Powerful Subdomain Takeover Tool|![](https://img.shields.io/github/stars/Ice3man543/SubOver?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`takeover`](/categorize/tags/takeover.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[SecurityTrails](https://securitytrails.com)| Online dns / subdomain / recon tool||[`subdomains`](/categorize/tags/subdomains.md) [`online`](/categorize/tags/online.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)|\n|Recon|[rengine](https://github.com/yogeshojha/rengine)|reNgine is an automated reconnaissance framework meant for gathering information during penetration testing of web applications. reNgine has customizable scan engines, which can be used to scan the websites, endpoints, and gather information. |![](https://img.shields.io/github/stars/yogeshojha/rengine?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Recon|[graphw00f](https://github.com/dolevf/graphw00f)|GraphQL Server Engine Fingerprinting utility|![](https://img.shields.io/github/stars/dolevf/graphw00f?label=%20)|[`graphql`](/categorize/tags/graphql.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[jsluice](https://github.com/BishopFox/jsluice)|Extract URLs, paths, secrets, and other interesting bits from JavaScript|![](https://img.shields.io/github/stars/BishopFox/jsluice?label=%20)|[`js-analysis`](/categorize/tags/js-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[subjs](https://github.com/lc/subjs)|Fetches javascript file from a list of URLS or subdomains.|![](https://img.shields.io/github/stars/lc/subjs?label=%20)|[`url`](/categorize/tags/url.md) [`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[katana](https://github.com/projectdiscovery/katana)|A next-generation crawling and spidering framework.|![](https://img.shields.io/github/stars/projectdiscovery/katana?label=%20)|[`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[subzy](https://github.com/LukaSikic/subzy)|Subdomain takeover vulnerability checker|![](https://img.shields.io/github/stars/LukaSikic/subzy?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`takeover`](/categorize/tags/takeover.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[RustScan](https://github.com/brandonskerritt/RustScan)|Faster Nmap Scanning with Rust |![](https://img.shields.io/github/stars/brandonskerritt/RustScan?label=%20)|[`portscan`](/categorize/tags/portscan.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Recon|[subjack](https://github.com/haccer/subjack)|Subdomain Takeover tool written in Go |![](https://img.shields.io/github/stars/haccer/subjack?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`takeover`](/categorize/tags/takeover.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[gau](https://github.com/lc/gau)|Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.|![](https://img.shields.io/github/stars/lc/gau?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[chaos-client](https://github.com/projectdiscovery/chaos-client)|Go client to communicate with Chaos DNS API. |![](https://img.shields.io/github/stars/projectdiscovery/chaos-client?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[cc.py](https://github.com/si9int/cc.py)|Extracting URLs of a specific target based on the results of \"commoncrawl.org\" |![](https://img.shields.io/github/stars/si9int/cc.py?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[intrigue-core](https://github.com/intrigueio/intrigue-core)|Discover Your Attack Surface |![](https://img.shields.io/github/stars/intrigueio/intrigue-core?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Recon|[Smap](https://github.com/s0md3v/smap/)|a drop-in replacement for Nmap powered by shodan.io|![](https://img.shields.io/github/stars/s0md3v/smap/?label=%20)|[`port`](/categorize/tags/port.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[fhc](https://github.com/Edu4rdSHL/fhc)|Fast HTTP Checker.|![](https://img.shields.io/github/stars/Edu4rdSHL/fhc?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Recon|[alterx](https://github.com/projectdiscovery/alterx)|Fast and customizable subdomain wordlist generator using DSL|![](https://img.shields.io/github/stars/projectdiscovery/alterx?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`wordlist`](/categorize/tags/wordlist.md) [`permutation`](/categorize/tags/permutation.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[FavFreak](https://github.com/devanshbatham/FavFreak)|Making Favicon.ico based Recon Great again ! |![](https://img.shields.io/github/stars/devanshbatham/FavFreak?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[LinkFinder](https://github.com/GerbenJavado/LinkFinder)|A python script that finds endpoints in JavaScript files |![](https://img.shields.io/github/stars/GerbenJavado/LinkFinder?label=%20)|[`js-analysis`](/categorize/tags/js-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[findomain](https://github.com/Edu4rdSHL/findomain)|The fastest and cross-platform subdomain enumerator, do not waste your time. |![](https://img.shields.io/github/stars/Edu4rdSHL/findomain?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Fuzzer|[ParamPamPam](https://github.com/Bo0oM/ParamPamPam)|This tool for brute discover GET and POST parameters.|![](https://img.shields.io/github/stars/Bo0oM/ParamPamPam?label=%20)|[`param`](/categorize/tags/param.md) [`cache-vuln`](/categorize/tags/cache-vuln.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Fuzzer|[wfuzz](https://github.com/xmendez/wfuzz)|Web application fuzzer |![](https://img.shields.io/github/stars/xmendez/wfuzz?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Fuzzer|[dotdotpwn](https://github.com/wireghoul/dotdotpwn)|DotDotPwn - The Directory Traversal Fuzzer |![](https://img.shields.io/github/stars/wireghoul/dotdotpwn?label=%20)|[`path-traversal`](/categorize/tags/path-traversal.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Perl](/images/perl.png)](/categorize/langs/Perl.md)|\n|Fuzzer|[ppfuzz](https://github.com/dwisiswant0/ppfuzz)|A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀|![](https://img.shields.io/github/stars/dwisiswant0/ppfuzz?label=%20)|[`prototypepollution`](/categorize/tags/prototypepollution.md) [`prototype-pollution`](/categorize/tags/prototype-pollution.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Fuzzer|[Clairvoyance](https://github.com/nikitastupin/clairvoyance)|Obtain GraphQL API schema even if the introspection is disabled|![](https://img.shields.io/github/stars/nikitastupin/clairvoyance?label=%20)|[`graphql`](/categorize/tags/graphql.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Fuzzer|[SmuggleFuzz](https://github.com/Moopinger/smugglefuzz/)|A rapid HTTP downgrade smuggling scanner written in Go.|![](https://img.shields.io/github/stars/Moopinger/smugglefuzz/?label=%20)|[`smuggle`](/categorize/tags/smuggle.md) [`fuzz`](/categorize/tags/fuzz.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Fuzzer|[BatchQL](https://github.com/assetnote/batchql)|GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations|![](https://img.shields.io/github/stars/assetnote/batchql?label=%20)|[`graphql`](/categorize/tags/graphql.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Fuzzer|[SSRFmap](https://github.com/swisskyrepo/SSRFmap)|Automatic SSRF fuzzer and exploitation tool |![](https://img.shields.io/github/stars/swisskyrepo/SSRFmap?label=%20)|[`ssrf`](/categorize/tags/ssrf.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Fuzzer|[fuzzparam](https://github.com/0xsapra/fuzzparam)|A fast go based param miner to fuzz possible parameters a URL can have.|![](https://img.shields.io/github/stars/0xsapra/fuzzparam?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Fuzzer|[SSRFire](https://github.com/ksharinarayanan/SSRFire)|An automated SSRF finder. Just give the domain name and your server and chill|![](https://img.shields.io/github/stars/ksharinarayanan/SSRFire?label=%20)|[`ssrf`](/categorize/tags/ssrf.md)|![linux](/images/linux.png)![macos](/images/apple.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Fuzzer|[kiterunner](https://github.com/assetnote/kiterunner)|Contextual Content Discovery Tool|![](https://img.shields.io/github/stars/assetnote/kiterunner?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Fuzzer|[c-jwt-cracker](https://github.com/brendan-rius/c-jwt-cracker)|JWT brute force cracker written in C |![](https://img.shields.io/github/stars/brendan-rius/c-jwt-cracker?label=%20)|[`jwt`](/categorize/tags/jwt.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![C](/images/c.png)](/categorize/langs/C.md)|\n|Fuzzer|[ffuf](https://github.com/ffuf/ffuf)|Fast web fuzzer written in Go |![](https://img.shields.io/github/stars/ffuf/ffuf?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Fuzzer|[crlfuzz](https://github.com/dwisiswant0/crlfuzz)|A fast tool to scan CRLF vulnerability written in Go |![](https://img.shields.io/github/stars/dwisiswant0/crlfuzz?label=%20)|[`crlf`](/categorize/tags/crlf.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Fuzzer|[hashcat](https://github.com/hashcat/hashcat/)|World's fastest and most advanced password recovery utility |![](https://img.shields.io/github/stars/hashcat/hashcat/?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![C](/images/c.png)](/categorize/langs/C.md)|\n|Fuzzer|[BruteX](https://github.com/1N3/BruteX)|Automatically brute force all services running on a target.|![](https://img.shields.io/github/stars/1N3/BruteX?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Fuzzer|[thc-hydra](https://github.com/vanhauser-thc/thc-hydra)|hydra |![](https://img.shields.io/github/stars/vanhauser-thc/thc-hydra?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![C](/images/c.png)](/categorize/langs/C.md)|\n|Fuzzer|[medusa](https://github.com/riza/medusa)|Fastest recursive HTTP fuzzer, like a Ferrari. |![](https://img.shields.io/github/stars/riza/medusa?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Fuzzer|[headerpwn](https://github.com/devanshbatham/headerpwn)|A fuzzer for finding anomalies and analyzing how servers respond to different HTTP headers|![](https://img.shields.io/github/stars/devanshbatham/headerpwn?label=%20)|[`header`](/categorize/tags/header.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Fuzzer|[jwt-hack](https://github.com/hahwul/jwt-hack)|🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)|![](https://img.shields.io/github/stars/hahwul/jwt-hack?label=%20)|[`jwt`](/categorize/tags/jwt.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Fuzzer|[CrackQL](https://github.com/nicholasaleks/CrackQL)|CrackQL is a GraphQL password brute-force and fuzzing utility.|![](https://img.shields.io/github/stars/nicholasaleks/CrackQL?label=%20)|[`graphql`](/categorize/tags/graphql.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Fuzzer|[feroxbuster](https://github.com/epi052/feroxbuster)|A fast, simple, recursive content discovery tool written in Rust.|![](https://img.shields.io/github/stars/epi052/feroxbuster?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Fuzzer|[SSTImap](https://github.com/vladko312/SSTImap)|Automatic SSTI detection tool with interactive interface|![](https://img.shields.io/github/stars/vladko312/SSTImap?label=%20)|[`ssti`](/categorize/tags/ssti.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Fuzzer|[GraphQLmap](https://github.com/swisskyrepo/GraphQLmap)|GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes.|![](https://img.shields.io/github/stars/swisskyrepo/GraphQLmap?label=%20)|[`graphql`](/categorize/tags/graphql.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Fuzzer|[jwt-cracker](https://github.com/lmammino/jwt-cracker)|Simple HS256 JWT token brute force cracker |![](https://img.shields.io/github/stars/lmammino/jwt-cracker?label=%20)|[`jwt`](/categorize/tags/jwt.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Scanner|[web_cache_poison](https://github.com/fngoo/web_cache_poison)|web cache poison - Top 1 web hacking technique of 2019|![](https://img.shields.io/github/stars/fngoo/web_cache_poison?label=%20)|[`cache-vuln`](/categorize/tags/cache-vuln.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Scanner|[ws-smuggler](https://github.com/hahwul/ws-smuggler)|WebSocket Connection Smuggler|![](https://img.shields.io/github/stars/hahwul/ws-smuggler?label=%20)|[`smuggle`](/categorize/tags/smuggle.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[Oralyzer](https://github.com/r0075h3ll/Oralyzer)|Open Redirection Analyzer|![](https://img.shields.io/github/stars/r0075h3ll/Oralyzer?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[osv-scanner](https://github.com/google/osv-scanner)|Vulnerability scanner which uses the OSV database to find vulnerabilities in open source projects|![](https://img.shields.io/github/stars/google/osv-scanner?label=%20)|[`vulnerability-scanner`](/categorize/tags/vulnerability-scanner.md) [`dependency-scanning`](/categorize/tags/dependency-scanning.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[PwnXSS](https://github.com/pwn0sec/PwnXSS)|Vulnerability (XSS) scanner exploit|![](https://img.shields.io/github/stars/pwn0sec/PwnXSS?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[HRS](https://github.com/SafeBreach-Labs/HRS)|HTTP Request Smuggling demonstration Perl script, for variants 1, 2 and 5 in my BlackHat US 2020 paper HTTP Request Smuggling in 2020.|![](https://img.shields.io/github/stars/SafeBreach-Labs/HRS?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Perl](/images/perl.png)](/categorize/langs/Perl.md)|\n|Scanner|[AWSBucketDump](https://github.com/jordanpotti/AWSBucketDump)|Security Tool to Look For Interesting Files in S3 Buckets|![](https://img.shields.io/github/stars/jordanpotti/AWSBucketDump?label=%20)|[`s3`](/categorize/tags/s3.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[nmap](https://github.com/nmap/nmap)|Nmap - the Network Mapper. Github mirror of official SVN repository. |![](https://img.shields.io/github/stars/nmap/nmap?label=%20)|[`portscan`](/categorize/tags/portscan.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![C](/images/c.png)](/categorize/langs/C.md)|\n|Scanner|[zap-cli](https://github.com/Grunny/zap-cli)|A simple tool for interacting with OWASP ZAP from the commandline. |![](https://img.shields.io/github/stars/Grunny/zap-cli?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[LFISuite](https://github.com/D35m0nd142/LFISuite)|Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner |![](https://img.shields.io/github/stars/D35m0nd142/LFISuite?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[trivy](https://github.com/aquasecurity/trivy)|Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more|![](https://img.shields.io/github/stars/aquasecurity/trivy?label=%20)|[`vulnerability-scanner`](/categorize/tags/vulnerability-scanner.md) [`container-security`](/categorize/tags/container-security.md) [`sbom`](/categorize/tags/sbom.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[Deadsniper](https://github.com/port19x/deadsniper)|A fast, specialized dead-link checker|![](https://img.shields.io/github/stars/port19x/deadsniper?label=%20)|[`broken-link`](/categorize/tags/broken-link.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[gitleaks](https://github.com/zricethezav/gitleaks)|Scan git repos (or files) for secrets using regex and entropy 🔑|![](https://img.shields.io/github/stars/zricethezav/gitleaks?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[Corsy](https://github.com/s0md3v/Corsy)|CORS Misconfiguration Scanner |![](https://img.shields.io/github/stars/s0md3v/Corsy?label=%20)|[`cors`](/categorize/tags/cors.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[V3n0M-Scanner](https://github.com/v3n0m-Scanner/V3n0M-Scanner)|Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns|![](https://img.shields.io/github/stars/v3n0m-Scanner/V3n0M-Scanner?label=%20)|[`sqli`](/categorize/tags/sqli.md) [`xss`](/categorize/tags/xss.md) [`lfi`](/categorize/tags/lfi.md) [`rfi`](/categorize/tags/rfi.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[commix](https://github.com/commixproject/commix)|Automated All-in-One OS Command Injection Exploitation Tool.|![](https://img.shields.io/github/stars/commixproject/commix?label=%20)|[`exploit`](/categorize/tags/exploit.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[Chromium-based-XSS-Taint-Tracking](https://github.com/v8blink/Chromium-based-XSS-Taint-Tracking)|Cyclops is a web browser with XSS detection feature, it is chromium-based xss detection that used to find the flows from a source to a sink.|![](https://img.shields.io/github/stars/v8blink/Chromium-based-XSS-Taint-Tracking?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)|\n|Scanner|[scan4all](https://github.com/hktalent/scan4all)|Official repository vuls Scan|![](https://img.shields.io/github/stars/hktalent/scan4all?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[LOXS](https://github.com/coffinxp/loxs)|best tool for finding SQLi,CRLF,XSS,LFi,OpenRedirect|![](https://img.shields.io/github/stars/coffinxp/loxs?label=%20)|[`xss`](/categorize/tags/xss.md) [`sqli`](/categorize/tags/sqli.md) [`crlf`](/categorize/tags/crlf.md) [`lfi`](/categorize/tags/lfi.md) [`open-redirect`](/categorize/tags/open-redirect.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[NoSQLMap](https://github.com/codingo/NoSQLMap)|Automated NoSQL database enumeration and web application exploitation tool. |![](https://img.shields.io/github/stars/codingo/NoSQLMap?label=%20)|[`nosqli`](/categorize/tags/nosqli.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[httprobe](https://github.com/tomnomnom/httprobe)|Take a list of domains and probe for working HTTP and HTTPS servers |![](https://img.shields.io/github/stars/tomnomnom/httprobe?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[XSpear](https://github.com/hahwul/XSpear)|Powerfull XSS Scanning and Parameter analysis tool&gem |![](https://img.shields.io/github/stars/hahwul/XSpear?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Scanner|[corsair_scan](https://github.com/Santandersecurityresearch/corsair_scan)|Corsair_scan is a security tool to test Cross-Origin Resource Sharing (CORS).|![](https://img.shields.io/github/stars/Santandersecurityresearch/corsair_scan?label=%20)|[`cors`](/categorize/tags/cors.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[sqlmap](https://github.com/sqlmapproject/sqlmap)|Automatic SQL injection and database takeover tool|![](https://img.shields.io/github/stars/sqlmapproject/sqlmap?label=%20)|[`sqli`](/categorize/tags/sqli.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[DSSS](https://github.com/stamparm/DSSS)|Damn Small SQLi Scanner|![](https://img.shields.io/github/stars/stamparm/DSSS?label=%20)|[`sqli`](/categorize/tags/sqli.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[CMSmap](https://github.com/dionach/CMSmap)|CMSmap is a python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs.|![](https://img.shields.io/github/stars/dionach/CMSmap?label=%20)|[`web-scanner`](/categorize/tags/web-scanner.md) [`vulnerability-scanner`](/categorize/tags/vulnerability-scanner.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[NoXss](https://github.com/lwzSoviet/)|Faster xss scanner,support reflected-xss and dom-xss|![](https://img.shields.io/github/stars/lwzSoviet/?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[XSStrike](https://github.com/s0md3v/XSStrike)|Most advanced XSS scanner. |![](https://img.shields.io/github/stars/s0md3v/XSStrike?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[pphack](https://github.com/edoardottt/pphack)|The Most Advanced Client-Side Prototype Pollution Scanner|![](https://img.shields.io/github/stars/edoardottt/pphack?label=%20)|[`prototypepollution`](/categorize/tags/prototypepollution.md) [`prototype-pollution`](/categorize/tags/prototype-pollution.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[sqliv](https://github.com/the-robot/sqliv)|massive SQL injection vulnerability scanner|![](https://img.shields.io/github/stars/the-robot/sqliv?label=%20)|[`sqli`](/categorize/tags/sqli.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[PPScan](https://github.com/msrkp/PPScan)|Client Side Prototype Pollution Scanner|![](https://img.shields.io/github/stars/msrkp/PPScan?label=%20)|[`prototypepollution`](/categorize/tags/prototypepollution.md) [`prototype-pollution`](/categorize/tags/prototype-pollution.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Scanner|[FockCache](https://github.com/tismayil/fockcache)|Minimalized Test Cache Poisoning|![](https://img.shields.io/github/stars/tismayil/fockcache?label=%20)|[`cache-vuln`](/categorize/tags/cache-vuln.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[jsprime](https://github.com/dpnishant/jsprime)|a javascript static security analysis tool|![](https://img.shields.io/github/stars/dpnishant/jsprime?label=%20)|[`js-analysis`](/categorize/tags/js-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Scanner|[h2csmuggler](https://github.com/assetnote/h2csmuggler)|HTTP Request Smuggling Detection Tool|![](https://img.shields.io/github/stars/assetnote/h2csmuggler?label=%20)|[`smuggle`](/categorize/tags/smuggle.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[arachni](https://github.com/Arachni/arachni)|Web Application Security Scanner Framework |![](https://img.shields.io/github/stars/Arachni/arachni?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Scanner|[nosqli](https://github.com/Charlie-belmer/nosqli)|NoSql Injection CLI tool|![](https://img.shields.io/github/stars/Charlie-belmer/nosqli?label=%20)|[`nosqli`](/categorize/tags/nosqli.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[depenfusion](https://github.com/benjamin-mauss/depenfusion)|A powerful pentesting tool for detecting and exploiting dependency confusion vulnerabilities in Node.js projects|![](https://img.shields.io/github/stars/benjamin-mauss/depenfusion?label=%20)|[`dependency-confusion`](/categorize/tags/dependency-confusion.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[xsssniper](https://github.com/gbrindisi/xsssniper)|An automatic XSS discovery tool|![](https://img.shields.io/github/stars/gbrindisi/xsssniper?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[DeepViolet](https://github.com/spoofzu/DeepViolet)|Tool for introspection of SSL\\TLS sessions|![](https://img.shields.io/github/stars/spoofzu/DeepViolet?label=%20)|[`ssl`](/categorize/tags/ssl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Scanner|[dontgo403](https://github.com/devploit/dontgo403)|Tool to bypass 40X response codes.|![](https://img.shields.io/github/stars/devploit/dontgo403?label=%20)|[`403`](/categorize/tags/403.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[testssl.sh](https://github.com/drwetter/testssl.sh)|Testing TLS/SSL encryption anywhere on any port |![](https://img.shields.io/github/stars/drwetter/testssl.sh?label=%20)|[`ssl`](/categorize/tags/ssl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Scanner|[DOMPurify](https://github.com/cure53/DOMPurify)|DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:|![](https://img.shields.io/github/stars/cure53/DOMPurify?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Scanner|[SQLiDetector](https://github.com/eslam3kl/SQLiDetector)|Simple python script supported with BurpBouty profile that helps you to detect SQL injection \"Error based\" by sending multiple requests with 14 payloads and checking for 152 regex patterns for different databases.|![](https://img.shields.io/github/stars/eslam3kl/SQLiDetector?label=%20)|[`sqli`](/categorize/tags/sqli.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[ditto](https://github.com/evilsocket/ditto)|A tool for IDN homograph attacks and detection.|![](https://img.shields.io/github/stars/evilsocket/ditto?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[S3Scanner](https://github.com/sa7mon/S3Scanner)|Scan for open AWS S3 buckets and dump the contents |![](https://img.shields.io/github/stars/sa7mon/S3Scanner?label=%20)|[`s3`](/categorize/tags/s3.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[wprecon](https://github.com/blackcrw/wprecon)|Hello! Welcome. Wprecon (Wordpress Recon), is a vulnerability recognition tool in CMS Wordpress, 100% developed in Go.|![](https://img.shields.io/github/stars/blackcrw/wprecon?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[websocket-connection-smuggler](https://github.com/hahwul/websocket-connection-smuggler)|websocket-connection-smuggler|![](https://img.shields.io/github/stars/hahwul/websocket-connection-smuggler?label=%20)|[`smuggle`](/categorize/tags/smuggle.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[http-request-smuggling](https://github.com/anshumanpattnaik/http-request-smuggling)|HTTP Request Smuggling Detection Tool|![](https://img.shields.io/github/stars/anshumanpattnaik/http-request-smuggling?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[hinject](https://github.com/dwisiswant0/hinject)|Host Header Injection Checker |![](https://img.shields.io/github/stars/dwisiswant0/hinject?label=%20)|[`header`](/categorize/tags/header.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[ppmap](https://github.com/kleiton0x00/ppmap)|A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.|![](https://img.shields.io/github/stars/kleiton0x00/ppmap?label=%20)|[`prototypepollution`](/categorize/tags/prototypepollution.md) [`prototype-pollution`](/categorize/tags/prototype-pollution.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[rapidscan](https://github.com/skavngr/rapidscan)|The Multi-Tool Web Vulnerability Scanner. |![](https://img.shields.io/github/stars/skavngr/rapidscan?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[ConfusedDotnet](https://github.com/visma-prodsec/ConfusedDotnet)|Tool to check for dependency confusion vulnerabilities in NuGet package management systems|![](https://img.shields.io/github/stars/visma-prodsec/ConfusedDotnet?label=%20)|[`dependency-confusion`](/categorize/tags/dependency-confusion.md)|![windows](/images/windows.png)[![C#](/images/c%23.png)](/categorize/langs/C%23.md)|\n|Scanner|[OpenRedireX](https://github.com/devanshbatham/OpenRedireX)|A Fuzzer for OpenRedirect issues|![](https://img.shields.io/github/stars/devanshbatham/OpenRedireX?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[http2smugl](https://github.com/neex/http2smugl)|This tool helps to detect and exploit HTTP request smuggling in cases it can be achieved via HTTP/2 -> HTTP/1.1 conversion by the frontend server.|![](https://img.shields.io/github/stars/neex/http2smugl?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[Web-Cache-Vulnerability-Scanner](https://github.com/Hackmanit/Web-Cache-Vulnerability-Scanner)|Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).|![](https://img.shields.io/github/stars/Hackmanit/Web-Cache-Vulnerability-Scanner?label=%20)|[`cache-vuln`](/categorize/tags/cache-vuln.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[headi](https://github.com/mlcsec/headi)|Customisable  and automated HTTP header injection|![](https://img.shields.io/github/stars/mlcsec/headi?label=%20)|[`header`](/categorize/tags/header.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[ssrf-sheriff](https://github.com/teknogeek/ssrf-sheriff)|A simple SSRF-testing sheriff written in Go |![](https://img.shields.io/github/stars/teknogeek/ssrf-sheriff?label=%20)|[`ssrf`](/categorize/tags/ssrf.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[S3cret Scanner](https://github.com/Eilonh/s3crets_scanner)|Hunting For Secrets Uploaded To Public S3 Buckets|![](https://img.shields.io/github/stars/Eilonh/s3crets_scanner?label=%20)|[`s3`](/categorize/tags/s3.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[CorsMe](https://github.com/Shivangx01b/CorsMe)|Cross Origin Resource Sharing MisConfiguration Scanner |![](https://img.shields.io/github/stars/Shivangx01b/CorsMe?label=%20)|[`cors`](/categorize/tags/cors.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[Striker](https://github.com/s0md3v/Striker)|Striker is an offensive information and vulnerability scanner. |![](https://img.shields.io/github/stars/s0md3v/Striker?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[a2sv](https://github.com/hahwul/a2sv)|Auto Scanning to SSL Vulnerability |![](https://img.shields.io/github/stars/hahwul/a2sv?label=%20)|[`ssl`](/categorize/tags/ssl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[autopoisoner](https://github.com/Th0h0/autopoisoner)|Web cache poisoning vulnerability scanner.|![](https://img.shields.io/github/stars/Th0h0/autopoisoner?label=%20)|[`cache-vuln`](/categorize/tags/cache-vuln.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[trufflehog](https://github.com/trufflesecurity/trufflehog)|Find and verify credentials in git repositories, filesystems, and S3 buckets|![](https://img.shields.io/github/stars/trufflesecurity/trufflehog?label=%20)|[`secret-scanning`](/categorize/tags/secret-scanning.md) [`credentials`](/categorize/tags/credentials.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[dalfox](https://github.com/hahwul/dalfox)|🌘🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.|![](https://img.shields.io/github/stars/hahwul/dalfox?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[tplmap](https://github.com/epinna/tplmap)|Server-Side Template Injection and Code Injection Detection and Exploitation Tool|![](https://img.shields.io/github/stars/epinna/tplmap?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[plution](https://github.com/raverrr/plution)|Prototype pollution scanner using headless chrome|![](https://img.shields.io/github/stars/raverrr/plution?label=%20)|[`prototypepollution`](/categorize/tags/prototypepollution.md) [`prototype-pollution`](/categorize/tags/prototype-pollution.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[gitGraber](https://github.com/hisxo/gitGraber)|gitGraber |![](https://img.shields.io/github/stars/hisxo/gitGraber?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[xsinator.com](https://github.com/RUB-NDS/xsinator.com)|XS-Leak Browser Test Suite|![](https://img.shields.io/github/stars/RUB-NDS/xsinator.com?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Scanner|[nuclei](https://github.com/projectdiscovery/nuclei)|Nuclei is a fast tool for configurable targeted scanning based on templates offering massive extensibility and ease of use. |![](https://img.shields.io/github/stars/projectdiscovery/nuclei?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[confused](https://github.com/visma-prodsec/confused)|Tool to check for dependency confusion vulnerabilities in multiple package management systems|![](https://img.shields.io/github/stars/visma-prodsec/confused?label=%20)|[`dependency-confusion`](/categorize/tags/dependency-confusion.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[nikto](https://github.com/sullo/nikto)|Nikto web server scanner |![](https://img.shields.io/github/stars/sullo/nikto?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Perl](/images/perl.png)](/categorize/langs/Perl.md)|\n|Scanner|[wpscan](https://github.com/wpscanteam/wpscan)|WPScan is a free, for non-commercial use, black box WordPress Vulnerability Scanner written for security professionals and blog maintainers to test the security of their WordPress websites. |![](https://img.shields.io/github/stars/wpscanteam/wpscan?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Scanner|[xsser](https://github.com/epsylon/xsser)|Cross Site \"Scripter\" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications. |![](https://img.shields.io/github/stars/epsylon/xsser?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[DeadFinder](https://github.com/hahwul/deadfinder)|Find dead-links (broken links)|![](https://img.shields.io/github/stars/hahwul/deadfinder?label=%20)|[`broken-link`](/categorize/tags/broken-link.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Scanner|[domdig](https://github.com/fcavallarin/domdig)|DOM XSS scanner for Single Page Applications |![](https://img.shields.io/github/stars/fcavallarin/domdig?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Scanner|[smugglex](https://github.com/hahwul/smugglex)|Rust-powered HTTP Request Smuggling Scanner|![](https://img.shields.io/github/stars/hahwul/smugglex?label=%20)|[`smuggle`](/categorize/tags/smuggle.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Scanner|[semgrep](https://github.com/semgrep/semgrep)|Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.|![](https://img.shields.io/github/stars/semgrep/semgrep?label=%20)|[`sast`](/categorize/tags/sast.md) [`code-analysis`](/categorize/tags/code-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[github-search](https://github.com/gwen001/github-search)|Tools to perform basic search on GitHub. |![](https://img.shields.io/github/stars/gwen001/github-search?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Scanner|[findom-xss](https://github.com/dwisiswant0/findom-xss)|A fast DOM based XSS vulnerability scanner with simplicity. |![](https://img.shields.io/github/stars/dwisiswant0/findom-xss?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Scanner|[smuggler](https://github.com/defparam/smuggler)|Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3 |![](https://img.shields.io/github/stars/defparam/smuggler?label=%20)|[`smuggle`](/categorize/tags/smuggle.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[VHostScan](https://github.com/codingo/VHostScan)|A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages. |![](https://img.shields.io/github/stars/codingo/VHostScan?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[DirDar](https://github.com/M4DM0e/DirDar)|DirDar is a tool that searches for (403-Forbidden) directories to break it and get dir listing on it|![](https://img.shields.io/github/stars/M4DM0e/DirDar?label=%20)|[`403`](/categorize/tags/403.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[dependency-confusion-scanner](https://github.com/Yaniv-git/dependency-confusion-scanner)|This small repo is meant to scan Github's repositories for potential Dependency confusion vulnerabilities.|![](https://img.shields.io/github/stars/Yaniv-git/dependency-confusion-scanner?label=%20)|[`dependency-confusion`](/categorize/tags/dependency-confusion.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[XssPy](https://github.com/faizann24/)|Web Application XSS Scanner|![](https://img.shields.io/github/stars/faizann24/?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[Taipan](https://github.com/enkomio/Taipan)|Web application vulnerability scanner|![](https://img.shields.io/github/stars/enkomio/Taipan?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)|\n|Scanner|[xsscrapy](https://github.com/DanMcInerney/xsscrapy)|XSS/SQLi spider. Give it a URL and it'll test every link it finds for XSS and some SQLi. |![](https://img.shields.io/github/stars/DanMcInerney/xsscrapy?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[wapiti](https://github.com/wapiti-scanner/wapiti)|Web application vulnerability scanner. Wapiti allows you to audit the security of your websites or web applications.|![](https://img.shields.io/github/stars/wapiti-scanner/wapiti?label=%20)|[`vulnerability-scanner`](/categorize/tags/vulnerability-scanner.md) [`web-scanner`](/categorize/tags/web-scanner.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[deadlinks](https://github.com/butuzov/deadlinks)|Health checks for your documentation links.|![](https://img.shields.io/github/stars/butuzov/deadlinks?label=%20)|[`broken-link`](/categorize/tags/broken-link.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[cloud-audit](https://github.com/gebalamariusz/cloud-audit)|Fast, opinionated AWS security scanner with Terraform remediation and attack chain detection|![](https://img.shields.io/github/stars/gebalamariusz/cloud-audit?label=%20)|[`aws`](/categorize/tags/aws.md) [`cloud`](/categorize/tags/cloud.md) [`security`](/categorize/tags/security.md) [`terraform`](/categorize/tags/terraform.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Exploit|[ghauri](https://github.com/r0oth3x49/ghauri)|An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws|![](https://img.shields.io/github/stars/r0oth3x49/ghauri?label=%20)|[`sqli`](/categorize/tags/sqli.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Exploit|[XXEinjector](https://github.com/enjoiz/XXEinjector)|Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.|![](https://img.shields.io/github/stars/enjoiz/XXEinjector?label=%20)|[`xxe`](/categorize/tags/xxe.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Exploit|[toxssin](https://github.com/t3l3machus/toxssin)|An XSS exploitation command-line interface and payload generator.|![](https://img.shields.io/github/stars/t3l3machus/toxssin?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Exploit|[BaRMIe](https://github.com/NickstaDB/BaRMIe)|Java RMI enumeration and attack tool.|![](https://img.shields.io/github/stars/NickstaDB/BaRMIe?label=%20)|[`RMI`](/categorize/tags/RMI.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Exploit|[of-CORS](https://github.com/trufflesecurity/of-CORS)|Identifying and exploiting CORS misconfigurations on the internal networks|![](https://img.shields.io/github/stars/trufflesecurity/of-CORS?label=%20)|[`cors`](/categorize/tags/cors.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Exploit|[xxeserv](https://github.com/staaldraad/xxeserv)|A mini webserver with FTP support for XXE payloads|![](https://img.shields.io/github/stars/staaldraad/xxeserv?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Exploit|[XXExploiter](https://github.com/luisfontes19/xxexploiter)|Tool to help exploit XXE vulnerabilities|![](https://img.shields.io/github/stars/luisfontes19/xxexploiter?label=%20)|[`xxe`](/categorize/tags/xxe.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![TypeScript](/images/typescript.png)](/categorize/langs/TypeScript.md)|\n|Exploit|[beef](https://github.com/beefproject/beef)|The Browser Exploitation Framework Project|![](https://img.shields.io/github/stars/beefproject/beef?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Exploit|[Gopherus](https://github.com/tarunkant/Gopherus)|This tool generates gopher link for exploiting SSRF and gaining RCE in various servers |![](https://img.shields.io/github/stars/tarunkant/Gopherus?label=%20)|[`ssrf`](/categorize/tags/ssrf.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Exploit|[XSRFProbe](https://github.com/0xInfection/XSRFProbe)|The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.|![](https://img.shields.io/github/stars/0xInfection/XSRFProbe?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Exploit|[ropr](https://github.com/Ben-Lichtman/ropr)|A blazing fast™ multithreaded ROP Gadget finder. ropper|![](https://img.shields.io/github/stars/Ben-Lichtman/ropr?label=%20)|[`rop`](/categorize/tags/rop.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Exploit|[singularity](https://github.com/nccgroup/singularity)|A DNS rebinding attack framework.|![](https://img.shields.io/github/stars/nccgroup/singularity?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Exploit|[Liffy](https://github.com/mzfr/liffy)|Local file inclusion exploitation tool|![](https://img.shields.io/github/stars/mzfr/liffy?label=%20)|[`lfi`](/categorize/tags/lfi.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Exploit|[jwt_tool](https://github.com/ticarpi/jwt_tool)|A toolkit for testing, tweaking and cracking JSON Web Tokens|![](https://img.shields.io/github/stars/ticarpi/jwt_tool?label=%20)|[`jwt`](/categorize/tags/jwt.md) [`authentication`](/categorize/tags/authentication.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Exploit|[Sn1per](https://github.com/1N3/Sn1per)|Automated pentest framework for offensive security experts |![](https://img.shields.io/github/stars/1N3/Sn1per?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Exploit|[SQLNinja](https://gitlab.com/kalilinux/packages/sqlninja)|Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities.||[`sqli`](/categorize/tags/sqli.md)|![linux](/images/linux.png)![macos](/images/apple.png)[![Perl](/images/perl.png)](/categorize/langs/Perl.md)|\n|Utils|[zip-bomb](https://github.com/damianrusinek/zip-bomb)|Create a ZIPBomb for a given uncompressed size (flat and nested modes).|![](https://img.shields.io/github/stars/damianrusinek/zip-bomb?label=%20)|[`zipbomb`](/categorize/tags/zipbomb.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[gotator](https://github.com/Josue87/gotator)|Gotator is a tool to generate DNS wordlists through permutations.|![](https://img.shields.io/github/stars/Josue87/gotator?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[wuzz](https://github.com/asciimoo/wuzz)|Interactive cli tool for HTTP inspection |![](https://img.shields.io/github/stars/asciimoo/wuzz?label=%20)|[`http`](/categorize/tags/http.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[docem](https://github.com/whitel1st/docem)|Uility to embed XXE and XSS payloads in docx,odt,pptx,etc (OXML_XEE on steroids)|![](https://img.shields.io/github/stars/whitel1st/docem?label=%20)|[`xxe`](/categorize/tags/xxe.md) [`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[mapcidr](https://github.com/projectdiscovery/mapcidr)|Utility program to perform multiple operations for a given subnet/CIDR ranges|![](https://img.shields.io/github/stars/projectdiscovery/mapcidr?label=%20)|[`cidr`](/categorize/tags/cidr.md) [`network`](/categorize/tags/network.md) [`ip-manipulation`](/categorize/tags/ip-manipulation.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[GadgetProbe](https://github.com/BishopFox/GadgetProbe)|Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.|![](https://img.shields.io/github/stars/BishopFox/GadgetProbe?label=%20)|[`deserialize`](/categorize/tags/deserialize.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[dsieve](https://github.com/trickest/dsieve)|Filter and enrich a list of subdomains by level|![](https://img.shields.io/github/stars/trickest/dsieve?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[quickjack](https://github.com/samyk/quickjack)|Quickjack is a point-and-click tool for intuitively producing advanced clickjacking and frame slicing attacks.|![](https://img.shields.io/github/stars/samyk/quickjack?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[CyberChef](https://github.com/gchq/CyberChef)|The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis |![](https://img.shields.io/github/stars/gchq/CyberChef?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[Atlas](https://github.com/m4ll0k/Atlas)|Quick SQLMap Tamper Suggester |![](https://img.shields.io/github/stars/m4ll0k/Atlas?label=%20)|[`sqli`](/categorize/tags/sqli.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[urlprobe](https://github.com/1ndianl33t/urlprobe)|Urls status code & content length checker |![](https://img.shields.io/github/stars/1ndianl33t/urlprobe?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[Emissary](https://github.com/BountyStrike/Emissary)|Send notifications on different channels such as Slack, Telegram, Discord etc.|![](https://img.shields.io/github/stars/BountyStrike/Emissary?label=%20)|[`notify`](/categorize/tags/notify.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[cf-check](https://github.com/dwisiswant0/cf-check)|Cloudflare Checker written in Go |![](https://img.shields.io/github/stars/dwisiswant0/cf-check?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[230-OOB](https://github.com/lc/230-OOB)|An Out-of-Band XXE server for retrieving file contents over FTP.|![](https://img.shields.io/github/stars/lc/230-OOB?label=%20)|[`xxe`](/categorize/tags/xxe.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[anew](https://github.com/tomnomnom/anew)|A tool for adding new lines to files, skipping duplicates|![](https://img.shields.io/github/stars/tomnomnom/anew?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[bruteforce-lists](https://github.com/random-robbie/bruteforce-lists)|Some files for bruteforcing certain things.|![](https://img.shields.io/github/stars/random-robbie/bruteforce-lists?label=%20)|[`wordlist`](/categorize/tags/wordlist.md) [`documents`](/categorize/tags/documents.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Txt](/images/txt.png)](/categorize/langs/Txt.md)|\n|Utils|[mubeng](https://github.com/kitabisa/mubeng)|An incredibly fast proxy checker & IP rotator with ease.|![](https://img.shields.io/github/stars/kitabisa/mubeng?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[github-regexp](https://github.com/gwen001/github-regexp)|Basically a regexp over a GitHub search.|![](https://img.shields.io/github/stars/gwen001/github-regexp?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[autochrome](https://github.com/nccgroup/autochrome)|This tool downloads, installs, and configures a shiny new copy of Chromium.|![](https://img.shields.io/github/stars/nccgroup/autochrome?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![HTML](/images/html.png)](/categorize/langs/HTML.md)|\n|Utils|[fff](https://github.com/tomnomnom/fff)|The Fairly Fast Fetcher. Requests a bunch of URLs provided on stdin fairly quickly.|![](https://img.shields.io/github/stars/tomnomnom/fff?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[grex](https://github.com/pemistahl/grex)|A command-line tool and library for generating regular expressions from user-provided test cases|![](https://img.shields.io/github/stars/pemistahl/grex?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Utils|[IntruderPayloads](https://github.com/1N3/IntruderPayloads)||![](https://img.shields.io/github/stars/1N3/IntruderPayloads?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![BlitzBasic](/images/blitzbasic.png)](/categorize/langs/BlitzBasic.md)|\n|Utils|[tiscripts](https://github.com/defparam/tiscripts)|Turbo Intruder Scripts|![](https://img.shields.io/github/stars/defparam/tiscripts?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[hakcheckurl](https://github.com/hakluke/hakcheckurl)|Takes a list of URLs and returns their HTTP response codes|![](https://img.shields.io/github/stars/hakluke/hakcheckurl?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[jsfuck](https://github.com/aemkei/jsfuck)|Write any JavaScript with 6 Characters|![](https://img.shields.io/github/stars/aemkei/jsfuck?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[fzf](https://github.com/junegunn/fzf)|A command-line fuzzy finder|![](https://img.shields.io/github/stars/junegunn/fzf?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[Assetnote Wordlists](https://github.com/assetnote/wordlists)|Automated & Manual Wordlists provided by Assetnote|![](https://img.shields.io/github/stars/assetnote/wordlists?label=%20)|[`wordlist`](/categorize/tags/wordlist.md) [`documents`](/categorize/tags/documents.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![CSS](/images/css.png)](/categorize/langs/CSS.md)|\n|Utils|[dnsobserver](https://github.com/allyomalley/dnsobserver)|A handy DNS service written in Go to aid in the detection of several types of blind vulnerabilities. It monitors a pentester's server for out-of-band DNS interactions and sends lookup notifications via Slack. |![](https://img.shields.io/github/stars/allyomalley/dnsobserver?label=%20)|[`oast`](/categorize/tags/oast.md) [`dns`](/categorize/tags/dns.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[ysoserial.net](https://github.com/pwntester/ysoserial.net)|Deserialization payload generator for a variety of .NET formatters |![](https://img.shields.io/github/stars/pwntester/ysoserial.net?label=%20)|[`deserialize`](/categorize/tags/deserialize.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![C#](/images/c%23.png)](/categorize/langs/C%23.md)|\n|Utils|[TukTuk](https://github.com/ArturSS7/TukTuk)|Tool for catching and logging different types of requests. |![](https://img.shields.io/github/stars/ArturSS7/TukTuk?label=%20)|[`oast`](/categorize/tags/oast.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[pentest-tools](https://github.com/gwen001/pentest-tools)|Custom pentesting tools |![](https://img.shields.io/github/stars/gwen001/pentest-tools?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[hbxss](https://github.com/hahwul/hbxss)|Security test tool for Blind XSS|![](https://img.shields.io/github/stars/hahwul/hbxss?label=%20)|[`xss`](/categorize/tags/xss.md) [`blind-xss`](/categorize/tags/blind-xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Utils|[SecLists](https://github.com/danielmiessler/SecLists)|SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place.|![](https://img.shields.io/github/stars/danielmiessler/SecLists?label=%20)|[`wordlist`](/categorize/tags/wordlist.md) [`documents`](/categorize/tags/documents.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Txt](/images/txt.png)](/categorize/langs/Txt.md)|\n|Utils|[hurl](https://github.com/Orange-OpenSource/hurl)|Hurl, run and test HTTP requests.|![](https://img.shields.io/github/stars/Orange-OpenSource/hurl?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Utils|[urlgrab](https://github.com/IAmStoxe/urlgrab)|A golang utility to spider through a website searching for additional links. |![](https://img.shields.io/github/stars/IAmStoxe/urlgrab?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[security-crawl-maze](https://github.com/google/security-crawl-maze)|Security Crawl Maze is a comprehensive testbed for web security crawlers. It contains pages representing many ways in which one can link resources from a valid HTML document.|![](https://img.shields.io/github/stars/google/security-crawl-maze?label=%20)|[`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![HTML](/images/html.png)](/categorize/langs/HTML.md)|\n|Utils|[interactsh](https://github.com/projectdiscovery/interactsh)|An OOB interaction gathering server and client library|![](https://img.shields.io/github/stars/projectdiscovery/interactsh?label=%20)|[`oast`](/categorize/tags/oast.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[eoyc](https://github.com/hahwul/eoyc)|Encoding Only Your Choices|![](https://img.shields.io/github/stars/hahwul/eoyc?label=%20)|[`encode`](/categorize/tags/encode.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Crystal](/images/crystal.png)](/categorize/langs/Crystal.md)|\n|Utils|[gxss](https://github.com/rverton/gxss)|Blind XSS service alerting over slack or email|![](https://img.shields.io/github/stars/rverton/gxss?label=%20)|[`xss`](/categorize/tags/xss.md) [`blind-xss`](/categorize/tags/blind-xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[Gf-Patterns](https://github.com/1ndianl33t/Gf-Patterns)|GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic) parameters grep |![](https://img.shields.io/github/stars/1ndianl33t/Gf-Patterns?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)|\n|Utils|[PayloadsAllTheThings](https://github.com/swisskyrepo/PayloadsAllTheThings)|A list of useful payloads and bypass for Web Application Security and Pentest/CTF |![](https://img.shields.io/github/stars/swisskyrepo/PayloadsAllTheThings?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[reverse-shell-generator](https://github.com/0dayCTF/reverse-shell-generator)|Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)|![](https://img.shields.io/github/stars/0dayCTF/reverse-shell-generator?label=%20)|[`payload`](/categorize/tags/payload.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[weaponised-XSS-payloads](https://github.com/hakluke/weaponised-XSS-payloads)|XSS payloads designed to turn alert(1) into P1|![](https://img.shields.io/github/stars/hakluke/weaponised-XSS-payloads?label=%20)|[`xss`](/categorize/tags/xss.md) [`documents`](/categorize/tags/documents.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[CSP Evaluator](https://csp-evaluator.withgoogle.com)|Online CSP Evaluator from google||[`csp`](/categorize/tags/csp.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)|\n|Utils|[boast](https://github.com/marcoagner/boast)|The BOAST Outpost for AppSec Testing (v0.1.0)|![](https://img.shields.io/github/stars/marcoagner/boast?label=%20)|[`oast`](/categorize/tags/oast.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[REcollapse](https://github.com/0xacb/recollapse)|REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications|![](https://img.shields.io/github/stars/0xacb/recollapse?label=%20)|[`fuzz`](/categorize/tags/fuzz.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[burl](https://github.com/tomnomnom/burl)|A Broken-URL Checker |![](https://img.shields.io/github/stars/tomnomnom/burl?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[SerializationDumper](https://github.com/NickstaDB/SerializationDumper)|A tool to dump Java serialization streams in a more human readable form.|![](https://img.shields.io/github/stars/NickstaDB/SerializationDumper?label=%20)|[`deserialize`](/categorize/tags/deserialize.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[pwncat](https://github.com/cytopia/pwncat)|pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE) |![](https://img.shields.io/github/stars/cytopia/pwncat?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Utils|[httptoolkit](https://github.com/httptoolkit/httptoolkit)|HTTP Toolkit is a beautiful & open-source tool for debugging, testing and building with HTTP(S) on Windows, Linux & Mac|![](https://img.shields.io/github/stars/httptoolkit/httptoolkit?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)|\n|Utils|[nuclei-templates](https://github.com/projectdiscovery/nuclei-templates)|Community curated list of templates for the nuclei engine to find security vulnerabilities.|![](https://img.shields.io/github/stars/projectdiscovery/nuclei-templates?label=%20)|[`nuclei-templates`](/categorize/tags/nuclei-templates.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[pdtm](https://github.com/projectdiscovery/pdtm)|ProjectDiscovery's Open Source Tool Manager|![](https://img.shields.io/github/stars/projectdiscovery/pdtm?label=%20)|[`package-manager`](/categorize/tags/package-manager.md) [`tools-management`](/categorize/tags/tools-management.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[Findsploit](https://github.com/1N3/Findsploit)|Find exploits in local and online databases instantly|![](https://img.shields.io/github/stars/1N3/Findsploit?label=%20)|[`exploit`](/categorize/tags/exploit.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Utils|[Phoenix](https://www.hahwul.com/phoenix/)|hahwul's online tools||[`online`](/categorize/tags/online.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[SequenceDiagram](https://sequencediagram.org)|Online tool for creating UML sequence diagrams||[`online`](/categorize/tags/online.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)|\n|Utils|[blistener](https://github.com/fyxme/blistener)|Blind-XSS listener with payloads|![](https://img.shields.io/github/stars/fyxme/blistener?label=%20)|[`xss`](/categorize/tags/xss.md) [`blind-xss`](/categorize/tags/blind-xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[xssor2](https://github.com/evilcos/xssor2)|XSS'OR - Hack with JavaScript.|![](https://img.shields.io/github/stars/evilcos/xssor2?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[h2spacex](https://github.com/nxenon/h2spacex)|HTTP/2 Single Packet Attack low level library based on Scapy|![](https://img.shields.io/github/stars/nxenon/h2spacex?label=%20)|[`race-condition`](/categorize/tags/race-condition.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[difftastic](https://github.com/Wilfred/difftastic)|a structural diff that understands syntax|![](https://img.shields.io/github/stars/Wilfred/difftastic?label=%20)|[`diff`](/categorize/tags/diff.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Utils|[bat](https://github.com/sharkdp/bat)|A cat(1) clone with wings.|![](https://img.shields.io/github/stars/sharkdp/bat?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Utils|[httpie](https://github.com/httpie/httpie)|modern, user-friendly command-line HTTP client for the API era|![](https://img.shields.io/github/stars/httpie/httpie?label=%20)|[`http`](/categorize/tags/http.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[wssip](https://github.com/nccgroup/wssip)|Application for capturing, modifying and sending custom WebSocket data from client to server and vice versa.|![](https://img.shields.io/github/stars/nccgroup/wssip?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[xless](https://github.com/mazen160/xless)|The Serverless Blind XSS App|![](https://img.shields.io/github/stars/mazen160/xless?label=%20)|[`xss`](/categorize/tags/xss.md) [`blind-xss`](/categorize/tags/blind-xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[qsreplace](https://github.com/tomnomnom/qsreplace)|Accept URLs on stdin, replace all query string values with a user-supplied value |![](https://img.shields.io/github/stars/tomnomnom/qsreplace?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[Clipboard](https://github.com/Slackadays/Clipboard)|An external brain that remembers anything, anytime, anywhere.|![](https://img.shields.io/github/stars/Slackadays/Clipboard?label=%20)|[`clipboard`](/categorize/tags/clipboard.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![C++](/images/c++.png)](/categorize/langs/C++.md)|\n|Utils|[gron](https://github.com/tomnomnom/gron)|Make JSON greppable!|![](https://img.shields.io/github/stars/tomnomnom/gron?label=%20)|[`json`](/categorize/tags/json.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[security-research-pocs](https://github.com/google/security-research-pocs)|Proof-of-concept codes created as part of security research done by Google Security Team.|![](https://img.shields.io/github/stars/google/security-research-pocs?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![C++](/images/c++.png)](/categorize/langs/C++.md)|\n|Utils|[slackcat](https://github.com/bcicen/slackcat)|CLI utility to post files and command output to slack|![](https://img.shields.io/github/stars/bcicen/slackcat?label=%20)|[`notify`](/categorize/tags/notify.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[ZipBomb](https://github.com/abdulfatir/ZipBomb)|A simple implementation of ZipBomb in Python|![](https://img.shields.io/github/stars/abdulfatir/ZipBomb?label=%20)|[`zipbomb`](/categorize/tags/zipbomb.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[can-i-take-over-xyz](https://github.com/EdOverflow/can-i-take-over-xyz)|\"Can I take over XYZ?\" — a list of services and how to claim (sub)domains with dangling DNS records.|![](https://img.shields.io/github/stars/EdOverflow/can-i-take-over-xyz?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)|\n|Utils|[s3reverse](https://github.com/hahwul/s3reverse)|The format of various s3 buckets is convert in one format. for bugbounty and security testing. |![](https://img.shields.io/github/stars/hahwul/s3reverse?label=%20)|[`s3`](/categorize/tags/s3.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[template-generator](https://github.com/fransr/template-generator)|A simple variable based template editor using handlebarjs+strapdownjs. The idea is to use variables in markdown based files to easily replace the variables with content. Data is saved temporarily in local storage. PHP is only needed to generate the list of files in the dropdown of templates. |![](https://img.shields.io/github/stars/fransr/template-generator?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[grc](https://github.com/garabik/grc)|generic colouriser|![](https://img.shields.io/github/stars/garabik/grc?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[ysoserial](https://github.com/frohoff/ysoserial)|A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization. |![](https://img.shields.io/github/stars/frohoff/ysoserial?label=%20)|[`deserialize`](/categorize/tags/deserialize.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[gitls](https://github.com/hahwul/gitls)|Listing git repository from URL/User/Org|![](https://img.shields.io/github/stars/hahwul/gitls?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[ob_hacky_slack](https://github.com/openbridge/ob_hacky_slack)|Hacky Slack - a bash script that sends beautiful messages to Slack|![](https://img.shields.io/github/stars/openbridge/ob_hacky_slack?label=%20)|[`notify`](/categorize/tags/notify.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Utils|[gee](https://github.com/hahwul/gee)|🏵 Gee is tool of stdin to each files and stdout. It is similar to the tee command, but there are more functions for convenience. In addition, it was written as go|![](https://img.shields.io/github/stars/hahwul/gee?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[race-the-web](https://github.com/TheHackerDev/race-the-web)|Tests for race conditions in web applications by sending out a user-specified number of requests to a target URL (or URLs) simultaneously, and then compares the responses from the server for uniqueness.|![](https://img.shields.io/github/stars/TheHackerDev/race-the-web?label=%20)|[`race-condition`](/categorize/tags/race-condition.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[hoppscotch](https://github.com/hoppscotch/hoppscotch)|Open source API development ecosystem|![](https://img.shields.io/github/stars/hoppscotch/hoppscotch?label=%20)|[`http`](/categorize/tags/http.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![TypeScript](/images/typescript.png)](/categorize/langs/TypeScript.md)|\n|Utils|[gotestwaf](https://github.com/wallarm/gotestwaf)|An open-source project in Golang to test different web application firewalls (WAF) for detection logic and bypasses|![](https://img.shields.io/github/stars/wallarm/gotestwaf?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[gf](https://github.com/tomnomnom/gf)|A wrapper around grep, to help you grep for things |![](https://img.shields.io/github/stars/tomnomnom/gf?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[xss-cheatsheet-data](https://github.com/PortSwigger/xss-cheatsheet-data)|This repository contains all the XSS cheatsheet data to allow contributions from the community. |![](https://img.shields.io/github/stars/PortSwigger/xss-cheatsheet-data?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)|\n|Utils|[nuclei-wordfence-cve](https://github.com/topscoder/nuclei-wordfence-cve)|Every single day new templates are added to this repo based on updates on Wordfence.com|![](https://img.shields.io/github/stars/topscoder/nuclei-wordfence-cve?label=%20)|[`nuclei-templates`](/categorize/tags/nuclei-templates.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[godeclutter](https://github.com/c3l3si4n/godeclutter)|Declutters URLs in a fast and flexible way, for improving input for web hacking automations such as crawlers and vulnerability scans.|![](https://img.shields.io/github/stars/c3l3si4n/godeclutter?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[missing-cve-nuclei-templates](https://github.com/edoardottt/missing-cve-nuclei-templates)|Weekly updated list of missing CVEs in nuclei templates official repository|![](https://img.shields.io/github/stars/edoardottt/missing-cve-nuclei-templates?label=%20)|[`nuclei-templates`](/categorize/tags/nuclei-templates.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Txt](/images/txt.png)](/categorize/langs/Txt.md)|\n|Utils|[hacks](https://github.com/tomnomnom/hacks)|A collection of hacks and one-off scripts |![](https://img.shields.io/github/stars/tomnomnom/hacks?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[Bug-Bounty-Toolz](https://github.com/m4ll0k/Bug-Bounty-Toolz)|BBT - Bug Bounty Tools |![](https://img.shields.io/github/stars/m4ll0k/Bug-Bounty-Toolz?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[XSS-Catcher](https://github.com/daxAKAhackerman/XSS-Catcher)|Find blind XSS but why not gather data while you're at it.|![](https://img.shields.io/github/stars/daxAKAhackerman/XSS-Catcher?label=%20)|[`xss`](/categorize/tags/xss.md) [`blind-xss`](/categorize/tags/blind-xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[Blacklist3r](https://github.com/NotSoSecure/Blacklist3r)|project-blacklist3r |![](https://img.shields.io/github/stars/NotSoSecure/Blacklist3r?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![C#](/images/c%23.png)](/categorize/langs/C%23.md)|\n|Utils|[oxml_xxe](https://github.com/BuffaloWill/oxml_xxe)|A tool for embedding XXE/XML exploits into different filetypes |![](https://img.shields.io/github/stars/BuffaloWill/oxml_xxe?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Utils|[unfurl](https://github.com/tomnomnom/unfurl)|Pull out bits of URLs provided on stdin |![](https://img.shields.io/github/stars/tomnomnom/unfurl?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[curl](https://github.com/curl/curl)|A command line tool and library for transferring data with URL syntax, supporting HTTP, HTTPS, FTP, FTPS, GOPHER, TFTP, SCP, SFTP, SMB, TELNET, DICT, LDAP, LDAPS, MQTT, FILE, IMAP, SMTP, POP3, RTSP and RTMP. libcurl offers a myriad of powerful features|![](https://img.shields.io/github/stars/curl/curl?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![C](/images/c.png)](/categorize/langs/C.md)|\n|Utils|[Redcloud](https://github.com/khast3x/Redcloud)|Automated Red Team Infrastructure deployement using Docker|![](https://img.shields.io/github/stars/khast3x/Redcloud?label=%20)|[`infra`](/categorize/tags/infra.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[pet](https://github.com/knqyf263/pet)|Simple command-line snippet manager, written in Go.|![](https://img.shields.io/github/stars/knqyf263/pet?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[ezXSS](https://github.com/ssl/ezXSS)|ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting. |![](https://img.shields.io/github/stars/ssl/ezXSS?label=%20)|[`xss`](/categorize/tags/xss.md) [`blind-xss`](/categorize/tags/blind-xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![PHP](/images/php.png)](/categorize/langs/PHP.md)|\n|Utils|[graphql-voyager](https://github.com/APIs-guru/graphql-voyager)|🛰️ Represent any GraphQL API as an interactive graph |![](https://img.shields.io/github/stars/APIs-guru/graphql-voyager?label=%20)|[`graphql`](/categorize/tags/graphql.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![TypeScript](/images/typescript.png)](/categorize/langs/TypeScript.md)|\n|Utils|[GQLSpection](https://github.com/doyensec/GQLSpection)|parses GraphQL introspection schema and generates possible queries|![](https://img.shields.io/github/stars/doyensec/GQLSpection?label=%20)|[`graphql`](/categorize/tags/graphql.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[cent](https://github.com/xm1k3/cent)|Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place.|![](https://img.shields.io/github/stars/xm1k3/cent?label=%20)|[`nuclei-templates`](/categorize/tags/nuclei-templates.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[bountyplz](https://github.com/fransr/bountyplz)|Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported) |![](https://img.shields.io/github/stars/fransr/bountyplz?label=%20)|[`report`](/categorize/tags/report.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Utils|[PoC-in-GitHub](https://github.com/nomi-sec/PoC-in-GitHub)|📡 PoC auto collect from GitHub. Be careful  malware.|![](https://img.shields.io/github/stars/nomi-sec/PoC-in-GitHub?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)|\n|Env|[pentest-env](https://github.com/Sliim/pentest-env)|Pentest environment deployer (kali linux + targets) using vagrant and chef.|![](https://img.shields.io/github/stars/Sliim/pentest-env?label=%20)|[`pentest`](/categorize/tags/pentest.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Env|[Glue](https://github.com/OWASP/glue)|Application Security Automation|![](https://img.shields.io/github/stars/OWASP/glue?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Env|[Crimson](https://github.com/Karmaz95/crimson)|Web Application Security Testing automation.|![](https://img.shields.io/github/stars/Karmaz95/crimson?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n\n### Bookmarklets\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n\n### Browser Addons\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Proxy|[rep](https://github.com/repplus/rep)|Chrome DevTools extension for capturing, modifying, and replaying HTTP requests with AI-powered security analysis|![](https://img.shields.io/github/stars/repplus/rep?label=%20)|[`http`](/categorize/tags/http.md) [`repeater`](/categorize/tags/repeater.md)|![chrome](/images/chrome.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Recon|[Wayback Machine](https://apps.apple.com/us/app/wayback-machine/id1472432422)|History of website|||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![safari](/images/safari.png)|\n|Recon|[DotGit](https://github.com/davtur19/DotGit)|An extension for checking if .git is exposed in visited websites|![](https://img.shields.io/github/stars/davtur19/DotGit?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![firefox](/images/firefox.png)![chrome](/images/chrome.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[PwnFox](https://github.com/yeswehack/PwnFox)|Firefox/Burp extension that provide usefull tools for your security audit.|![](https://img.shields.io/github/stars/yeswehack/PwnFox?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![firefox](/images/firefox.png)![burp](/images/burp.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[eval_villain](https://github.com/swoops/eval_villain)|A Firefox Web Extension to improve the discovery of DOM XSS.|![](https://img.shields.io/github/stars/swoops/eval_villain?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![firefox](/images/firefox.png)![zap](/images/zap.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[postMessage-tracker](https://github.com/fransr/postMessage-tracker)|A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon|![](https://img.shields.io/github/stars/fransr/postMessage-tracker?label=%20)|[`js-analysis`](/categorize/tags/js-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![chrome](/images/chrome.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[Edit-This-Cookie](https://github.com/ETCExtensions/Edit-This-Cookie)|EditThisCookie is the famous Google Chrome/Chromium extension for editing cookies|![](https://img.shields.io/github/stars/ETCExtensions/Edit-This-Cookie?label=%20)|[`cookie`](/categorize/tags/cookie.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![chrome](/images/chrome.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[Firefox Multi-Account Containers](https://github.com/mozilla/multi-account-containers)|Firefox Multi-Account Containers lets you keep parts of your online life separated into color-coded tabs|![](https://img.shields.io/github/stars/mozilla/multi-account-containers?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![firefox](/images/firefox.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[firefox-container-proxy](https://github.com/bekh6ex/firefox-container-proxy)|Assign a proxy to a Firefox container|![](https://img.shields.io/github/stars/bekh6ex/firefox-container-proxy?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![firefox](/images/firefox.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[clear-cache](https://github.com/TenSoja/clear-cache)|Add-on to clear browser cache with a single click or via the F9 key.|![](https://img.shields.io/github/stars/TenSoja/clear-cache?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![firefox](/images/firefox.png)![chrome](/images/chrome.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[jsonwebtoken.github.io](https://github.com/jsonwebtoken/jsonwebtoken.github.io)|JWT En/Decode and Verify|![](https://img.shields.io/github/stars/jsonwebtoken/jsonwebtoken.github.io?label=%20)|[`jwt`](/categorize/tags/jwt.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[DOMLogger++](https://github.com/kevin-mizu/domloggerpp)|A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.|![](https://img.shields.io/github/stars/kevin-mizu/domloggerpp?label=%20)|[`dom`](/categorize/tags/dom.md) [`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![firefox](/images/firefox.png)![chrome](/images/chrome.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[Hack-Tools](https://github.com/LasCC/Hack-Tools)|The all-in-one Red Team extension for Web Pentester 🛠|![](https://img.shields.io/github/stars/LasCC/Hack-Tools?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![firefox](/images/firefox.png)![chrome](/images/chrome.png)![safari](/images/safari.png)[![TypeScript](/images/typescript.png)](/categorize/langs/TypeScript.md)|\n|Utils|[ZAP Browser Extension](https://github.com/zaproxy/browser-extension/)|A browser extension which allows ZAP to interact directly with the browser.|![](https://img.shields.io/github/stars/zaproxy/browser-extension/?label=%20)|[`browser-record`](/categorize/tags/browser-record.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![firefox](/images/firefox.png)![chrome](/images/chrome.png)![zap](/images/zap.png)[![TypeScript](/images/typescript.png)](/categorize/langs/TypeScript.md)|\n|Utils|[User-Agent Switcher](https://addons.mozilla.org/ko/firefox/addon/user-agent-switcher-revived/)|quick and easy way to switch between user-agents.|||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![firefox](/images/firefox.png)|\n|Utils|[Dark Reader for Safari](https://apps.apple.com/us/app/dark-reader-for-safari/id1438243180)|Dark mode to any site|||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![safari](/images/safari.png)|\n|Utils|[MM3 ProxySwitch](https://proxy-offline-browser.com/ProxySwitch/)|Proxy Switch in Firefox and Chrome|||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![firefox](/images/firefox.png)![chrome](/images/chrome.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[cookie-quick-manager](https://github.com/ysard/cookie-quick-manager)|An addon to manage (view, search, create, edit, remove, backup, restore) cookies on Firefox.|![](https://img.shields.io/github/stars/ysard/cookie-quick-manager?label=%20)|[`cookie`](/categorize/tags/cookie.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![firefox](/images/firefox.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[Dark Reader](https://github.com/darkreader/darkreader)|Dark mode to any site|![](https://img.shields.io/github/stars/darkreader/darkreader?label=%20)|[`darkmode`](/categorize/tags/darkmode.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![firefox](/images/firefox.png)![chrome](/images/chrome.png)[![TypeScript](/images/typescript.png)](/categorize/langs/TypeScript.md)|\n\n### Burpsuite, Caido and ZAP Addons\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Recon|[HUNT](https://github.com/bugcrowd/HUNT)|Identifies common parameters vulnerable to certain vulnerability classes|![](https://img.shields.io/github/stars/bugcrowd/HUNT?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)![burp](/images/burp.png)[![Kotlin](/images/kotlin.png)](/categorize/langs/Kotlin.md)|\n|Recon|[BurpSuite-Secret_Finder](https://github.com/m4ll0k/BurpSuite-Secret_Finder)||![](https://img.shields.io/github/stars/m4ll0k/BurpSuite-Secret_Finder?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)|\n|Recon|[attack-surface-detector-burp](https://github.com/secdec/attack-surface-detector-burp)|The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters|![](https://img.shields.io/github/stars/secdec/attack-surface-detector-burp?label=%20)|[`endpoint`](/categorize/tags/endpoint.md) [`url`](/categorize/tags/url.md) [`attack-surface`](/categorize/tags/attack-surface.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Recon|[attack-surface-detector-zap](https://github.com/secdec/attack-surface-detector-zap)|The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters|![](https://img.shields.io/github/stars/secdec/attack-surface-detector-zap?label=%20)|[`endpoint`](/categorize/tags/endpoint.md) [`url`](/categorize/tags/url.md) [`attack-surface`](/categorize/tags/attack-surface.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Recon|[Dr. Watson](https://github.com/prodigysml/Dr.-Watson)|Dr. Watson is a simple Burp Suite extension that helps find assets, keys, subdomains, IP addresses, and other useful information|![](https://img.shields.io/github/stars/prodigysml/Dr.-Watson?label=%20)|[`param`](/categorize/tags/param.md) [`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[BurpJSLinkFinder](https://github.com/InitRoot/BurpJSLinkFinder)||![](https://img.shields.io/github/stars/InitRoot/BurpJSLinkFinder?label=%20)|[`js-analysis`](/categorize/tags/js-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[burp-retire-js](https://github.com/h3xstream/burp-retire-js)||![](https://img.shields.io/github/stars/h3xstream/burp-retire-js?label=%20)|[`js-analysis`](/categorize/tags/js-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Recon|[reflected-parameters](https://github.com/PortSwigger/reflected-parameters)||![](https://img.shields.io/github/stars/PortSwigger/reflected-parameters?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Fuzzer|[GAP](https://github.com/xnl-h4ck3r/GAP-Burp-Extension)|This is an evolution of the original getAllParams extension for Burp. Not only does it find more potential parameters for you to investigate, but it also finds potential links to try these parameters on.|![](https://img.shields.io/github/stars/xnl-h4ck3r/GAP-Burp-Extension?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Fuzzer|[param-miner](https://github.com/PortSwigger/param-miner)|Param Miner|![](https://img.shields.io/github/stars/PortSwigger/param-miner?label=%20)|[`param`](/categorize/tags/param.md) [`cache-vuln`](/categorize/tags/cache-vuln.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Scanner|[collaborator-everywhere](https://github.com/PortSwigger/collaborator-everywhere)||![](https://img.shields.io/github/stars/PortSwigger/collaborator-everywhere?label=%20)|[`oast`](/categorize/tags/oast.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Scanner|[AuthMatrix](https://github.com/SecurityInnovation/AuthMatrix)||![](https://img.shields.io/github/stars/SecurityInnovation/AuthMatrix?label=%20)|[`aaa`](/categorize/tags/aaa.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[http-request-smuggler](https://github.com/PortSwigger/http-request-smuggler)||![](https://img.shields.io/github/stars/PortSwigger/http-request-smuggler?label=%20)|[`smuggle`](/categorize/tags/smuggle.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Scanner|[csp-auditor](https://github.com/GoSecure/csp-auditor)||![](https://img.shields.io/github/stars/GoSecure/csp-auditor?label=%20)|[`csp`](/categorize/tags/csp.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Scanner|[BurpSuiteHTTPSmuggler](https://github.com/nccgroup/BurpSuiteHTTPSmuggler)||![](https://img.shields.io/github/stars/nccgroup/BurpSuiteHTTPSmuggler?label=%20)|[`smuggle`](/categorize/tags/smuggle.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Scanner|[Autorize](https://github.com/Quitten/Autorize)||![](https://img.shields.io/github/stars/Quitten/Autorize?label=%20)|[`aaa`](/categorize/tags/aaa.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[Web3 Decoder](https://github.com/nccgroup/web3-decoder)|Burp Extension for Web3|![](https://img.shields.io/github/stars/nccgroup/web3-decoder?label=%20)|[`web3`](/categorize/tags/web3.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[burp-exporter](https://github.com/artssec/burp-exporter)||![](https://img.shields.io/github/stars/artssec/burp-exporter?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[gRPC-Web Pentest Suite](https://github.com/nxenon/grpc-pentest-suite)|gRPC-Pentest-Suite is set of tools for pentesting / hacking gRPC Web (gRPC-Web) applications.|![](https://img.shields.io/github/stars/nxenon/grpc-pentest-suite?label=%20)|[`gRPC-Web`](/categorize/tags/gRPC-Web.md)|![burp](/images/burp.png)![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[pcap-burp](https://github.com/nccgroup/pcap-burp)|Pcap importer for Burp|![](https://img.shields.io/github/stars/nccgroup/pcap-burp?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[safecopy](https://github.com/yashrs/safecopy)||![](https://img.shields.io/github/stars/yashrs/safecopy?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[argumentinjectionhammer](https://github.com/nccgroup/argumentinjectionhammer)|A Burp Extension designed to identify argument injection vulnerabilities.|![](https://img.shields.io/github/stars/nccgroup/argumentinjectionhammer?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[community-scripts](https://github.com/zaproxy/community-scripts)||![](https://img.shields.io/github/stars/zaproxy/community-scripts?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|utils|[Neonmarker](https://github.com/kingthorin/neonmarker)||![](https://img.shields.io/github/stars/kingthorin/neonmarker?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[notebook](https://github.com/caido-community/notebook)|Notebook Caido Plugin|![](https://img.shields.io/github/stars/caido-community/notebook?label=%20)|[`note`](/categorize/tags/note.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![caido](/images/caido.png)[![TypeScript](/images/typescript.png)](/categorize/langs/TypeScript.md)|\n|Utils|[AWSSigner](https://github.com/NetSPI/AWSSigner)|Burp Extension for AWS Signing|![](https://img.shields.io/github/stars/NetSPI/AWSSigner?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[Map Local](https://github.com/Keindel/owasp-zap-maplocal-addon)|ZAP add-on which allows mapping of responses to content of a chosen local file.|![](https://img.shields.io/github/stars/Keindel/owasp-zap-maplocal-addon?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[BurpSuiteLoggerPlusPlus](https://github.com/nccgroup/BurpSuiteLoggerPlusPlus)||![](https://img.shields.io/github/stars/nccgroup/BurpSuiteLoggerPlusPlus?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[inql](https://github.com/doyensec/inql)||![](https://img.shields.io/github/stars/doyensec/inql?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[burp-piper](https://github.com/silentsignal/burp-piper)||![](https://img.shields.io/github/stars/silentsignal/burp-piper?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Kotlin](/images/kotlin.png)](/categorize/langs/Kotlin.md)|\n|Utils|[reflect](https://github.com/cak/reflect)||![](https://img.shields.io/github/stars/cak/reflect?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)[![Kotlin](/images/kotlin.png)](/categorize/langs/Kotlin.md)|\n|Utils|[Stepper](https://github.com/CoreyD97/Stepper)||![](https://img.shields.io/github/stars/CoreyD97/Stepper?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[http-script-generator](https://github.com/h3xstream/http-script-generator)||![](https://img.shields.io/github/stars/h3xstream/http-script-generator?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[taborator](https://github.com/hackvertor/taborator)||![](https://img.shields.io/github/stars/hackvertor/taborator?label=%20)|[`oast`](/categorize/tags/oast.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[EvenBetter](https://github.com/bebiksior/EvenBetter)|EvenBetter is a frontend Caido plugin that makes the Caido experience even better|![](https://img.shields.io/github/stars/bebiksior/EvenBetter?label=%20)|[`encode`](/categorize/tags/encode.md) [`ssrf`](/categorize/tags/ssrf.md) [`darkmode`](/categorize/tags/darkmode.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![caido](/images/caido.png)[![TypeScript](/images/typescript.png)](/categorize/langs/TypeScript.md)|\n|Utils|[EvenBetterExtensions](https://github.com/bebiksior/EvenBetterExtensions)|EvenBetterExtensions allows you to quicky install and keep updated Caido extensions.|![](https://img.shields.io/github/stars/bebiksior/EvenBetterExtensions?label=%20)|[`encode`](/categorize/tags/encode.md) [`ssrf`](/categorize/tags/ssrf.md) [`darkmode`](/categorize/tags/darkmode.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![caido](/images/caido.png)[![TypeScript](/images/typescript.png)](/categorize/langs/TypeScript.md)|\n|Utils|[BurpCustomizer](https://github.com/CoreyD97/BurpCustomizer)|Because just a dark theme wasn't enough!|![](https://img.shields.io/github/stars/CoreyD97/BurpCustomizer?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[Berserko](https://github.com/nccgroup/Berserko)|Burp Suite extension to perform Kerberos authentication|![](https://img.shields.io/github/stars/nccgroup/Berserko?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[caidope](https://github.com/skitttles-berry/caidope)|caidope - caido plugin|![](https://img.shields.io/github/stars/skitttles-berry/caidope?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![caido](/images/caido.png)[![TypeScript](/images/typescript.png)](/categorize/langs/TypeScript.md)|\n|Utils|[BurpBounty](https://github.com/wagiro/BurpBounty)||![](https://img.shields.io/github/stars/wagiro/BurpBounty?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![BlitzBasic](/images/blitzbasic.png)](/categorize/langs/BlitzBasic.md)|\n|Utils|[turbo-intruder](https://github.com/PortSwigger/turbo-intruder)||![](https://img.shields.io/github/stars/PortSwigger/turbo-intruder?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Kotlin](/images/kotlin.png)](/categorize/langs/Kotlin.md)|\n|Utils|[femida](https://github.com/wish-i-was/femida)||![](https://img.shields.io/github/stars/wish-i-was/femida?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[Decoder-Improved](https://github.com/nccgroup/Decoder-Improved)|Improved decoder for Burp Suite|![](https://img.shields.io/github/stars/nccgroup/Decoder-Improved?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[zap-hud](https://github.com/zaproxy/zap-hud)||![](https://img.shields.io/github/stars/zaproxy/zap-hud?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[knife](https://github.com/bit4woo/knife)|A burp extension that add some useful function to  Context Menu 添加一些右键菜单让burp用起来更顺畅|![](https://img.shields.io/github/stars/bit4woo/knife?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[AuthMatrix](https://github.com/SecurityInnovation/AuthMatrix)|Automated HTTP Request Repeating With Burp Suite|![](https://img.shields.io/github/stars/SecurityInnovation/AuthMatrix?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[blackboxprotobuf](https://github.com/nccgroup/blackboxprotobuf)|Blackbox protobuf is a Burp Suite extension for decoding and modifying arbitrary protobuf messages without the protobuf type definition.|![](https://img.shields.io/github/stars/nccgroup/blackboxprotobuf?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[HTTPSignatures](https://github.com/nccgroup/HTTPSignatures)|A Burp Suite extension implementing the Signing HTTP Messages draft-ietf-httpbis-message-signatures-01 draft.|![](https://img.shields.io/github/stars/nccgroup/HTTPSignatures?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[CaidoReflector](https://github.com/bebiksior/CaidoReflector)|Automatically look for paramater reflections in the HTTP response|![](https://img.shields.io/github/stars/bebiksior/CaidoReflector?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![caido](/images/caido.png)[![TypeScript](/images/typescript.png)](/categorize/langs/TypeScript.md)|\n|Utils|[burp-send-to](https://github.com/bytebutcher/burp-send-to)||![](https://img.shields.io/github/stars/bytebutcher/burp-send-to?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|utils|[owasp-zap-jwt-addon](https://github.com/SasanLabs/owasp-zap-jwt-addon)||![](https://img.shields.io/github/stars/SasanLabs/owasp-zap-jwt-addon?label=%20)|[`jwt`](/categorize/tags/jwt.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n\n## Thanks to (Contributor)\nWHW's open-source project and made it with ❤️ if you want contribute this project, please see [CONTRIBUTING.md](https://github.com/hahwul/WebHackersWeapons/blob/main/CONTRIBUTING.md) and Pull-Request with cool your contents.\n\n[![](/images/CONTRIBUTORS.svg)](https://github.com/hahwul/WebHackersWeapons/graphs/contributors)\n\n"
  },
  {
    "path": "SECURITY.md",
    "content": "# Security Policy\n\n## Supported Versions\n\nUse this section to tell people about which versions of your project are\ncurrently being supported with security updates.\n\n| Version | Supported          |\n| ------- | ------------------ |\n| 5.1.x   | :white_check_mark: |\n| 5.0.x   | :x:                |\n| 4.0.x   | :white_check_mark: |\n| < 4.0   | :x:                |\n\n## Reporting a Vulnerability\n\nUse this section to tell people how to report a vulnerability.\n\nTell them where to go, how often they can expect to get an update on a\nreported vulnerability, what to expect if the vulnerability is accepted or\ndeclined, etc.\n"
  },
  {
    "path": "categorize/langs/BlitzBasic.md",
    "content": "\n## Tools Made of BlitzBasic\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Utils|[IntruderPayloads](https://github.com/1N3/IntruderPayloads)||![](https://img.shields.io/github/stars/1N3/IntruderPayloads?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![BlitzBasic](/images/blitzbasic.png)](/categorize/langs/BlitzBasic.md)|\n|Utils|[BurpBounty](https://github.com/wagiro/BurpBounty)||![](https://img.shields.io/github/stars/wagiro/BurpBounty?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![BlitzBasic](/images/blitzbasic.png)](/categorize/langs/BlitzBasic.md)|\n\n"
  },
  {
    "path": "categorize/langs/C#.md",
    "content": "\n## Tools Made of C#\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Scanner|[ConfusedDotnet](https://github.com/visma-prodsec/ConfusedDotnet)|Tool to check for dependency confusion vulnerabilities in NuGet package management systems|![](https://img.shields.io/github/stars/visma-prodsec/ConfusedDotnet?label=%20)|[`dependency-confusion`](/categorize/tags/dependency-confusion.md)|![windows](/images/windows.png)[![C#](/images/c%23.png)](/categorize/langs/C%23.md)|\n|Utils|[ysoserial.net](https://github.com/pwntester/ysoserial.net)|Deserialization payload generator for a variety of .NET formatters |![](https://img.shields.io/github/stars/pwntester/ysoserial.net?label=%20)|[`deserialize`](/categorize/tags/deserialize.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![C#](/images/c%23.png)](/categorize/langs/C%23.md)|\n|Utils|[Blacklist3r](https://github.com/NotSoSecure/Blacklist3r)|project-blacklist3r |![](https://img.shields.io/github/stars/NotSoSecure/Blacklist3r?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![C#](/images/c%23.png)](/categorize/langs/C%23.md)|\n\n"
  },
  {
    "path": "categorize/langs/C++.md",
    "content": "\n## Tools Made of C++\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Utils|[Clipboard](https://github.com/Slackadays/Clipboard)|An external brain that remembers anything, anytime, anywhere.|![](https://img.shields.io/github/stars/Slackadays/Clipboard?label=%20)|[`clipboard`](/categorize/tags/clipboard.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![C++](/images/c++.png)](/categorize/langs/C++.md)|\n|Utils|[security-research-pocs](https://github.com/google/security-research-pocs)|Proof-of-concept codes created as part of security research done by Google Security Team.|![](https://img.shields.io/github/stars/google/security-research-pocs?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![C++](/images/c++.png)](/categorize/langs/C++.md)|\n\n"
  },
  {
    "path": "categorize/langs/C.md",
    "content": "\n## Tools Made of C\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Recon|[masscan](https://github.com/robertdavidgraham/masscan)|TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes. |![](https://img.shields.io/github/stars/robertdavidgraham/masscan?label=%20)|[`portscan`](/categorize/tags/portscan.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![C](/images/c.png)](/categorize/langs/C.md)|\n|Fuzzer|[c-jwt-cracker](https://github.com/brendan-rius/c-jwt-cracker)|JWT brute force cracker written in C |![](https://img.shields.io/github/stars/brendan-rius/c-jwt-cracker?label=%20)|[`jwt`](/categorize/tags/jwt.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![C](/images/c.png)](/categorize/langs/C.md)|\n|Fuzzer|[hashcat](https://github.com/hashcat/hashcat/)|World's fastest and most advanced password recovery utility |![](https://img.shields.io/github/stars/hashcat/hashcat/?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![C](/images/c.png)](/categorize/langs/C.md)|\n|Fuzzer|[thc-hydra](https://github.com/vanhauser-thc/thc-hydra)|hydra |![](https://img.shields.io/github/stars/vanhauser-thc/thc-hydra?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![C](/images/c.png)](/categorize/langs/C.md)|\n|Scanner|[nmap](https://github.com/nmap/nmap)|Nmap - the Network Mapper. Github mirror of official SVN repository. |![](https://img.shields.io/github/stars/nmap/nmap?label=%20)|[`portscan`](/categorize/tags/portscan.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![C](/images/c.png)](/categorize/langs/C.md)|\n|Utils|[curl](https://github.com/curl/curl)|A command line tool and library for transferring data with URL syntax, supporting HTTP, HTTPS, FTP, FTPS, GOPHER, TFTP, SCP, SFTP, SMB, TELNET, DICT, LDAP, LDAPS, MQTT, FILE, IMAP, SMTP, POP3, RTSP and RTMP. libcurl offers a myriad of powerful features|![](https://img.shields.io/github/stars/curl/curl?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![C](/images/c.png)](/categorize/langs/C.md)|\n\n"
  },
  {
    "path": "categorize/langs/CSS.md",
    "content": "\n## Tools Made of CSS\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Utils|[Assetnote Wordlists](https://github.com/assetnote/wordlists)|Automated & Manual Wordlists provided by Assetnote|![](https://img.shields.io/github/stars/assetnote/wordlists?label=%20)|[`wordlist`](/categorize/tags/wordlist.md) [`documents`](/categorize/tags/documents.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![CSS](/images/css.png)](/categorize/langs/CSS.md)|\n\n"
  },
  {
    "path": "categorize/langs/Crystal.md",
    "content": "\n## Tools Made of Crystal\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Recon|[noir](https://github.com/noir-cr/noir)|Attack surface detector that identifies endpoints by static analysis|![](https://img.shields.io/github/stars/noir-cr/noir?label=%20)|[`endpoint`](/categorize/tags/endpoint.md) [`url`](/categorize/tags/url.md) [`attack-surface`](/categorize/tags/attack-surface.md)|![linux](/images/linux.png)![macos](/images/apple.png)[![Crystal](/images/crystal.png)](/categorize/langs/Crystal.md)|\n|Utils|[eoyc](https://github.com/hahwul/eoyc)|Encoding Only Your Choices|![](https://img.shields.io/github/stars/hahwul/eoyc?label=%20)|[`encode`](/categorize/tags/encode.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Crystal](/images/crystal.png)](/categorize/langs/Crystal.md)|\n\n"
  },
  {
    "path": "categorize/langs/Go.md",
    "content": "\n## Tools Made of Go\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Army-Knife|[jaeles](https://github.com/jaeles-project/jaeles)|The Swiss Army knife for automated Web Application Testing |![](https://img.shields.io/github/stars/jaeles-project/jaeles?label=%20)|[`live-audit`](/categorize/tags/live-audit.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Proxy|[Glorp](https://github.com/denandz/glorp)|A CLI-based HTTP intercept and replay proxy|![](https://img.shields.io/github/stars/denandz/glorp?label=%20)|[`mitmproxy`](/categorize/tags/mitmproxy.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Proxy|[proxify](https://github.com/projectdiscovery/proxify)|Swiss Army knife Proxy tool for HTTP/HTTPS traffic capture, manipulation and replay|![](https://img.shields.io/github/stars/projectdiscovery/proxify?label=%20)|[`mitmproxy`](/categorize/tags/mitmproxy.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Proxy|[hetty](https://github.com/dstotijn/hetty)|Hetty is an HTTP toolkit for security research. It aims to become an open source alternative to commercial software like Burp Suite Pro, with powerful features tailored to the needs of the infosec and bug bounty community.|![](https://img.shields.io/github/stars/dstotijn/hetty?label=%20)|[`mitmproxy`](/categorize/tags/mitmproxy.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[asnmap](https://github.com/projectdiscovery/asnmap)|Go CLI and Library for quickly mapping organization network ranges using ASN information|![](https://img.shields.io/github/stars/projectdiscovery/asnmap?label=%20)|[`asn`](/categorize/tags/asn.md) [`network-mapping`](/categorize/tags/network-mapping.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[uncover](https://github.com/projectdiscovery/uncover)|Quickly discover exposed hosts on the internet using multiple search engine.|![](https://img.shields.io/github/stars/projectdiscovery/uncover?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[cloudlist](https://github.com/projectdiscovery/cloudlist)|Cloudlist is a tool for listing Assets from multiple Cloud Providers|![](https://img.shields.io/github/stars/projectdiscovery/cloudlist?label=%20)|[`cloud`](/categorize/tags/cloud.md) [`asset-discovery`](/categorize/tags/asset-discovery.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[puredns](https://github.com/d3mondev/puredns)|Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.|![](https://img.shields.io/github/stars/d3mondev/puredns?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`dns`](/categorize/tags/dns.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[hakrevdns](https://github.com/hakluke/hakrevdns)|Small, fast tool for performing reverse DNS lookups en masse. |![](https://img.shields.io/github/stars/hakluke/hakrevdns?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[waybackurls](https://github.com/tomnomnom/waybackurls)|Fetch all the URLs that the Wayback Machine knows about for a domain |![](https://img.shields.io/github/stars/tomnomnom/waybackurls?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[csprecon](https://github.com/edoardottt/csprecon)|Discover new target domains using Content Security Policy|![](https://img.shields.io/github/stars/edoardottt/csprecon?label=%20)|[`csp`](/categorize/tags/csp.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[meg](https://github.com/tomnomnom/meg)|Fetch many paths for many hosts - without killing the hosts |![](https://img.shields.io/github/stars/tomnomnom/meg?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[tlsx](https://github.com/projectdiscovery/tlsx)|Fast and configurable TLS grabber focused on TLS based data collection|![](https://img.shields.io/github/stars/projectdiscovery/tlsx?label=%20)|[`ssl`](/categorize/tags/ssl.md) [`tls`](/categorize/tags/tls.md) [`certificates`](/categorize/tags/certificates.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[Osmedeus](https://github.com/j3ssie/Osmedeus)|Fully automated offensive security framework for reconnaissance and vulnerability scanning |![](https://img.shields.io/github/stars/j3ssie/Osmedeus?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[gauplus](https://github.com/bp0lr/gauplus)|A modified version of gau for personal usage. Support workers, proxies and some extra things.|![](https://img.shields.io/github/stars/bp0lr/gauplus?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[htcat](https://github.com/htcat/htcat)|Parallel and Pipelined HTTP GET Utility |![](https://img.shields.io/github/stars/htcat/htcat?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[github-endpoints](https://github.com/gwen001/github-endpoints)|Find endpoints on GitHub.|![](https://img.shields.io/github/stars/gwen001/github-endpoints?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[scilla](https://github.com/edoardottt/scilla)|🏴‍☠️ Information Gathering tool 🏴‍☠️ dns/subdomain/port enumeration|![](https://img.shields.io/github/stars/edoardottt/scilla?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`dns`](/categorize/tags/dns.md) [`port`](/categorize/tags/port.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[zdns](https://github.com/zmap/zdns)|Fast CLI DNS Lookup Tool|![](https://img.shields.io/github/stars/zmap/zdns?label=%20)|[`dns`](/categorize/tags/dns.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[favirecon](https://github.com/edoardottt/favirecon)|Use favicon.ico to improve your target recon phase. Quickly detect technologies, WAF, exposed panels, known services.|![](https://img.shields.io/github/stars/edoardottt/favirecon?label=%20)|[`favicon`](/categorize/tags/favicon.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[httpx](https://github.com/projectdiscovery/httpx)|httpx is a fast and multi-purpose HTTP toolkit allow to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads. |![](https://img.shields.io/github/stars/projectdiscovery/httpx?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[shosubgo](https://github.com/incogbyte/shosubgo)|Small tool to Grab subdomains using Shodan api.|![](https://img.shields.io/github/stars/incogbyte/shosubgo?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[gowitness](https://github.com/sensepost/gowitness)|🔍 gowitness - a golang, web screenshot utility using Chrome Headless |![](https://img.shields.io/github/stars/sensepost/gowitness?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[go-dork](https://github.com/dwisiswant0/go-dork)|The fastest dork scanner written in Go. |![](https://img.shields.io/github/stars/dwisiswant0/go-dork?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[gobuster](https://github.com/OJ/gobuster)|Directory/File, DNS and VHost busting tool written in Go |![](https://img.shields.io/github/stars/OJ/gobuster?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[dnsx](https://github.com/projectdiscovery/dnsx)|dnsx is a fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolvers.|![](https://img.shields.io/github/stars/projectdiscovery/dnsx?label=%20)|[`dns`](/categorize/tags/dns.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[goverview](https://github.com/j3ssie/goverview)|goverview - Get an overview of the list of URLs|![](https://img.shields.io/github/stars/j3ssie/goverview?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[crawlergo](https://github.com/Qianlitp/crawlergo)|A powerful browser crawler for web vulnerability scanners|![](https://img.shields.io/github/stars/Qianlitp/crawlergo?label=%20)|[`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[Sub404](https://github.com/r3curs1v3-pr0xy/sub404)|A python tool to check subdomain takeover vulnerability|![](https://img.shields.io/github/stars/r3curs1v3-pr0xy/sub404?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`takeover`](/categorize/tags/takeover.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[xurlfind3r](https://github.com/hueristiq/xurlfind3r)|A command-line utility designed to discover URLs for a given domain in a simple, efficient way.|![](https://img.shields.io/github/stars/hueristiq/xurlfind3r?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[cariddi](https://github.com/edoardottt/cariddi)|Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more|![](https://img.shields.io/github/stars/edoardottt/cariddi?label=%20)|[`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[haktrails](https://github.com/hakluke/haktrails)|Golang client for querying SecurityTrails API data|![](https://img.shields.io/github/stars/hakluke/haktrails?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[dmut](https://github.com/bp0lr/dmut)|A tool to perform permutations, mutations and alteration of subdomains in golang.|![](https://img.shields.io/github/stars/bp0lr/dmut?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[assetfinder](https://github.com/tomnomnom/assetfinder)|Find domains and subdomains related to a given domain |![](https://img.shields.io/github/stars/tomnomnom/assetfinder?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[gospider](https://github.com/jaeles-project/gospider)|Gospider - Fast web spider written in Go |![](https://img.shields.io/github/stars/jaeles-project/gospider?label=%20)|[`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[naabu](https://github.com/projectdiscovery/naabu)|A fast port scanner written in go with focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests |![](https://img.shields.io/github/stars/projectdiscovery/naabu?label=%20)|[`portscan`](/categorize/tags/portscan.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[dnsprobe](https://github.com/projectdiscovery/dnsprobe)|DNSProb (beta) is a tool built on top of retryabledns that allows you to perform multiple dns queries of your choice with a list of user supplied resolvers. |![](https://img.shields.io/github/stars/projectdiscovery/dnsprobe?label=%20)|[`dns`](/categorize/tags/dns.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[urlhunter](https://github.com/utkusen/urlhunter)|a recon tool that allows searching on URLs that are exposed via shortener services|![](https://img.shields.io/github/stars/utkusen/urlhunter?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[hakrawler](https://github.com/hakluke/hakrawler)|Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application |![](https://img.shields.io/github/stars/hakluke/hakrawler?label=%20)|[`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[github-subdomains](https://github.com/gwen001/github-subdomains)|Find subdomains on GitHub|![](https://img.shields.io/github/stars/gwen001/github-subdomains?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[gitrob](https://github.com/michenriksen/gitrob)|Reconnaissance tool for GitHub organizations |![](https://img.shields.io/github/stars/michenriksen/gitrob?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[aquatone](https://github.com/michenriksen/aquatone)|A Tool for Domain Flyovers |![](https://img.shields.io/github/stars/michenriksen/aquatone?label=%20)|[`domain`](/categorize/tags/domain.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[Amass](https://github.com/OWASP/Amass)|In-depth Attack Surface Mapping and Asset Discovery |![](https://img.shields.io/github/stars/OWASP/Amass?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[getJS](https://github.com/003random/getJS)|A tool to fastly get all javascript sources/files|![](https://img.shields.io/github/stars/003random/getJS?label=%20)|[`js-analysis`](/categorize/tags/js-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[subgen](https://github.com/pry0cc/subgen)|A really simple utility to concate wordlists to a domain name - to pipe into your favourite resolver!|![](https://img.shields.io/github/stars/pry0cc/subgen?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[shuffledns](https://github.com/projectdiscovery/shuffledns)|shuffleDNS is a wrapper around massdns written in go that allows you to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard handling and easy input-output support. |![](https://img.shields.io/github/stars/projectdiscovery/shuffledns?label=%20)|[`dns`](/categorize/tags/dns.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[subfinder](https://github.com/projectdiscovery/subfinder)|Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing. |![](https://img.shields.io/github/stars/projectdiscovery/subfinder?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[SubOver](https://github.com/Ice3man543/SubOver)|A Powerful Subdomain Takeover Tool|![](https://img.shields.io/github/stars/Ice3man543/SubOver?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`takeover`](/categorize/tags/takeover.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[jsluice](https://github.com/BishopFox/jsluice)|Extract URLs, paths, secrets, and other interesting bits from JavaScript|![](https://img.shields.io/github/stars/BishopFox/jsluice?label=%20)|[`js-analysis`](/categorize/tags/js-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[subjs](https://github.com/lc/subjs)|Fetches javascript file from a list of URLS or subdomains.|![](https://img.shields.io/github/stars/lc/subjs?label=%20)|[`url`](/categorize/tags/url.md) [`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[katana](https://github.com/projectdiscovery/katana)|A next-generation crawling and spidering framework.|![](https://img.shields.io/github/stars/projectdiscovery/katana?label=%20)|[`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[subzy](https://github.com/LukaSikic/subzy)|Subdomain takeover vulnerability checker|![](https://img.shields.io/github/stars/LukaSikic/subzy?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`takeover`](/categorize/tags/takeover.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[subjack](https://github.com/haccer/subjack)|Subdomain Takeover tool written in Go |![](https://img.shields.io/github/stars/haccer/subjack?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`takeover`](/categorize/tags/takeover.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[gau](https://github.com/lc/gau)|Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.|![](https://img.shields.io/github/stars/lc/gau?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[chaos-client](https://github.com/projectdiscovery/chaos-client)|Go client to communicate with Chaos DNS API. |![](https://img.shields.io/github/stars/projectdiscovery/chaos-client?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[Smap](https://github.com/s0md3v/smap/)|a drop-in replacement for Nmap powered by shodan.io|![](https://img.shields.io/github/stars/s0md3v/smap/?label=%20)|[`port`](/categorize/tags/port.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[alterx](https://github.com/projectdiscovery/alterx)|Fast and customizable subdomain wordlist generator using DSL|![](https://img.shields.io/github/stars/projectdiscovery/alterx?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`wordlist`](/categorize/tags/wordlist.md) [`permutation`](/categorize/tags/permutation.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Fuzzer|[SmuggleFuzz](https://github.com/Moopinger/smugglefuzz/)|A rapid HTTP downgrade smuggling scanner written in Go.|![](https://img.shields.io/github/stars/Moopinger/smugglefuzz/?label=%20)|[`smuggle`](/categorize/tags/smuggle.md) [`fuzz`](/categorize/tags/fuzz.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Fuzzer|[fuzzparam](https://github.com/0xsapra/fuzzparam)|A fast go based param miner to fuzz possible parameters a URL can have.|![](https://img.shields.io/github/stars/0xsapra/fuzzparam?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Fuzzer|[kiterunner](https://github.com/assetnote/kiterunner)|Contextual Content Discovery Tool|![](https://img.shields.io/github/stars/assetnote/kiterunner?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Fuzzer|[ffuf](https://github.com/ffuf/ffuf)|Fast web fuzzer written in Go |![](https://img.shields.io/github/stars/ffuf/ffuf?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Fuzzer|[medusa](https://github.com/riza/medusa)|Fastest recursive HTTP fuzzer, like a Ferrari. |![](https://img.shields.io/github/stars/riza/medusa?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Fuzzer|[headerpwn](https://github.com/devanshbatham/headerpwn)|A fuzzer for finding anomalies and analyzing how servers respond to different HTTP headers|![](https://img.shields.io/github/stars/devanshbatham/headerpwn?label=%20)|[`header`](/categorize/tags/header.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Fuzzer|[jwt-hack](https://github.com/hahwul/jwt-hack)|🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)|![](https://img.shields.io/github/stars/hahwul/jwt-hack?label=%20)|[`jwt`](/categorize/tags/jwt.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[ws-smuggler](https://github.com/hahwul/ws-smuggler)|WebSocket Connection Smuggler|![](https://img.shields.io/github/stars/hahwul/ws-smuggler?label=%20)|[`smuggle`](/categorize/tags/smuggle.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[osv-scanner](https://github.com/google/osv-scanner)|Vulnerability scanner which uses the OSV database to find vulnerabilities in open source projects|![](https://img.shields.io/github/stars/google/osv-scanner?label=%20)|[`vulnerability-scanner`](/categorize/tags/vulnerability-scanner.md) [`dependency-scanning`](/categorize/tags/dependency-scanning.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[trivy](https://github.com/aquasecurity/trivy)|Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more|![](https://img.shields.io/github/stars/aquasecurity/trivy?label=%20)|[`vulnerability-scanner`](/categorize/tags/vulnerability-scanner.md) [`container-security`](/categorize/tags/container-security.md) [`sbom`](/categorize/tags/sbom.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[Deadsniper](https://github.com/port19x/deadsniper)|A fast, specialized dead-link checker|![](https://img.shields.io/github/stars/port19x/deadsniper?label=%20)|[`broken-link`](/categorize/tags/broken-link.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[gitleaks](https://github.com/zricethezav/gitleaks)|Scan git repos (or files) for secrets using regex and entropy 🔑|![](https://img.shields.io/github/stars/zricethezav/gitleaks?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[scan4all](https://github.com/hktalent/scan4all)|Official repository vuls Scan|![](https://img.shields.io/github/stars/hktalent/scan4all?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[httprobe](https://github.com/tomnomnom/httprobe)|Take a list of domains and probe for working HTTP and HTTPS servers |![](https://img.shields.io/github/stars/tomnomnom/httprobe?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[pphack](https://github.com/edoardottt/pphack)|The Most Advanced Client-Side Prototype Pollution Scanner|![](https://img.shields.io/github/stars/edoardottt/pphack?label=%20)|[`prototypepollution`](/categorize/tags/prototypepollution.md) [`prototype-pollution`](/categorize/tags/prototype-pollution.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[FockCache](https://github.com/tismayil/fockcache)|Minimalized Test Cache Poisoning|![](https://img.shields.io/github/stars/tismayil/fockcache?label=%20)|[`cache-vuln`](/categorize/tags/cache-vuln.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[h2csmuggler](https://github.com/assetnote/h2csmuggler)|HTTP Request Smuggling Detection Tool|![](https://img.shields.io/github/stars/assetnote/h2csmuggler?label=%20)|[`smuggle`](/categorize/tags/smuggle.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[nosqli](https://github.com/Charlie-belmer/nosqli)|NoSql Injection CLI tool|![](https://img.shields.io/github/stars/Charlie-belmer/nosqli?label=%20)|[`nosqli`](/categorize/tags/nosqli.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[dontgo403](https://github.com/devploit/dontgo403)|Tool to bypass 40X response codes.|![](https://img.shields.io/github/stars/devploit/dontgo403?label=%20)|[`403`](/categorize/tags/403.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[ditto](https://github.com/evilsocket/ditto)|A tool for IDN homograph attacks and detection.|![](https://img.shields.io/github/stars/evilsocket/ditto?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[wprecon](https://github.com/blackcrw/wprecon)|Hello! Welcome. Wprecon (Wordpress Recon), is a vulnerability recognition tool in CMS Wordpress, 100% developed in Go.|![](https://img.shields.io/github/stars/blackcrw/wprecon?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[websocket-connection-smuggler](https://github.com/hahwul/websocket-connection-smuggler)|websocket-connection-smuggler|![](https://img.shields.io/github/stars/hahwul/websocket-connection-smuggler?label=%20)|[`smuggle`](/categorize/tags/smuggle.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[hinject](https://github.com/dwisiswant0/hinject)|Host Header Injection Checker |![](https://img.shields.io/github/stars/dwisiswant0/hinject?label=%20)|[`header`](/categorize/tags/header.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[ppmap](https://github.com/kleiton0x00/ppmap)|A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.|![](https://img.shields.io/github/stars/kleiton0x00/ppmap?label=%20)|[`prototypepollution`](/categorize/tags/prototypepollution.md) [`prototype-pollution`](/categorize/tags/prototype-pollution.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[http2smugl](https://github.com/neex/http2smugl)|This tool helps to detect and exploit HTTP request smuggling in cases it can be achieved via HTTP/2 -> HTTP/1.1 conversion by the frontend server.|![](https://img.shields.io/github/stars/neex/http2smugl?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[Web-Cache-Vulnerability-Scanner](https://github.com/Hackmanit/Web-Cache-Vulnerability-Scanner)|Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).|![](https://img.shields.io/github/stars/Hackmanit/Web-Cache-Vulnerability-Scanner?label=%20)|[`cache-vuln`](/categorize/tags/cache-vuln.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[headi](https://github.com/mlcsec/headi)|Customisable  and automated HTTP header injection|![](https://img.shields.io/github/stars/mlcsec/headi?label=%20)|[`header`](/categorize/tags/header.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[ssrf-sheriff](https://github.com/teknogeek/ssrf-sheriff)|A simple SSRF-testing sheriff written in Go |![](https://img.shields.io/github/stars/teknogeek/ssrf-sheriff?label=%20)|[`ssrf`](/categorize/tags/ssrf.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[CorsMe](https://github.com/Shivangx01b/CorsMe)|Cross Origin Resource Sharing MisConfiguration Scanner |![](https://img.shields.io/github/stars/Shivangx01b/CorsMe?label=%20)|[`cors`](/categorize/tags/cors.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[trufflehog](https://github.com/trufflesecurity/trufflehog)|Find and verify credentials in git repositories, filesystems, and S3 buckets|![](https://img.shields.io/github/stars/trufflesecurity/trufflehog?label=%20)|[`secret-scanning`](/categorize/tags/secret-scanning.md) [`credentials`](/categorize/tags/credentials.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[dalfox](https://github.com/hahwul/dalfox)|🌘🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.|![](https://img.shields.io/github/stars/hahwul/dalfox?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[plution](https://github.com/raverrr/plution)|Prototype pollution scanner using headless chrome|![](https://img.shields.io/github/stars/raverrr/plution?label=%20)|[`prototypepollution`](/categorize/tags/prototypepollution.md) [`prototype-pollution`](/categorize/tags/prototype-pollution.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[nuclei](https://github.com/projectdiscovery/nuclei)|Nuclei is a fast tool for configurable targeted scanning based on templates offering massive extensibility and ease of use. |![](https://img.shields.io/github/stars/projectdiscovery/nuclei?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[confused](https://github.com/visma-prodsec/confused)|Tool to check for dependency confusion vulnerabilities in multiple package management systems|![](https://img.shields.io/github/stars/visma-prodsec/confused?label=%20)|[`dependency-confusion`](/categorize/tags/dependency-confusion.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[DirDar](https://github.com/M4DM0e/DirDar)|DirDar is a tool that searches for (403-Forbidden) directories to break it and get dir listing on it|![](https://img.shields.io/github/stars/M4DM0e/DirDar?label=%20)|[`403`](/categorize/tags/403.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Exploit|[xxeserv](https://github.com/staaldraad/xxeserv)|A mini webserver with FTP support for XXE payloads|![](https://img.shields.io/github/stars/staaldraad/xxeserv?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[gotator](https://github.com/Josue87/gotator)|Gotator is a tool to generate DNS wordlists through permutations.|![](https://img.shields.io/github/stars/Josue87/gotator?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[wuzz](https://github.com/asciimoo/wuzz)|Interactive cli tool for HTTP inspection |![](https://img.shields.io/github/stars/asciimoo/wuzz?label=%20)|[`http`](/categorize/tags/http.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[mapcidr](https://github.com/projectdiscovery/mapcidr)|Utility program to perform multiple operations for a given subnet/CIDR ranges|![](https://img.shields.io/github/stars/projectdiscovery/mapcidr?label=%20)|[`cidr`](/categorize/tags/cidr.md) [`network`](/categorize/tags/network.md) [`ip-manipulation`](/categorize/tags/ip-manipulation.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[dsieve](https://github.com/trickest/dsieve)|Filter and enrich a list of subdomains by level|![](https://img.shields.io/github/stars/trickest/dsieve?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[urlprobe](https://github.com/1ndianl33t/urlprobe)|Urls status code & content length checker |![](https://img.shields.io/github/stars/1ndianl33t/urlprobe?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[Emissary](https://github.com/BountyStrike/Emissary)|Send notifications on different channels such as Slack, Telegram, Discord etc.|![](https://img.shields.io/github/stars/BountyStrike/Emissary?label=%20)|[`notify`](/categorize/tags/notify.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[cf-check](https://github.com/dwisiswant0/cf-check)|Cloudflare Checker written in Go |![](https://img.shields.io/github/stars/dwisiswant0/cf-check?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[anew](https://github.com/tomnomnom/anew)|A tool for adding new lines to files, skipping duplicates|![](https://img.shields.io/github/stars/tomnomnom/anew?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[mubeng](https://github.com/kitabisa/mubeng)|An incredibly fast proxy checker & IP rotator with ease.|![](https://img.shields.io/github/stars/kitabisa/mubeng?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[github-regexp](https://github.com/gwen001/github-regexp)|Basically a regexp over a GitHub search.|![](https://img.shields.io/github/stars/gwen001/github-regexp?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[fff](https://github.com/tomnomnom/fff)|The Fairly Fast Fetcher. Requests a bunch of URLs provided on stdin fairly quickly.|![](https://img.shields.io/github/stars/tomnomnom/fff?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[hakcheckurl](https://github.com/hakluke/hakcheckurl)|Takes a list of URLs and returns their HTTP response codes|![](https://img.shields.io/github/stars/hakluke/hakcheckurl?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[fzf](https://github.com/junegunn/fzf)|A command-line fuzzy finder|![](https://img.shields.io/github/stars/junegunn/fzf?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[dnsobserver](https://github.com/allyomalley/dnsobserver)|A handy DNS service written in Go to aid in the detection of several types of blind vulnerabilities. It monitors a pentester's server for out-of-band DNS interactions and sends lookup notifications via Slack. |![](https://img.shields.io/github/stars/allyomalley/dnsobserver?label=%20)|[`oast`](/categorize/tags/oast.md) [`dns`](/categorize/tags/dns.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[TukTuk](https://github.com/ArturSS7/TukTuk)|Tool for catching and logging different types of requests. |![](https://img.shields.io/github/stars/ArturSS7/TukTuk?label=%20)|[`oast`](/categorize/tags/oast.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[urlgrab](https://github.com/IAmStoxe/urlgrab)|A golang utility to spider through a website searching for additional links. |![](https://img.shields.io/github/stars/IAmStoxe/urlgrab?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[interactsh](https://github.com/projectdiscovery/interactsh)|An OOB interaction gathering server and client library|![](https://img.shields.io/github/stars/projectdiscovery/interactsh?label=%20)|[`oast`](/categorize/tags/oast.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[gxss](https://github.com/rverton/gxss)|Blind XSS service alerting over slack or email|![](https://img.shields.io/github/stars/rverton/gxss?label=%20)|[`xss`](/categorize/tags/xss.md) [`blind-xss`](/categorize/tags/blind-xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[boast](https://github.com/marcoagner/boast)|The BOAST Outpost for AppSec Testing (v0.1.0)|![](https://img.shields.io/github/stars/marcoagner/boast?label=%20)|[`oast`](/categorize/tags/oast.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[burl](https://github.com/tomnomnom/burl)|A Broken-URL Checker |![](https://img.shields.io/github/stars/tomnomnom/burl?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[nuclei-templates](https://github.com/projectdiscovery/nuclei-templates)|Community curated list of templates for the nuclei engine to find security vulnerabilities.|![](https://img.shields.io/github/stars/projectdiscovery/nuclei-templates?label=%20)|[`nuclei-templates`](/categorize/tags/nuclei-templates.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[pdtm](https://github.com/projectdiscovery/pdtm)|ProjectDiscovery's Open Source Tool Manager|![](https://img.shields.io/github/stars/projectdiscovery/pdtm?label=%20)|[`package-manager`](/categorize/tags/package-manager.md) [`tools-management`](/categorize/tags/tools-management.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[blistener](https://github.com/fyxme/blistener)|Blind-XSS listener with payloads|![](https://img.shields.io/github/stars/fyxme/blistener?label=%20)|[`xss`](/categorize/tags/xss.md) [`blind-xss`](/categorize/tags/blind-xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[qsreplace](https://github.com/tomnomnom/qsreplace)|Accept URLs on stdin, replace all query string values with a user-supplied value |![](https://img.shields.io/github/stars/tomnomnom/qsreplace?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[gron](https://github.com/tomnomnom/gron)|Make JSON greppable!|![](https://img.shields.io/github/stars/tomnomnom/gron?label=%20)|[`json`](/categorize/tags/json.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[slackcat](https://github.com/bcicen/slackcat)|CLI utility to post files and command output to slack|![](https://img.shields.io/github/stars/bcicen/slackcat?label=%20)|[`notify`](/categorize/tags/notify.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[s3reverse](https://github.com/hahwul/s3reverse)|The format of various s3 buckets is convert in one format. for bugbounty and security testing. |![](https://img.shields.io/github/stars/hahwul/s3reverse?label=%20)|[`s3`](/categorize/tags/s3.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[gitls](https://github.com/hahwul/gitls)|Listing git repository from URL/User/Org|![](https://img.shields.io/github/stars/hahwul/gitls?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[gee](https://github.com/hahwul/gee)|🏵 Gee is tool of stdin to each files and stdout. It is similar to the tee command, but there are more functions for convenience. In addition, it was written as go|![](https://img.shields.io/github/stars/hahwul/gee?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[race-the-web](https://github.com/TheHackerDev/race-the-web)|Tests for race conditions in web applications by sending out a user-specified number of requests to a target URL (or URLs) simultaneously, and then compares the responses from the server for uniqueness.|![](https://img.shields.io/github/stars/TheHackerDev/race-the-web?label=%20)|[`race-condition`](/categorize/tags/race-condition.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[gotestwaf](https://github.com/wallarm/gotestwaf)|An open-source project in Golang to test different web application firewalls (WAF) for detection logic and bypasses|![](https://img.shields.io/github/stars/wallarm/gotestwaf?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[gf](https://github.com/tomnomnom/gf)|A wrapper around grep, to help you grep for things |![](https://img.shields.io/github/stars/tomnomnom/gf?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[godeclutter](https://github.com/c3l3si4n/godeclutter)|Declutters URLs in a fast and flexible way, for improving input for web hacking automations such as crawlers and vulnerability scans.|![](https://img.shields.io/github/stars/c3l3si4n/godeclutter?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[hacks](https://github.com/tomnomnom/hacks)|A collection of hacks and one-off scripts |![](https://img.shields.io/github/stars/tomnomnom/hacks?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[unfurl](https://github.com/tomnomnom/unfurl)|Pull out bits of URLs provided on stdin |![](https://img.shields.io/github/stars/tomnomnom/unfurl?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[pet](https://github.com/knqyf263/pet)|Simple command-line snippet manager, written in Go.|![](https://img.shields.io/github/stars/knqyf263/pet?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[cent](https://github.com/xm1k3/cent)|Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place.|![](https://img.shields.io/github/stars/xm1k3/cent?label=%20)|[`nuclei-templates`](/categorize/tags/nuclei-templates.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n\n"
  },
  {
    "path": "categorize/langs/HTML.md",
    "content": "\n## Tools Made of HTML\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Utils|[autochrome](https://github.com/nccgroup/autochrome)|This tool downloads, installs, and configures a shiny new copy of Chromium.|![](https://img.shields.io/github/stars/nccgroup/autochrome?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![HTML](/images/html.png)](/categorize/langs/HTML.md)|\n|Utils|[security-crawl-maze](https://github.com/google/security-crawl-maze)|Security Crawl Maze is a comprehensive testbed for web security crawlers. It contains pages representing many ways in which one can link resources from a valid HTML document.|![](https://img.shields.io/github/stars/google/security-crawl-maze?label=%20)|[`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![HTML](/images/html.png)](/categorize/langs/HTML.md)|\n\n"
  },
  {
    "path": "categorize/langs/Java.md",
    "content": "\n## Tools Made of Java\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Army-Knife|[ZAP](https://github.com/zaproxy/zaproxy)|The ZAP core project|![](https://img.shields.io/github/stars/zaproxy/zaproxy?label=%20)|[`mitmproxy`](/categorize/tags/mitmproxy.md) [`live-audit`](/categorize/tags/live-audit.md) [`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Army-Knife|[BurpSuite](https://portswigger.net/burp)|The BurpSuite Project||[`mitmproxy`](/categorize/tags/mitmproxy.md) [`live-audit`](/categorize/tags/live-audit.md) [`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Recon|[attack-surface-detector-burp](https://github.com/secdec/attack-surface-detector-burp)|The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters|![](https://img.shields.io/github/stars/secdec/attack-surface-detector-burp?label=%20)|[`endpoint`](/categorize/tags/endpoint.md) [`url`](/categorize/tags/url.md) [`attack-surface`](/categorize/tags/attack-surface.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Recon|[attack-surface-detector-zap](https://github.com/secdec/attack-surface-detector-zap)|The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters|![](https://img.shields.io/github/stars/secdec/attack-surface-detector-zap?label=%20)|[`endpoint`](/categorize/tags/endpoint.md) [`url`](/categorize/tags/url.md) [`attack-surface`](/categorize/tags/attack-surface.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Recon|[reflected-parameters](https://github.com/PortSwigger/reflected-parameters)||![](https://img.shields.io/github/stars/PortSwigger/reflected-parameters?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Fuzzer|[param-miner](https://github.com/PortSwigger/param-miner)|Param Miner|![](https://img.shields.io/github/stars/PortSwigger/param-miner?label=%20)|[`param`](/categorize/tags/param.md) [`cache-vuln`](/categorize/tags/cache-vuln.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Scanner|[collaborator-everywhere](https://github.com/PortSwigger/collaborator-everywhere)||![](https://img.shields.io/github/stars/PortSwigger/collaborator-everywhere?label=%20)|[`oast`](/categorize/tags/oast.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Scanner|[DeepViolet](https://github.com/spoofzu/DeepViolet)|Tool for introspection of SSL\\TLS sessions|![](https://img.shields.io/github/stars/spoofzu/DeepViolet?label=%20)|[`ssl`](/categorize/tags/ssl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Scanner|[http-request-smuggler](https://github.com/PortSwigger/http-request-smuggler)||![](https://img.shields.io/github/stars/PortSwigger/http-request-smuggler?label=%20)|[`smuggle`](/categorize/tags/smuggle.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Scanner|[csp-auditor](https://github.com/GoSecure/csp-auditor)||![](https://img.shields.io/github/stars/GoSecure/csp-auditor?label=%20)|[`csp`](/categorize/tags/csp.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Scanner|[BurpSuiteHTTPSmuggler](https://github.com/nccgroup/BurpSuiteHTTPSmuggler)||![](https://img.shields.io/github/stars/nccgroup/BurpSuiteHTTPSmuggler?label=%20)|[`smuggle`](/categorize/tags/smuggle.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Exploit|[BaRMIe](https://github.com/NickstaDB/BaRMIe)|Java RMI enumeration and attack tool.|![](https://img.shields.io/github/stars/NickstaDB/BaRMIe?label=%20)|[`RMI`](/categorize/tags/RMI.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[GadgetProbe](https://github.com/BishopFox/GadgetProbe)|Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.|![](https://img.shields.io/github/stars/BishopFox/GadgetProbe?label=%20)|[`deserialize`](/categorize/tags/deserialize.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[Web3 Decoder](https://github.com/nccgroup/web3-decoder)|Burp Extension for Web3|![](https://img.shields.io/github/stars/nccgroup/web3-decoder?label=%20)|[`web3`](/categorize/tags/web3.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[pcap-burp](https://github.com/nccgroup/pcap-burp)|Pcap importer for Burp|![](https://img.shields.io/github/stars/nccgroup/pcap-burp?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[safecopy](https://github.com/yashrs/safecopy)||![](https://img.shields.io/github/stars/yashrs/safecopy?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|utils|[Neonmarker](https://github.com/kingthorin/neonmarker)||![](https://img.shields.io/github/stars/kingthorin/neonmarker?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[AWSSigner](https://github.com/NetSPI/AWSSigner)|Burp Extension for AWS Signing|![](https://img.shields.io/github/stars/NetSPI/AWSSigner?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[Map Local](https://github.com/Keindel/owasp-zap-maplocal-addon)|ZAP add-on which allows mapping of responses to content of a chosen local file.|![](https://img.shields.io/github/stars/Keindel/owasp-zap-maplocal-addon?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[BurpSuiteLoggerPlusPlus](https://github.com/nccgroup/BurpSuiteLoggerPlusPlus)||![](https://img.shields.io/github/stars/nccgroup/BurpSuiteLoggerPlusPlus?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[Stepper](https://github.com/CoreyD97/Stepper)||![](https://img.shields.io/github/stars/CoreyD97/Stepper?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[http-script-generator](https://github.com/h3xstream/http-script-generator)||![](https://img.shields.io/github/stars/h3xstream/http-script-generator?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[taborator](https://github.com/hackvertor/taborator)||![](https://img.shields.io/github/stars/hackvertor/taborator?label=%20)|[`oast`](/categorize/tags/oast.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[SerializationDumper](https://github.com/NickstaDB/SerializationDumper)|A tool to dump Java serialization streams in a more human readable form.|![](https://img.shields.io/github/stars/NickstaDB/SerializationDumper?label=%20)|[`deserialize`](/categorize/tags/deserialize.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[BurpCustomizer](https://github.com/CoreyD97/BurpCustomizer)|Because just a dark theme wasn't enough!|![](https://img.shields.io/github/stars/CoreyD97/BurpCustomizer?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[Berserko](https://github.com/nccgroup/Berserko)|Burp Suite extension to perform Kerberos authentication|![](https://img.shields.io/github/stars/nccgroup/Berserko?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[Decoder-Improved](https://github.com/nccgroup/Decoder-Improved)|Improved decoder for Burp Suite|![](https://img.shields.io/github/stars/nccgroup/Decoder-Improved?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[ysoserial](https://github.com/frohoff/ysoserial)|A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization. |![](https://img.shields.io/github/stars/frohoff/ysoserial?label=%20)|[`deserialize`](/categorize/tags/deserialize.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[zap-hud](https://github.com/zaproxy/zap-hud)||![](https://img.shields.io/github/stars/zaproxy/zap-hud?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[knife](https://github.com/bit4woo/knife)|A burp extension that add some useful function to  Context Menu 添加一些右键菜单让burp用起来更顺畅|![](https://img.shields.io/github/stars/bit4woo/knife?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[AuthMatrix](https://github.com/SecurityInnovation/AuthMatrix)|Automated HTTP Request Repeating With Burp Suite|![](https://img.shields.io/github/stars/SecurityInnovation/AuthMatrix?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[HTTPSignatures](https://github.com/nccgroup/HTTPSignatures)|A Burp Suite extension implementing the Signing HTTP Messages draft-ietf-httpbis-message-signatures-01 draft.|![](https://img.shields.io/github/stars/nccgroup/HTTPSignatures?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[burp-send-to](https://github.com/bytebutcher/burp-send-to)||![](https://img.shields.io/github/stars/bytebutcher/burp-send-to?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|utils|[owasp-zap-jwt-addon](https://github.com/SasanLabs/owasp-zap-jwt-addon)||![](https://img.shields.io/github/stars/SasanLabs/owasp-zap-jwt-addon?label=%20)|[`jwt`](/categorize/tags/jwt.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n\n"
  },
  {
    "path": "categorize/langs/JavaScript.md",
    "content": "\n## Tools Made of JavaScript\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Proxy|[rep](https://github.com/repplus/rep)|Chrome DevTools extension for capturing, modifying, and replaying HTTP requests with AI-powered security analysis|![](https://img.shields.io/github/stars/repplus/rep?label=%20)|[`http`](/categorize/tags/http.md) [`repeater`](/categorize/tags/repeater.md)|![chrome](/images/chrome.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Recon|[burp-retire-js](https://github.com/h3xstream/burp-retire-js)||![](https://img.shields.io/github/stars/h3xstream/burp-retire-js?label=%20)|[`js-analysis`](/categorize/tags/js-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Recon|[rengine](https://github.com/yogeshojha/rengine)|reNgine is an automated reconnaissance framework meant for gathering information during penetration testing of web applications. reNgine has customizable scan engines, which can be used to scan the websites, endpoints, and gather information. |![](https://img.shields.io/github/stars/yogeshojha/rengine?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Recon|[DotGit](https://github.com/davtur19/DotGit)|An extension for checking if .git is exposed in visited websites|![](https://img.shields.io/github/stars/davtur19/DotGit?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![firefox](/images/firefox.png)![chrome](/images/chrome.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Fuzzer|[jwt-cracker](https://github.com/lmammino/jwt-cracker)|Simple HS256 JWT token brute force cracker |![](https://img.shields.io/github/stars/lmammino/jwt-cracker?label=%20)|[`jwt`](/categorize/tags/jwt.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Scanner|[PPScan](https://github.com/msrkp/PPScan)|Client Side Prototype Pollution Scanner|![](https://img.shields.io/github/stars/msrkp/PPScan?label=%20)|[`prototypepollution`](/categorize/tags/prototypepollution.md) [`prototype-pollution`](/categorize/tags/prototype-pollution.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Scanner|[jsprime](https://github.com/dpnishant/jsprime)|a javascript static security analysis tool|![](https://img.shields.io/github/stars/dpnishant/jsprime?label=%20)|[`js-analysis`](/categorize/tags/js-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Scanner|[DOMPurify](https://github.com/cure53/DOMPurify)|DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:|![](https://img.shields.io/github/stars/cure53/DOMPurify?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Scanner|[xsinator.com](https://github.com/RUB-NDS/xsinator.com)|XS-Leak Browser Test Suite|![](https://img.shields.io/github/stars/RUB-NDS/xsinator.com?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Scanner|[domdig](https://github.com/fcavallarin/domdig)|DOM XSS scanner for Single Page Applications |![](https://img.shields.io/github/stars/fcavallarin/domdig?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Scanner|[github-search](https://github.com/gwen001/github-search)|Tools to perform basic search on GitHub. |![](https://img.shields.io/github/stars/gwen001/github-search?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Exploit|[singularity](https://github.com/nccgroup/singularity)|A DNS rebinding attack framework.|![](https://img.shields.io/github/stars/nccgroup/singularity?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[PwnFox](https://github.com/yeswehack/PwnFox)|Firefox/Burp extension that provide usefull tools for your security audit.|![](https://img.shields.io/github/stars/yeswehack/PwnFox?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![firefox](/images/firefox.png)![burp](/images/burp.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[quickjack](https://github.com/samyk/quickjack)|Quickjack is a point-and-click tool for intuitively producing advanced clickjacking and frame slicing attacks.|![](https://img.shields.io/github/stars/samyk/quickjack?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[CyberChef](https://github.com/gchq/CyberChef)|The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis |![](https://img.shields.io/github/stars/gchq/CyberChef?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[eval_villain](https://github.com/swoops/eval_villain)|A Firefox Web Extension to improve the discovery of DOM XSS.|![](https://img.shields.io/github/stars/swoops/eval_villain?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![firefox](/images/firefox.png)![zap](/images/zap.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[postMessage-tracker](https://github.com/fransr/postMessage-tracker)|A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon|![](https://img.shields.io/github/stars/fransr/postMessage-tracker?label=%20)|[`js-analysis`](/categorize/tags/js-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![chrome](/images/chrome.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[community-scripts](https://github.com/zaproxy/community-scripts)||![](https://img.shields.io/github/stars/zaproxy/community-scripts?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[Edit-This-Cookie](https://github.com/ETCExtensions/Edit-This-Cookie)|EditThisCookie is the famous Google Chrome/Chromium extension for editing cookies|![](https://img.shields.io/github/stars/ETCExtensions/Edit-This-Cookie?label=%20)|[`cookie`](/categorize/tags/cookie.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![chrome](/images/chrome.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[jsfuck](https://github.com/aemkei/jsfuck)|Write any JavaScript with 6 Characters|![](https://img.shields.io/github/stars/aemkei/jsfuck?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[reverse-shell-generator](https://github.com/0dayCTF/reverse-shell-generator)|Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)|![](https://img.shields.io/github/stars/0dayCTF/reverse-shell-generator?label=%20)|[`payload`](/categorize/tags/payload.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[weaponised-XSS-payloads](https://github.com/hakluke/weaponised-XSS-payloads)|XSS payloads designed to turn alert(1) into P1|![](https://img.shields.io/github/stars/hakluke/weaponised-XSS-payloads?label=%20)|[`xss`](/categorize/tags/xss.md) [`documents`](/categorize/tags/documents.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[Firefox Multi-Account Containers](https://github.com/mozilla/multi-account-containers)|Firefox Multi-Account Containers lets you keep parts of your online life separated into color-coded tabs|![](https://img.shields.io/github/stars/mozilla/multi-account-containers?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![firefox](/images/firefox.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[firefox-container-proxy](https://github.com/bekh6ex/firefox-container-proxy)|Assign a proxy to a Firefox container|![](https://img.shields.io/github/stars/bekh6ex/firefox-container-proxy?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![firefox](/images/firefox.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[clear-cache](https://github.com/TenSoja/clear-cache)|Add-on to clear browser cache with a single click or via the F9 key.|![](https://img.shields.io/github/stars/TenSoja/clear-cache?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![firefox](/images/firefox.png)![chrome](/images/chrome.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[Phoenix](https://www.hahwul.com/phoenix/)|hahwul's online tools||[`online`](/categorize/tags/online.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[jsonwebtoken.github.io](https://github.com/jsonwebtoken/jsonwebtoken.github.io)|JWT En/Decode and Verify|![](https://img.shields.io/github/stars/jsonwebtoken/jsonwebtoken.github.io?label=%20)|[`jwt`](/categorize/tags/jwt.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[DOMLogger++](https://github.com/kevin-mizu/domloggerpp)|A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.|![](https://img.shields.io/github/stars/kevin-mizu/domloggerpp?label=%20)|[`dom`](/categorize/tags/dom.md) [`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![firefox](/images/firefox.png)![chrome](/images/chrome.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[xssor2](https://github.com/evilcos/xssor2)|XSS'OR - Hack with JavaScript.|![](https://img.shields.io/github/stars/evilcos/xssor2?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[wssip](https://github.com/nccgroup/wssip)|Application for capturing, modifying and sending custom WebSocket data from client to server and vice versa.|![](https://img.shields.io/github/stars/nccgroup/wssip?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[xless](https://github.com/mazen160/xless)|The Serverless Blind XSS App|![](https://img.shields.io/github/stars/mazen160/xless?label=%20)|[`xss`](/categorize/tags/xss.md) [`blind-xss`](/categorize/tags/blind-xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[template-generator](https://github.com/fransr/template-generator)|A simple variable based template editor using handlebarjs+strapdownjs. The idea is to use variables in markdown based files to easily replace the variables with content. Data is saved temporarily in local storage. PHP is only needed to generate the list of files in the dropdown of templates. |![](https://img.shields.io/github/stars/fransr/template-generator?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[MM3 ProxySwitch](https://proxy-offline-browser.com/ProxySwitch/)|Proxy Switch in Firefox and Chrome|||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![firefox](/images/firefox.png)![chrome](/images/chrome.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[cookie-quick-manager](https://github.com/ysard/cookie-quick-manager)|An addon to manage (view, search, create, edit, remove, backup, restore) cookies on Firefox.|![](https://img.shields.io/github/stars/ysard/cookie-quick-manager?label=%20)|[`cookie`](/categorize/tags/cookie.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![firefox](/images/firefox.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n\n"
  },
  {
    "path": "categorize/langs/Kotlin.md",
    "content": "\n## Tools Made of Kotlin\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Recon|[HUNT](https://github.com/bugcrowd/HUNT)|Identifies common parameters vulnerable to certain vulnerability classes|![](https://img.shields.io/github/stars/bugcrowd/HUNT?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)![burp](/images/burp.png)[![Kotlin](/images/kotlin.png)](/categorize/langs/Kotlin.md)|\n|Utils|[burp-piper](https://github.com/silentsignal/burp-piper)||![](https://img.shields.io/github/stars/silentsignal/burp-piper?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Kotlin](/images/kotlin.png)](/categorize/langs/Kotlin.md)|\n|Utils|[reflect](https://github.com/cak/reflect)||![](https://img.shields.io/github/stars/cak/reflect?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)[![Kotlin](/images/kotlin.png)](/categorize/langs/Kotlin.md)|\n|Utils|[turbo-intruder](https://github.com/PortSwigger/turbo-intruder)||![](https://img.shields.io/github/stars/PortSwigger/turbo-intruder?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Kotlin](/images/kotlin.png)](/categorize/langs/Kotlin.md)|\n\n"
  },
  {
    "path": "categorize/langs/PHP.md",
    "content": "\n## Tools Made of PHP\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Utils|[ezXSS](https://github.com/ssl/ezXSS)|ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting. |![](https://img.shields.io/github/stars/ssl/ezXSS?label=%20)|[`xss`](/categorize/tags/xss.md) [`blind-xss`](/categorize/tags/blind-xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![PHP](/images/php.png)](/categorize/langs/PHP.md)|\n\n"
  },
  {
    "path": "categorize/langs/Perl.md",
    "content": "\n## Tools Made of Perl\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Fuzzer|[dotdotpwn](https://github.com/wireghoul/dotdotpwn)|DotDotPwn - The Directory Traversal Fuzzer |![](https://img.shields.io/github/stars/wireghoul/dotdotpwn?label=%20)|[`path-traversal`](/categorize/tags/path-traversal.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Perl](/images/perl.png)](/categorize/langs/Perl.md)|\n|Scanner|[HRS](https://github.com/SafeBreach-Labs/HRS)|HTTP Request Smuggling demonstration Perl script, for variants 1, 2 and 5 in my BlackHat US 2020 paper HTTP Request Smuggling in 2020.|![](https://img.shields.io/github/stars/SafeBreach-Labs/HRS?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Perl](/images/perl.png)](/categorize/langs/Perl.md)|\n|Scanner|[nikto](https://github.com/sullo/nikto)|Nikto web server scanner |![](https://img.shields.io/github/stars/sullo/nikto?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Perl](/images/perl.png)](/categorize/langs/Perl.md)|\n|Exploit|[SQLNinja](https://gitlab.com/kalilinux/packages/sqlninja)|Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities.||[`sqli`](/categorize/tags/sqli.md)|![linux](/images/linux.png)![macos](/images/apple.png)[![Perl](/images/perl.png)](/categorize/langs/Perl.md)|\n\n"
  },
  {
    "path": "categorize/langs/Python.md",
    "content": "\n## Tools Made of Python\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Army-knife|[Baudrillard Suite](https://github.com/bad-antics/baudrillard-suite)|Cross-platform security research toolkit with OSINT aggregation, memory forensics, social engineering tools, steganography, and predictive threat modeling.|![](https://img.shields.io/github/stars/bad-antics/baudrillard-suite?label=%20)|[`osint`](/categorize/tags/osint.md) [`recon`](/categorize/tags/recon.md) [`forensics`](/categorize/tags/forensics.md) [`social-engineering`](/categorize/tags/social-engineering.md) [`steganography`](/categorize/tags/steganography.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Proxy|[mitmproxy](https://github.com/mitmproxy/mitmproxy)|An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.|![](https://img.shields.io/github/stars/mitmproxy/mitmproxy?label=%20)|[`mitmproxy`](/categorize/tags/mitmproxy.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[parameth](https://github.com/maK-/parameth)|This tool can be used to brute discover GET and POST parameters|![](https://img.shields.io/github/stars/maK-/parameth?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[spiderfoot](https://github.com/smicallef/spiderfoot)|SpiderFoot automates OSINT collection so that you can focus on analysis.|![](https://img.shields.io/github/stars/smicallef/spiderfoot?label=%20)|[`osint`](/categorize/tags/osint.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[3klCon](https://github.com/eslam3kl/3klCon)|Automation Recon tool which works with Large & Medium scopes. It performs more than 20 tasks and gets back all the results in separated files.|![](https://img.shields.io/github/stars/eslam3kl/3klCon?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[apkleaks](https://github.com/dwisiswant0/apkleaks)|Scanning APK file for URIs, endpoints & secrets. |![](https://img.shields.io/github/stars/dwisiswant0/apkleaks?label=%20)|[`apk`](/categorize/tags/apk.md) [`url`](/categorize/tags/url.md) [`endpoint`](/categorize/tags/endpoint.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[dirsearch](https://github.com/maurosoria/dirsearch)|Web path scanner |![](https://img.shields.io/github/stars/maurosoria/dirsearch?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[ParamWizard](https://github.com/iamunixtz/ParamWizard)|ParamWizard is a powerful Python-based tool designed for extracting and identifying URLs with parameters from a specified website.|![](https://img.shields.io/github/stars/iamunixtz/ParamWizard?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[pagodo](https://github.com/opsdisk/pagodo)|pagodo (Passive Google Dork) - Automate Google Hacking Database scraping and searching|![](https://img.shields.io/github/stars/opsdisk/pagodo?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[SecretFinder](https://github.com/m4ll0k/SecretFinder)|SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files |![](https://img.shields.io/github/stars/m4ll0k/SecretFinder?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[Parth](https://github.com/s0md3v/Parth)|Heuristic Vulnerable Parameter Scanner |![](https://img.shields.io/github/stars/s0md3v/Parth?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[waymore](https://github.com/xnl-h4ck3r/waymore)|Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan, VirusTotal & Intelligence X!|![](https://img.shields.io/github/stars/xnl-h4ck3r/waymore?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[bbot](https://github.com/blacklanternsecurity/bbot)|OSINT automation for hackers|![](https://img.shields.io/github/stars/blacklanternsecurity/bbot?label=%20)|[`osint`](/categorize/tags/osint.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[Dr. Watson](https://github.com/prodigysml/Dr.-Watson)|Dr. Watson is a simple Burp Suite extension that helps find assets, keys, subdomains, IP addresses, and other useful information|![](https://img.shields.io/github/stars/prodigysml/Dr.-Watson?label=%20)|[`param`](/categorize/tags/param.md) [`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[altdns](https://github.com/infosec-au/altdns)|Generates permutations, alterations and mutations of subdomains and then resolves them |![](https://img.shields.io/github/stars/infosec-au/altdns?label=%20)|[`dns`](/categorize/tags/dns.md) [`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[xnLinkFinder](https://github.com/xnl-h4ck3r/xnLinkFinder)|A python tool used to discover endpoints (and potential parameters) for a given target|![](https://img.shields.io/github/stars/xnl-h4ck3r/xnLinkFinder?label=%20)|[`js-analysis`](/categorize/tags/js-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[BLUTO](https://github.com/darryllane/Bluto)|DNS Analysis Tool|![](https://img.shields.io/github/stars/darryllane/Bluto?label=%20)|[`dns`](/categorize/tags/dns.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[Arjun](https://github.com/s0md3v/Arjun)|HTTP parameter discovery suite. |![](https://img.shields.io/github/stars/s0md3v/Arjun?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[HydraRecon](https://github.com/aufzayed/HydraRecon)|All In One, Fast, Easy Recon Tool|![](https://img.shields.io/github/stars/aufzayed/HydraRecon?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[knock](https://github.com/guelfoweb/knock)|Knock Subdomain Scan |![](https://img.shields.io/github/stars/guelfoweb/knock?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[Sublist3r](https://github.com/aboul3la/Sublist3r)|Fast subdomains enumeration tool for penetration testers |![](https://img.shields.io/github/stars/aboul3la/Sublist3r?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[uro](https://github.com/s0md3v/uro)|declutters url lists for crawling/pentesting|![](https://img.shields.io/github/stars/s0md3v/uro?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[OneForAll](https://github.com/shmilylty/OneForAll)|OneForAll是一款功能强大的子域收集工具 |![](https://img.shields.io/github/stars/shmilylty/OneForAll?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[Silver](https://github.com/s0md3v/Silver)|Mass scan IPs for vulnerable services |![](https://img.shields.io/github/stars/s0md3v/Silver?label=%20)|[`port`](/categorize/tags/port.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[longtongue](https://github.com/edoardottt/longtongue)|Customized Password/Passphrase List inputting Target Info|![](https://img.shields.io/github/stars/edoardottt/longtongue?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[GitMiner](https://github.com/UnkL4b/GitMiner)|Tool for advanced mining for content on Github |![](https://img.shields.io/github/stars/UnkL4b/GitMiner?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[ParamSpider](https://github.com/devanshbatham/ParamSpider)|Mining parameters from dark corners of Web Archives |![](https://img.shields.io/github/stars/devanshbatham/ParamSpider?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[BurpJSLinkFinder](https://github.com/InitRoot/BurpJSLinkFinder)||![](https://img.shields.io/github/stars/InitRoot/BurpJSLinkFinder?label=%20)|[`js-analysis`](/categorize/tags/js-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[dnsvalidator](https://github.com/vortexau/dnsvalidator)|Maintains a list of IPv4 DNS servers by verifying them against baseline servers, and ensuring accurate responses.|![](https://img.shields.io/github/stars/vortexau/dnsvalidator?label=%20)|[`dns`](/categorize/tags/dns.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[STEWS](https://github.com/PalindromeLabs/STEWS)|A Security Tool for Enumerating WebSockets|![](https://img.shields.io/github/stars/PalindromeLabs/STEWS?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[SubBrute](https://github.com/aboul3la/Sublist3r)|https://github.com/TheRook/subbrute|![](https://img.shields.io/github/stars/aboul3la/Sublist3r?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[HostHunter](https://github.com/SpiderLabs/HostHunter)|Recon tool for discovering hostnames using OSINT techniques.|![](https://img.shields.io/github/stars/SpiderLabs/HostHunter?label=%20)|[`osint`](/categorize/tags/osint.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[Photon](https://github.com/s0md3v/Photon)|Incredibly fast crawler designed for OSINT. |![](https://img.shields.io/github/stars/s0md3v/Photon?label=%20)|[`osint`](/categorize/tags/osint.md) [`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[Lepus](https://github.com/gfek/Lepus)|Subdomain finder|![](https://img.shields.io/github/stars/gfek/Lepus?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[graphw00f](https://github.com/dolevf/graphw00f)|GraphQL Server Engine Fingerprinting utility|![](https://img.shields.io/github/stars/dolevf/graphw00f?label=%20)|[`graphql`](/categorize/tags/graphql.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[cc.py](https://github.com/si9int/cc.py)|Extracting URLs of a specific target based on the results of \"commoncrawl.org\" |![](https://img.shields.io/github/stars/si9int/cc.py?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[FavFreak](https://github.com/devanshbatham/FavFreak)|Making Favicon.ico based Recon Great again ! |![](https://img.shields.io/github/stars/devanshbatham/FavFreak?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[LinkFinder](https://github.com/GerbenJavado/LinkFinder)|A python script that finds endpoints in JavaScript files |![](https://img.shields.io/github/stars/GerbenJavado/LinkFinder?label=%20)|[`js-analysis`](/categorize/tags/js-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Fuzzer|[ParamPamPam](https://github.com/Bo0oM/ParamPamPam)|This tool for brute discover GET and POST parameters.|![](https://img.shields.io/github/stars/Bo0oM/ParamPamPam?label=%20)|[`param`](/categorize/tags/param.md) [`cache-vuln`](/categorize/tags/cache-vuln.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Fuzzer|[wfuzz](https://github.com/xmendez/wfuzz)|Web application fuzzer |![](https://img.shields.io/github/stars/xmendez/wfuzz?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Fuzzer|[Clairvoyance](https://github.com/nikitastupin/clairvoyance)|Obtain GraphQL API schema even if the introspection is disabled|![](https://img.shields.io/github/stars/nikitastupin/clairvoyance?label=%20)|[`graphql`](/categorize/tags/graphql.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Fuzzer|[GAP](https://github.com/xnl-h4ck3r/GAP-Burp-Extension)|This is an evolution of the original getAllParams extension for Burp. Not only does it find more potential parameters for you to investigate, but it also finds potential links to try these parameters on.|![](https://img.shields.io/github/stars/xnl-h4ck3r/GAP-Burp-Extension?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Fuzzer|[BatchQL](https://github.com/assetnote/batchql)|GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations|![](https://img.shields.io/github/stars/assetnote/batchql?label=%20)|[`graphql`](/categorize/tags/graphql.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Fuzzer|[SSRFmap](https://github.com/swisskyrepo/SSRFmap)|Automatic SSRF fuzzer and exploitation tool |![](https://img.shields.io/github/stars/swisskyrepo/SSRFmap?label=%20)|[`ssrf`](/categorize/tags/ssrf.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Fuzzer|[CrackQL](https://github.com/nicholasaleks/CrackQL)|CrackQL is a GraphQL password brute-force and fuzzing utility.|![](https://img.shields.io/github/stars/nicholasaleks/CrackQL?label=%20)|[`graphql`](/categorize/tags/graphql.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Fuzzer|[SSTImap](https://github.com/vladko312/SSTImap)|Automatic SSTI detection tool with interactive interface|![](https://img.shields.io/github/stars/vladko312/SSTImap?label=%20)|[`ssti`](/categorize/tags/ssti.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Fuzzer|[GraphQLmap](https://github.com/swisskyrepo/GraphQLmap)|GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes.|![](https://img.shields.io/github/stars/swisskyrepo/GraphQLmap?label=%20)|[`graphql`](/categorize/tags/graphql.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[Oralyzer](https://github.com/r0075h3ll/Oralyzer)|Open Redirection Analyzer|![](https://img.shields.io/github/stars/r0075h3ll/Oralyzer?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[PwnXSS](https://github.com/pwn0sec/PwnXSS)|Vulnerability (XSS) scanner exploit|![](https://img.shields.io/github/stars/pwn0sec/PwnXSS?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[AWSBucketDump](https://github.com/jordanpotti/AWSBucketDump)|Security Tool to Look For Interesting Files in S3 Buckets|![](https://img.shields.io/github/stars/jordanpotti/AWSBucketDump?label=%20)|[`s3`](/categorize/tags/s3.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[zap-cli](https://github.com/Grunny/zap-cli)|A simple tool for interacting with OWASP ZAP from the commandline. |![](https://img.shields.io/github/stars/Grunny/zap-cli?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[LFISuite](https://github.com/D35m0nd142/LFISuite)|Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner |![](https://img.shields.io/github/stars/D35m0nd142/LFISuite?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[Corsy](https://github.com/s0md3v/Corsy)|CORS Misconfiguration Scanner |![](https://img.shields.io/github/stars/s0md3v/Corsy?label=%20)|[`cors`](/categorize/tags/cors.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[V3n0M-Scanner](https://github.com/v3n0m-Scanner/V3n0M-Scanner)|Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns|![](https://img.shields.io/github/stars/v3n0m-Scanner/V3n0M-Scanner?label=%20)|[`sqli`](/categorize/tags/sqli.md) [`xss`](/categorize/tags/xss.md) [`lfi`](/categorize/tags/lfi.md) [`rfi`](/categorize/tags/rfi.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[commix](https://github.com/commixproject/commix)|Automated All-in-One OS Command Injection Exploitation Tool.|![](https://img.shields.io/github/stars/commixproject/commix?label=%20)|[`exploit`](/categorize/tags/exploit.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[LOXS](https://github.com/coffinxp/loxs)|best tool for finding SQLi,CRLF,XSS,LFi,OpenRedirect|![](https://img.shields.io/github/stars/coffinxp/loxs?label=%20)|[`xss`](/categorize/tags/xss.md) [`sqli`](/categorize/tags/sqli.md) [`crlf`](/categorize/tags/crlf.md) [`lfi`](/categorize/tags/lfi.md) [`open-redirect`](/categorize/tags/open-redirect.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[NoSQLMap](https://github.com/codingo/NoSQLMap)|Automated NoSQL database enumeration and web application exploitation tool. |![](https://img.shields.io/github/stars/codingo/NoSQLMap?label=%20)|[`nosqli`](/categorize/tags/nosqli.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[corsair_scan](https://github.com/Santandersecurityresearch/corsair_scan)|Corsair_scan is a security tool to test Cross-Origin Resource Sharing (CORS).|![](https://img.shields.io/github/stars/Santandersecurityresearch/corsair_scan?label=%20)|[`cors`](/categorize/tags/cors.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[sqlmap](https://github.com/sqlmapproject/sqlmap)|Automatic SQL injection and database takeover tool|![](https://img.shields.io/github/stars/sqlmapproject/sqlmap?label=%20)|[`sqli`](/categorize/tags/sqli.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[DSSS](https://github.com/stamparm/DSSS)|Damn Small SQLi Scanner|![](https://img.shields.io/github/stars/stamparm/DSSS?label=%20)|[`sqli`](/categorize/tags/sqli.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[CMSmap](https://github.com/dionach/CMSmap)|CMSmap is a python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs.|![](https://img.shields.io/github/stars/dionach/CMSmap?label=%20)|[`web-scanner`](/categorize/tags/web-scanner.md) [`vulnerability-scanner`](/categorize/tags/vulnerability-scanner.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[AuthMatrix](https://github.com/SecurityInnovation/AuthMatrix)||![](https://img.shields.io/github/stars/SecurityInnovation/AuthMatrix?label=%20)|[`aaa`](/categorize/tags/aaa.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[NoXss](https://github.com/lwzSoviet/)|Faster xss scanner,support reflected-xss and dom-xss|![](https://img.shields.io/github/stars/lwzSoviet/?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[XSStrike](https://github.com/s0md3v/XSStrike)|Most advanced XSS scanner. |![](https://img.shields.io/github/stars/s0md3v/XSStrike?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[sqliv](https://github.com/the-robot/sqliv)|massive SQL injection vulnerability scanner|![](https://img.shields.io/github/stars/the-robot/sqliv?label=%20)|[`sqli`](/categorize/tags/sqli.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[depenfusion](https://github.com/benjamin-mauss/depenfusion)|A powerful pentesting tool for detecting and exploiting dependency confusion vulnerabilities in Node.js projects|![](https://img.shields.io/github/stars/benjamin-mauss/depenfusion?label=%20)|[`dependency-confusion`](/categorize/tags/dependency-confusion.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[xsssniper](https://github.com/gbrindisi/xsssniper)|An automatic XSS discovery tool|![](https://img.shields.io/github/stars/gbrindisi/xsssniper?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[SQLiDetector](https://github.com/eslam3kl/SQLiDetector)|Simple python script supported with BurpBouty profile that helps you to detect SQL injection \"Error based\" by sending multiple requests with 14 payloads and checking for 152 regex patterns for different databases.|![](https://img.shields.io/github/stars/eslam3kl/SQLiDetector?label=%20)|[`sqli`](/categorize/tags/sqli.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[S3Scanner](https://github.com/sa7mon/S3Scanner)|Scan for open AWS S3 buckets and dump the contents |![](https://img.shields.io/github/stars/sa7mon/S3Scanner?label=%20)|[`s3`](/categorize/tags/s3.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[http-request-smuggling](https://github.com/anshumanpattnaik/http-request-smuggling)|HTTP Request Smuggling Detection Tool|![](https://img.shields.io/github/stars/anshumanpattnaik/http-request-smuggling?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[rapidscan](https://github.com/skavngr/rapidscan)|The Multi-Tool Web Vulnerability Scanner. |![](https://img.shields.io/github/stars/skavngr/rapidscan?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[OpenRedireX](https://github.com/devanshbatham/OpenRedireX)|A Fuzzer for OpenRedirect issues|![](https://img.shields.io/github/stars/devanshbatham/OpenRedireX?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[S3cret Scanner](https://github.com/Eilonh/s3crets_scanner)|Hunting For Secrets Uploaded To Public S3 Buckets|![](https://img.shields.io/github/stars/Eilonh/s3crets_scanner?label=%20)|[`s3`](/categorize/tags/s3.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[Striker](https://github.com/s0md3v/Striker)|Striker is an offensive information and vulnerability scanner. |![](https://img.shields.io/github/stars/s0md3v/Striker?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[a2sv](https://github.com/hahwul/a2sv)|Auto Scanning to SSL Vulnerability |![](https://img.shields.io/github/stars/hahwul/a2sv?label=%20)|[`ssl`](/categorize/tags/ssl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[autopoisoner](https://github.com/Th0h0/autopoisoner)|Web cache poisoning vulnerability scanner.|![](https://img.shields.io/github/stars/Th0h0/autopoisoner?label=%20)|[`cache-vuln`](/categorize/tags/cache-vuln.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[tplmap](https://github.com/epinna/tplmap)|Server-Side Template Injection and Code Injection Detection and Exploitation Tool|![](https://img.shields.io/github/stars/epinna/tplmap?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[gitGraber](https://github.com/hisxo/gitGraber)|gitGraber |![](https://img.shields.io/github/stars/hisxo/gitGraber?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[xsser](https://github.com/epsylon/xsser)|Cross Site \"Scripter\" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications. |![](https://img.shields.io/github/stars/epsylon/xsser?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[semgrep](https://github.com/semgrep/semgrep)|Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.|![](https://img.shields.io/github/stars/semgrep/semgrep?label=%20)|[`sast`](/categorize/tags/sast.md) [`code-analysis`](/categorize/tags/code-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[smuggler](https://github.com/defparam/smuggler)|Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3 |![](https://img.shields.io/github/stars/defparam/smuggler?label=%20)|[`smuggle`](/categorize/tags/smuggle.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[VHostScan](https://github.com/codingo/VHostScan)|A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages. |![](https://img.shields.io/github/stars/codingo/VHostScan?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[dependency-confusion-scanner](https://github.com/Yaniv-git/dependency-confusion-scanner)|This small repo is meant to scan Github's repositories for potential Dependency confusion vulnerabilities.|![](https://img.shields.io/github/stars/Yaniv-git/dependency-confusion-scanner?label=%20)|[`dependency-confusion`](/categorize/tags/dependency-confusion.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[XssPy](https://github.com/faizann24/)|Web Application XSS Scanner|![](https://img.shields.io/github/stars/faizann24/?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[xsscrapy](https://github.com/DanMcInerney/xsscrapy)|XSS/SQLi spider. Give it a URL and it'll test every link it finds for XSS and some SQLi. |![](https://img.shields.io/github/stars/DanMcInerney/xsscrapy?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[wapiti](https://github.com/wapiti-scanner/wapiti)|Web application vulnerability scanner. Wapiti allows you to audit the security of your websites or web applications.|![](https://img.shields.io/github/stars/wapiti-scanner/wapiti?label=%20)|[`vulnerability-scanner`](/categorize/tags/vulnerability-scanner.md) [`web-scanner`](/categorize/tags/web-scanner.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[Autorize](https://github.com/Quitten/Autorize)||![](https://img.shields.io/github/stars/Quitten/Autorize?label=%20)|[`aaa`](/categorize/tags/aaa.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[deadlinks](https://github.com/butuzov/deadlinks)|Health checks for your documentation links.|![](https://img.shields.io/github/stars/butuzov/deadlinks?label=%20)|[`broken-link`](/categorize/tags/broken-link.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[cloud-audit](https://github.com/gebalamariusz/cloud-audit)|Fast, opinionated AWS security scanner with Terraform remediation and attack chain detection|![](https://img.shields.io/github/stars/gebalamariusz/cloud-audit?label=%20)|[`aws`](/categorize/tags/aws.md) [`cloud`](/categorize/tags/cloud.md) [`security`](/categorize/tags/security.md) [`terraform`](/categorize/tags/terraform.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Exploit|[ghauri](https://github.com/r0oth3x49/ghauri)|An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws|![](https://img.shields.io/github/stars/r0oth3x49/ghauri?label=%20)|[`sqli`](/categorize/tags/sqli.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Exploit|[toxssin](https://github.com/t3l3machus/toxssin)|An XSS exploitation command-line interface and payload generator.|![](https://img.shields.io/github/stars/t3l3machus/toxssin?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Exploit|[of-CORS](https://github.com/trufflesecurity/of-CORS)|Identifying and exploiting CORS misconfigurations on the internal networks|![](https://img.shields.io/github/stars/trufflesecurity/of-CORS?label=%20)|[`cors`](/categorize/tags/cors.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Exploit|[Gopherus](https://github.com/tarunkant/Gopherus)|This tool generates gopher link for exploiting SSRF and gaining RCE in various servers |![](https://img.shields.io/github/stars/tarunkant/Gopherus?label=%20)|[`ssrf`](/categorize/tags/ssrf.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Exploit|[XSRFProbe](https://github.com/0xInfection/XSRFProbe)|The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.|![](https://img.shields.io/github/stars/0xInfection/XSRFProbe?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Exploit|[Liffy](https://github.com/mzfr/liffy)|Local file inclusion exploitation tool|![](https://img.shields.io/github/stars/mzfr/liffy?label=%20)|[`lfi`](/categorize/tags/lfi.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Exploit|[jwt_tool](https://github.com/ticarpi/jwt_tool)|A toolkit for testing, tweaking and cracking JSON Web Tokens|![](https://img.shields.io/github/stars/ticarpi/jwt_tool?label=%20)|[`jwt`](/categorize/tags/jwt.md) [`authentication`](/categorize/tags/authentication.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[zip-bomb](https://github.com/damianrusinek/zip-bomb)|Create a ZIPBomb for a given uncompressed size (flat and nested modes).|![](https://img.shields.io/github/stars/damianrusinek/zip-bomb?label=%20)|[`zipbomb`](/categorize/tags/zipbomb.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[docem](https://github.com/whitel1st/docem)|Uility to embed XXE and XSS payloads in docx,odt,pptx,etc (OXML_XEE on steroids)|![](https://img.shields.io/github/stars/whitel1st/docem?label=%20)|[`xxe`](/categorize/tags/xxe.md) [`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[burp-exporter](https://github.com/artssec/burp-exporter)||![](https://img.shields.io/github/stars/artssec/burp-exporter?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[Atlas](https://github.com/m4ll0k/Atlas)|Quick SQLMap Tamper Suggester |![](https://img.shields.io/github/stars/m4ll0k/Atlas?label=%20)|[`sqli`](/categorize/tags/sqli.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[gRPC-Web Pentest Suite](https://github.com/nxenon/grpc-pentest-suite)|gRPC-Pentest-Suite is set of tools for pentesting / hacking gRPC Web (gRPC-Web) applications.|![](https://img.shields.io/github/stars/nxenon/grpc-pentest-suite?label=%20)|[`gRPC-Web`](/categorize/tags/gRPC-Web.md)|![burp](/images/burp.png)![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[230-OOB](https://github.com/lc/230-OOB)|An Out-of-Band XXE server for retrieving file contents over FTP.|![](https://img.shields.io/github/stars/lc/230-OOB?label=%20)|[`xxe`](/categorize/tags/xxe.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[argumentinjectionhammer](https://github.com/nccgroup/argumentinjectionhammer)|A Burp Extension designed to identify argument injection vulnerabilities.|![](https://img.shields.io/github/stars/nccgroup/argumentinjectionhammer?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[tiscripts](https://github.com/defparam/tiscripts)|Turbo Intruder Scripts|![](https://img.shields.io/github/stars/defparam/tiscripts?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[pentest-tools](https://github.com/gwen001/pentest-tools)|Custom pentesting tools |![](https://img.shields.io/github/stars/gwen001/pentest-tools?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[inql](https://github.com/doyensec/inql)||![](https://img.shields.io/github/stars/doyensec/inql?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[PayloadsAllTheThings](https://github.com/swisskyrepo/PayloadsAllTheThings)|A list of useful payloads and bypass for Web Application Security and Pentest/CTF |![](https://img.shields.io/github/stars/swisskyrepo/PayloadsAllTheThings?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[REcollapse](https://github.com/0xacb/recollapse)|REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications|![](https://img.shields.io/github/stars/0xacb/recollapse?label=%20)|[`fuzz`](/categorize/tags/fuzz.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[h2spacex](https://github.com/nxenon/h2spacex)|HTTP/2 Single Packet Attack low level library based on Scapy|![](https://img.shields.io/github/stars/nxenon/h2spacex?label=%20)|[`race-condition`](/categorize/tags/race-condition.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[httpie](https://github.com/httpie/httpie)|modern, user-friendly command-line HTTP client for the API era|![](https://img.shields.io/github/stars/httpie/httpie?label=%20)|[`http`](/categorize/tags/http.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[femida](https://github.com/wish-i-was/femida)||![](https://img.shields.io/github/stars/wish-i-was/femida?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[ZipBomb](https://github.com/abdulfatir/ZipBomb)|A simple implementation of ZipBomb in Python|![](https://img.shields.io/github/stars/abdulfatir/ZipBomb?label=%20)|[`zipbomb`](/categorize/tags/zipbomb.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[grc](https://github.com/garabik/grc)|generic colouriser|![](https://img.shields.io/github/stars/garabik/grc?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[nuclei-wordfence-cve](https://github.com/topscoder/nuclei-wordfence-cve)|Every single day new templates are added to this repo based on updates on Wordfence.com|![](https://img.shields.io/github/stars/topscoder/nuclei-wordfence-cve?label=%20)|[`nuclei-templates`](/categorize/tags/nuclei-templates.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[blackboxprotobuf](https://github.com/nccgroup/blackboxprotobuf)|Blackbox protobuf is a Burp Suite extension for decoding and modifying arbitrary protobuf messages without the protobuf type definition.|![](https://img.shields.io/github/stars/nccgroup/blackboxprotobuf?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[Bug-Bounty-Toolz](https://github.com/m4ll0k/Bug-Bounty-Toolz)|BBT - Bug Bounty Tools |![](https://img.shields.io/github/stars/m4ll0k/Bug-Bounty-Toolz?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[XSS-Catcher](https://github.com/daxAKAhackerman/XSS-Catcher)|Find blind XSS but why not gather data while you're at it.|![](https://img.shields.io/github/stars/daxAKAhackerman/XSS-Catcher?label=%20)|[`xss`](/categorize/tags/xss.md) [`blind-xss`](/categorize/tags/blind-xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[Redcloud](https://github.com/khast3x/Redcloud)|Automated Red Team Infrastructure deployement using Docker|![](https://img.shields.io/github/stars/khast3x/Redcloud?label=%20)|[`infra`](/categorize/tags/infra.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[GQLSpection](https://github.com/doyensec/GQLSpection)|parses GraphQL introspection schema and generates possible queries|![](https://img.shields.io/github/stars/doyensec/GQLSpection?label=%20)|[`graphql`](/categorize/tags/graphql.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Env|[Crimson](https://github.com/Karmaz95/crimson)|Web Application Security Testing automation.|![](https://img.shields.io/github/stars/Karmaz95/crimson?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n\n"
  },
  {
    "path": "categorize/langs/Ruby.md",
    "content": "\n## Tools Made of Ruby\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Army-Knife|[Metasploit](https://github.com/rapid7/metasploit-framework)|The world’s most used penetration testing framework|![](https://img.shields.io/github/stars/rapid7/metasploit-framework?label=%20)|[`pentest`](/categorize/tags/pentest.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Army-knife|[Ronin](https://ronin-rb.dev)|Free and Open Source Ruby Toolkit for Security Research and Development||[`pentest`](/categorize/tags/pentest.md) [`crawl`](/categorize/tags/crawl.md) [`recon`](/categorize/tags/recon.md) [`exploit`](/categorize/tags/exploit.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Proxy|[EvilProxy](https://github.com/bbtfr/evil-proxy)|A ruby http/https proxy to do EVIL things.|![](https://img.shields.io/github/stars/bbtfr/evil-proxy?label=%20)|[`mitmproxy`](/categorize/tags/mitmproxy.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Recon|[Hunt3r](https://github.com/EasyRecon/Hunt3r)|Made your bugbounty subdomains reconnaissance easier with Hunt3r the web application reconnaissance framework|![](https://img.shields.io/github/stars/EasyRecon/Hunt3r?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Recon|[intrigue-core](https://github.com/intrigueio/intrigue-core)|Discover Your Attack Surface |![](https://img.shields.io/github/stars/intrigueio/intrigue-core?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Scanner|[XSpear](https://github.com/hahwul/XSpear)|Powerfull XSS Scanning and Parameter analysis tool&gem |![](https://img.shields.io/github/stars/hahwul/XSpear?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Scanner|[arachni](https://github.com/Arachni/arachni)|Web Application Security Scanner Framework |![](https://img.shields.io/github/stars/Arachni/arachni?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Scanner|[wpscan](https://github.com/wpscanteam/wpscan)|WPScan is a free, for non-commercial use, black box WordPress Vulnerability Scanner written for security professionals and blog maintainers to test the security of their WordPress websites. |![](https://img.shields.io/github/stars/wpscanteam/wpscan?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Scanner|[DeadFinder](https://github.com/hahwul/deadfinder)|Find dead-links (broken links)|![](https://img.shields.io/github/stars/hahwul/deadfinder?label=%20)|[`broken-link`](/categorize/tags/broken-link.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Exploit|[XXEinjector](https://github.com/enjoiz/XXEinjector)|Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.|![](https://img.shields.io/github/stars/enjoiz/XXEinjector?label=%20)|[`xxe`](/categorize/tags/xxe.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Exploit|[beef](https://github.com/beefproject/beef)|The Browser Exploitation Framework Project|![](https://img.shields.io/github/stars/beefproject/beef?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Utils|[hbxss](https://github.com/hahwul/hbxss)|Security test tool for Blind XSS|![](https://img.shields.io/github/stars/hahwul/hbxss?label=%20)|[`xss`](/categorize/tags/xss.md) [`blind-xss`](/categorize/tags/blind-xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Utils|[oxml_xxe](https://github.com/BuffaloWill/oxml_xxe)|A tool for embedding XXE/XML exploits into different filetypes |![](https://img.shields.io/github/stars/BuffaloWill/oxml_xxe?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Env|[pentest-env](https://github.com/Sliim/pentest-env)|Pentest environment deployer (kali linux + targets) using vagrant and chef.|![](https://img.shields.io/github/stars/Sliim/pentest-env?label=%20)|[`pentest`](/categorize/tags/pentest.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Env|[Glue](https://github.com/OWASP/glue)|Application Security Automation|![](https://img.shields.io/github/stars/OWASP/glue?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n\n"
  },
  {
    "path": "categorize/langs/Rust.md",
    "content": "\n## Tools Made of Rust\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Proxy|[Caido](https://caido.io)|A lightweight web security auditing toolkit||[`mitmproxy`](/categorize/tags/mitmproxy.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![caido](/images/caido.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Recon|[rusolver](https://github.com/Edu4rdSHL/rusolver)|Fast and accurate DNS resolver.|![](https://img.shields.io/github/stars/Edu4rdSHL/rusolver?label=%20)|[`dns`](/categorize/tags/dns.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Recon|[sn0int](https://github.com/kpcyrd/sn0int)|Semi-automatic OSINT framework and package manager|![](https://img.shields.io/github/stars/kpcyrd/sn0int?label=%20)|[`osint`](/categorize/tags/osint.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Recon|[urx](https://github.com/hahwul/urx)|Extracts URLs from OSINT Archives for Security Insights|![](https://img.shields.io/github/stars/hahwul/urx?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Recon|[x8](https://github.com/Sh1Yo/x8)|Hidden parameters discovery suite|![](https://img.shields.io/github/stars/Sh1Yo/x8?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Recon|[RustScan](https://github.com/brandonskerritt/RustScan)|Faster Nmap Scanning with Rust |![](https://img.shields.io/github/stars/brandonskerritt/RustScan?label=%20)|[`portscan`](/categorize/tags/portscan.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Recon|[fhc](https://github.com/Edu4rdSHL/fhc)|Fast HTTP Checker.|![](https://img.shields.io/github/stars/Edu4rdSHL/fhc?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Recon|[findomain](https://github.com/Edu4rdSHL/findomain)|The fastest and cross-platform subdomain enumerator, do not waste your time. |![](https://img.shields.io/github/stars/Edu4rdSHL/findomain?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Fuzzer|[ppfuzz](https://github.com/dwisiswant0/ppfuzz)|A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀|![](https://img.shields.io/github/stars/dwisiswant0/ppfuzz?label=%20)|[`prototypepollution`](/categorize/tags/prototypepollution.md) [`prototype-pollution`](/categorize/tags/prototype-pollution.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Fuzzer|[feroxbuster](https://github.com/epi052/feroxbuster)|A fast, simple, recursive content discovery tool written in Rust.|![](https://img.shields.io/github/stars/epi052/feroxbuster?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Scanner|[smugglex](https://github.com/hahwul/smugglex)|Rust-powered HTTP Request Smuggling Scanner|![](https://img.shields.io/github/stars/hahwul/smugglex?label=%20)|[`smuggle`](/categorize/tags/smuggle.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Exploit|[ropr](https://github.com/Ben-Lichtman/ropr)|A blazing fast™ multithreaded ROP Gadget finder. ropper|![](https://img.shields.io/github/stars/Ben-Lichtman/ropr?label=%20)|[`rop`](/categorize/tags/rop.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Utils|[grex](https://github.com/pemistahl/grex)|A command-line tool and library for generating regular expressions from user-provided test cases|![](https://img.shields.io/github/stars/pemistahl/grex?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Utils|[hurl](https://github.com/Orange-OpenSource/hurl)|Hurl, run and test HTTP requests.|![](https://img.shields.io/github/stars/Orange-OpenSource/hurl?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Utils|[difftastic](https://github.com/Wilfred/difftastic)|a structural diff that understands syntax|![](https://img.shields.io/github/stars/Wilfred/difftastic?label=%20)|[`diff`](/categorize/tags/diff.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Utils|[bat](https://github.com/sharkdp/bat)|A cat(1) clone with wings.|![](https://img.shields.io/github/stars/sharkdp/bat?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n\n"
  },
  {
    "path": "categorize/langs/Shell.md",
    "content": "\n## Tools Made of Shell\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Army-Knife|[axiom](https://github.com/pry0cc/axiom)|A dynamic infrastructure toolkit for red teamers and bug bounty hunters! |![](https://img.shields.io/github/stars/pry0cc/axiom?label=%20)|[`infra`](/categorize/tags/infra.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Recon|[lazyrecon](https://github.com/nahamsec/lazyrecon)|This script is intended to automate your reconnaissance process in an organized fashion |![](https://img.shields.io/github/stars/nahamsec/lazyrecon?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Recon|[Sudomy](https://github.com/screetsec/Sudomy)|subdomain enumeration tool to collect subdomains and analyzing domains|![](https://img.shields.io/github/stars/screetsec/Sudomy?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Recon|[reconftw](https://github.com/six2dez/reconftw)|reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities|![](https://img.shields.io/github/stars/six2dez/reconftw?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Recon|[JSFScan.sh](https://github.com/KathanP19/JSFScan.sh)|Automation for javascript recon in bug bounty. |![](https://img.shields.io/github/stars/KathanP19/JSFScan.sh?label=%20)|[`js-analysis`](/categorize/tags/js-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Recon|[recon_profile](https://github.com/nahamsec/recon_profile)|Recon profile (bash profile) for bugbounty |![](https://img.shields.io/github/stars/nahamsec/recon_profile?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Recon|[megplus](https://github.com/EdOverflow/megplus)|Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED] |![](https://img.shields.io/github/stars/EdOverflow/megplus?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Recon|[BugBountyScanner](https://github.com/chvancooten/BugBountyScanner)|A Bash script and Docker image for Bug Bounty reconnaissance.|![](https://img.shields.io/github/stars/chvancooten/BugBountyScanner?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Fuzzer|[SSRFire](https://github.com/ksharinarayanan/SSRFire)|An automated SSRF finder. Just give the domain name and your server and chill|![](https://img.shields.io/github/stars/ksharinarayanan/SSRFire?label=%20)|[`ssrf`](/categorize/tags/ssrf.md)|![linux](/images/linux.png)![macos](/images/apple.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Fuzzer|[crlfuzz](https://github.com/dwisiswant0/crlfuzz)|A fast tool to scan CRLF vulnerability written in Go |![](https://img.shields.io/github/stars/dwisiswant0/crlfuzz?label=%20)|[`crlf`](/categorize/tags/crlf.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Fuzzer|[BruteX](https://github.com/1N3/BruteX)|Automatically brute force all services running on a target.|![](https://img.shields.io/github/stars/1N3/BruteX?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Scanner|[web_cache_poison](https://github.com/fngoo/web_cache_poison)|web cache poison - Top 1 web hacking technique of 2019|![](https://img.shields.io/github/stars/fngoo/web_cache_poison?label=%20)|[`cache-vuln`](/categorize/tags/cache-vuln.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Scanner|[testssl.sh](https://github.com/drwetter/testssl.sh)|Testing TLS/SSL encryption anywhere on any port |![](https://img.shields.io/github/stars/drwetter/testssl.sh?label=%20)|[`ssl`](/categorize/tags/ssl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Scanner|[findom-xss](https://github.com/dwisiswant0/findom-xss)|A fast DOM based XSS vulnerability scanner with simplicity. |![](https://img.shields.io/github/stars/dwisiswant0/findom-xss?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Exploit|[Sn1per](https://github.com/1N3/Sn1per)|Automated pentest framework for offensive security experts |![](https://img.shields.io/github/stars/1N3/Sn1per?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Utils|[pwncat](https://github.com/cytopia/pwncat)|pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE) |![](https://img.shields.io/github/stars/cytopia/pwncat?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Utils|[Findsploit](https://github.com/1N3/Findsploit)|Find exploits in local and online databases instantly|![](https://img.shields.io/github/stars/1N3/Findsploit?label=%20)|[`exploit`](/categorize/tags/exploit.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Utils|[ob_hacky_slack](https://github.com/openbridge/ob_hacky_slack)|Hacky Slack - a bash script that sends beautiful messages to Slack|![](https://img.shields.io/github/stars/openbridge/ob_hacky_slack?label=%20)|[`notify`](/categorize/tags/notify.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Utils|[bountyplz](https://github.com/fransr/bountyplz)|Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported) |![](https://img.shields.io/github/stars/fransr/bountyplz?label=%20)|[`report`](/categorize/tags/report.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n\n"
  },
  {
    "path": "categorize/langs/Txt.md",
    "content": "\n## Tools Made of Txt\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Utils|[bruteforce-lists](https://github.com/random-robbie/bruteforce-lists)|Some files for bruteforcing certain things.|![](https://img.shields.io/github/stars/random-robbie/bruteforce-lists?label=%20)|[`wordlist`](/categorize/tags/wordlist.md) [`documents`](/categorize/tags/documents.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Txt](/images/txt.png)](/categorize/langs/Txt.md)|\n|Utils|[SecLists](https://github.com/danielmiessler/SecLists)|SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place.|![](https://img.shields.io/github/stars/danielmiessler/SecLists?label=%20)|[`wordlist`](/categorize/tags/wordlist.md) [`documents`](/categorize/tags/documents.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Txt](/images/txt.png)](/categorize/langs/Txt.md)|\n|Utils|[missing-cve-nuclei-templates](https://github.com/edoardottt/missing-cve-nuclei-templates)|Weekly updated list of missing CVEs in nuclei templates official repository|![](https://img.shields.io/github/stars/edoardottt/missing-cve-nuclei-templates?label=%20)|[`nuclei-templates`](/categorize/tags/nuclei-templates.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Txt](/images/txt.png)](/categorize/langs/Txt.md)|\n\n"
  },
  {
    "path": "categorize/langs/TypeScript.md",
    "content": "\n## Tools Made of TypeScript\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Exploit|[XXExploiter](https://github.com/luisfontes19/xxexploiter)|Tool to help exploit XXE vulnerabilities|![](https://img.shields.io/github/stars/luisfontes19/xxexploiter?label=%20)|[`xxe`](/categorize/tags/xxe.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![TypeScript](/images/typescript.png)](/categorize/langs/TypeScript.md)|\n|Utils|[notebook](https://github.com/caido-community/notebook)|Notebook Caido Plugin|![](https://img.shields.io/github/stars/caido-community/notebook?label=%20)|[`note`](/categorize/tags/note.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![caido](/images/caido.png)[![TypeScript](/images/typescript.png)](/categorize/langs/TypeScript.md)|\n|Utils|[EvenBetter](https://github.com/bebiksior/EvenBetter)|EvenBetter is a frontend Caido plugin that makes the Caido experience even better|![](https://img.shields.io/github/stars/bebiksior/EvenBetter?label=%20)|[`encode`](/categorize/tags/encode.md) [`ssrf`](/categorize/tags/ssrf.md) [`darkmode`](/categorize/tags/darkmode.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![caido](/images/caido.png)[![TypeScript](/images/typescript.png)](/categorize/langs/TypeScript.md)|\n|Utils|[EvenBetterExtensions](https://github.com/bebiksior/EvenBetterExtensions)|EvenBetterExtensions allows you to quicky install and keep updated Caido extensions.|![](https://img.shields.io/github/stars/bebiksior/EvenBetterExtensions?label=%20)|[`encode`](/categorize/tags/encode.md) [`ssrf`](/categorize/tags/ssrf.md) [`darkmode`](/categorize/tags/darkmode.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![caido](/images/caido.png)[![TypeScript](/images/typescript.png)](/categorize/langs/TypeScript.md)|\n|Utils|[caidope](https://github.com/skitttles-berry/caidope)|caidope - caido plugin|![](https://img.shields.io/github/stars/skitttles-berry/caidope?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![caido](/images/caido.png)[![TypeScript](/images/typescript.png)](/categorize/langs/TypeScript.md)|\n|Utils|[Hack-Tools](https://github.com/LasCC/Hack-Tools)|The all-in-one Red Team extension for Web Pentester 🛠|![](https://img.shields.io/github/stars/LasCC/Hack-Tools?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![firefox](/images/firefox.png)![chrome](/images/chrome.png)![safari](/images/safari.png)[![TypeScript](/images/typescript.png)](/categorize/langs/TypeScript.md)|\n|Utils|[ZAP Browser Extension](https://github.com/zaproxy/browser-extension/)|A browser extension which allows ZAP to interact directly with the browser.|![](https://img.shields.io/github/stars/zaproxy/browser-extension/?label=%20)|[`browser-record`](/categorize/tags/browser-record.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![firefox](/images/firefox.png)![chrome](/images/chrome.png)![zap](/images/zap.png)[![TypeScript](/images/typescript.png)](/categorize/langs/TypeScript.md)|\n|Utils|[hoppscotch](https://github.com/hoppscotch/hoppscotch)|Open source API development ecosystem|![](https://img.shields.io/github/stars/hoppscotch/hoppscotch?label=%20)|[`http`](/categorize/tags/http.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![TypeScript](/images/typescript.png)](/categorize/langs/TypeScript.md)|\n|Utils|[CaidoReflector](https://github.com/bebiksior/CaidoReflector)|Automatically look for paramater reflections in the HTTP response|![](https://img.shields.io/github/stars/bebiksior/CaidoReflector?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![caido](/images/caido.png)[![TypeScript](/images/typescript.png)](/categorize/langs/TypeScript.md)|\n|Utils|[graphql-voyager](https://github.com/APIs-guru/graphql-voyager)|🛰️ Represent any GraphQL API as an interactive graph |![](https://img.shields.io/github/stars/APIs-guru/graphql-voyager?label=%20)|[`graphql`](/categorize/tags/graphql.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![TypeScript](/images/typescript.png)](/categorize/langs/TypeScript.md)|\n|Utils|[Dark Reader](https://github.com/darkreader/darkreader)|Dark mode to any site|![](https://img.shields.io/github/stars/darkreader/darkreader?label=%20)|[`darkmode`](/categorize/tags/darkmode.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![firefox](/images/firefox.png)![chrome](/images/chrome.png)[![TypeScript](/images/typescript.png)](/categorize/langs/TypeScript.md)|\n\n"
  },
  {
    "path": "categorize/tags/403.md",
    "content": "\n## Tools for 403\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Scanner|[dontgo403](https://github.com/devploit/dontgo403)|Tool to bypass 40X response codes.|![](https://img.shields.io/github/stars/devploit/dontgo403?label=%20)|[`403`](/categorize/tags/403.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[DirDar](https://github.com/M4DM0e/DirDar)|DirDar is a tool that searches for (403-Forbidden) directories to break it and get dir listing on it|![](https://img.shields.io/github/stars/M4DM0e/DirDar?label=%20)|[`403`](/categorize/tags/403.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n\n"
  },
  {
    "path": "categorize/tags/RMI.md",
    "content": "\n## Tools for RMI\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Exploit|[BaRMIe](https://github.com/NickstaDB/BaRMIe)|Java RMI enumeration and attack tool.|![](https://img.shields.io/github/stars/NickstaDB/BaRMIe?label=%20)|[`RMI`](/categorize/tags/RMI.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n\n"
  },
  {
    "path": "categorize/tags/aaa.md",
    "content": "\n## Tools for aaa\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Scanner|[AuthMatrix](https://github.com/SecurityInnovation/AuthMatrix)||![](https://img.shields.io/github/stars/SecurityInnovation/AuthMatrix?label=%20)|[`aaa`](/categorize/tags/aaa.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[Autorize](https://github.com/Quitten/Autorize)||![](https://img.shields.io/github/stars/Quitten/Autorize?label=%20)|[`aaa`](/categorize/tags/aaa.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n\n"
  },
  {
    "path": "categorize/tags/apk.md",
    "content": "\n## Tools for apk\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Recon|[apkleaks](https://github.com/dwisiswant0/apkleaks)|Scanning APK file for URIs, endpoints & secrets. |![](https://img.shields.io/github/stars/dwisiswant0/apkleaks?label=%20)|[`apk`](/categorize/tags/apk.md) [`url`](/categorize/tags/url.md) [`endpoint`](/categorize/tags/endpoint.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n\n"
  },
  {
    "path": "categorize/tags/asn.md",
    "content": "\n## Tools for asn\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Recon|[asnmap](https://github.com/projectdiscovery/asnmap)|Go CLI and Library for quickly mapping organization network ranges using ASN information|![](https://img.shields.io/github/stars/projectdiscovery/asnmap?label=%20)|[`asn`](/categorize/tags/asn.md) [`network-mapping`](/categorize/tags/network-mapping.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n\n"
  },
  {
    "path": "categorize/tags/asset-discovery.md",
    "content": "\n## Tools for asset-discovery\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Recon|[cloudlist](https://github.com/projectdiscovery/cloudlist)|Cloudlist is a tool for listing Assets from multiple Cloud Providers|![](https://img.shields.io/github/stars/projectdiscovery/cloudlist?label=%20)|[`cloud`](/categorize/tags/cloud.md) [`asset-discovery`](/categorize/tags/asset-discovery.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n\n"
  },
  {
    "path": "categorize/tags/attack-surface.md",
    "content": "\n## Tools for attack-surface\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Recon|[attack-surface-detector-burp](https://github.com/secdec/attack-surface-detector-burp)|The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters|![](https://img.shields.io/github/stars/secdec/attack-surface-detector-burp?label=%20)|[`endpoint`](/categorize/tags/endpoint.md) [`url`](/categorize/tags/url.md) [`attack-surface`](/categorize/tags/attack-surface.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Recon|[attack-surface-detector-zap](https://github.com/secdec/attack-surface-detector-zap)|The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters|![](https://img.shields.io/github/stars/secdec/attack-surface-detector-zap?label=%20)|[`endpoint`](/categorize/tags/endpoint.md) [`url`](/categorize/tags/url.md) [`attack-surface`](/categorize/tags/attack-surface.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Recon|[noir](https://github.com/noir-cr/noir)|Attack surface detector that identifies endpoints by static analysis|![](https://img.shields.io/github/stars/noir-cr/noir?label=%20)|[`endpoint`](/categorize/tags/endpoint.md) [`url`](/categorize/tags/url.md) [`attack-surface`](/categorize/tags/attack-surface.md)|![linux](/images/linux.png)![macos](/images/apple.png)[![Crystal](/images/crystal.png)](/categorize/langs/Crystal.md)|\n\n"
  },
  {
    "path": "categorize/tags/authentication.md",
    "content": "\n## Tools for authentication\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Exploit|[jwt_tool](https://github.com/ticarpi/jwt_tool)|A toolkit for testing, tweaking and cracking JSON Web Tokens|![](https://img.shields.io/github/stars/ticarpi/jwt_tool?label=%20)|[`jwt`](/categorize/tags/jwt.md) [`authentication`](/categorize/tags/authentication.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n\n"
  },
  {
    "path": "categorize/tags/aws.md",
    "content": "\n## Tools for aws\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Scanner|[cloud-audit](https://github.com/gebalamariusz/cloud-audit)|Fast, opinionated AWS security scanner with Terraform remediation and attack chain detection|![](https://img.shields.io/github/stars/gebalamariusz/cloud-audit?label=%20)|[`aws`](/categorize/tags/aws.md) [`cloud`](/categorize/tags/cloud.md) [`security`](/categorize/tags/security.md) [`terraform`](/categorize/tags/terraform.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n\n"
  },
  {
    "path": "categorize/tags/blind-xss.md",
    "content": "\n## Tools for blind-xss\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Utils|[hbxss](https://github.com/hahwul/hbxss)|Security test tool for Blind XSS|![](https://img.shields.io/github/stars/hahwul/hbxss?label=%20)|[`xss`](/categorize/tags/xss.md) [`blind-xss`](/categorize/tags/blind-xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Utils|[gxss](https://github.com/rverton/gxss)|Blind XSS service alerting over slack or email|![](https://img.shields.io/github/stars/rverton/gxss?label=%20)|[`xss`](/categorize/tags/xss.md) [`blind-xss`](/categorize/tags/blind-xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[blistener](https://github.com/fyxme/blistener)|Blind-XSS listener with payloads|![](https://img.shields.io/github/stars/fyxme/blistener?label=%20)|[`xss`](/categorize/tags/xss.md) [`blind-xss`](/categorize/tags/blind-xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[xless](https://github.com/mazen160/xless)|The Serverless Blind XSS App|![](https://img.shields.io/github/stars/mazen160/xless?label=%20)|[`xss`](/categorize/tags/xss.md) [`blind-xss`](/categorize/tags/blind-xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[XSS-Catcher](https://github.com/daxAKAhackerman/XSS-Catcher)|Find blind XSS but why not gather data while you're at it.|![](https://img.shields.io/github/stars/daxAKAhackerman/XSS-Catcher?label=%20)|[`xss`](/categorize/tags/xss.md) [`blind-xss`](/categorize/tags/blind-xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[ezXSS](https://github.com/ssl/ezXSS)|ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting. |![](https://img.shields.io/github/stars/ssl/ezXSS?label=%20)|[`xss`](/categorize/tags/xss.md) [`blind-xss`](/categorize/tags/blind-xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![PHP](/images/php.png)](/categorize/langs/PHP.md)|\n\n"
  },
  {
    "path": "categorize/tags/broken-link.md",
    "content": "\n## Tools for broken-link\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Scanner|[Deadsniper](https://github.com/port19x/deadsniper)|A fast, specialized dead-link checker|![](https://img.shields.io/github/stars/port19x/deadsniper?label=%20)|[`broken-link`](/categorize/tags/broken-link.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[DeadFinder](https://github.com/hahwul/deadfinder)|Find dead-links (broken links)|![](https://img.shields.io/github/stars/hahwul/deadfinder?label=%20)|[`broken-link`](/categorize/tags/broken-link.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Scanner|[deadlinks](https://github.com/butuzov/deadlinks)|Health checks for your documentation links.|![](https://img.shields.io/github/stars/butuzov/deadlinks?label=%20)|[`broken-link`](/categorize/tags/broken-link.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n\n"
  },
  {
    "path": "categorize/tags/browser-record.md",
    "content": "\n## Tools for browser-record\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Utils|[ZAP Browser Extension](https://github.com/zaproxy/browser-extension/)|A browser extension which allows ZAP to interact directly with the browser.|![](https://img.shields.io/github/stars/zaproxy/browser-extension/?label=%20)|[`browser-record`](/categorize/tags/browser-record.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![firefox](/images/firefox.png)![chrome](/images/chrome.png)![zap](/images/zap.png)[![TypeScript](/images/typescript.png)](/categorize/langs/TypeScript.md)|\n\n"
  },
  {
    "path": "categorize/tags/cache-vuln.md",
    "content": "\n## Tools for cache-vuln\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Fuzzer|[ParamPamPam](https://github.com/Bo0oM/ParamPamPam)|This tool for brute discover GET and POST parameters.|![](https://img.shields.io/github/stars/Bo0oM/ParamPamPam?label=%20)|[`param`](/categorize/tags/param.md) [`cache-vuln`](/categorize/tags/cache-vuln.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Fuzzer|[param-miner](https://github.com/PortSwigger/param-miner)|Param Miner|![](https://img.shields.io/github/stars/PortSwigger/param-miner?label=%20)|[`param`](/categorize/tags/param.md) [`cache-vuln`](/categorize/tags/cache-vuln.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Scanner|[web_cache_poison](https://github.com/fngoo/web_cache_poison)|web cache poison - Top 1 web hacking technique of 2019|![](https://img.shields.io/github/stars/fngoo/web_cache_poison?label=%20)|[`cache-vuln`](/categorize/tags/cache-vuln.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Scanner|[FockCache](https://github.com/tismayil/fockcache)|Minimalized Test Cache Poisoning|![](https://img.shields.io/github/stars/tismayil/fockcache?label=%20)|[`cache-vuln`](/categorize/tags/cache-vuln.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[Web-Cache-Vulnerability-Scanner](https://github.com/Hackmanit/Web-Cache-Vulnerability-Scanner)|Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).|![](https://img.shields.io/github/stars/Hackmanit/Web-Cache-Vulnerability-Scanner?label=%20)|[`cache-vuln`](/categorize/tags/cache-vuln.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[autopoisoner](https://github.com/Th0h0/autopoisoner)|Web cache poisoning vulnerability scanner.|![](https://img.shields.io/github/stars/Th0h0/autopoisoner?label=%20)|[`cache-vuln`](/categorize/tags/cache-vuln.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n\n"
  },
  {
    "path": "categorize/tags/certificates.md",
    "content": "\n## Tools for certificates\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Recon|[tlsx](https://github.com/projectdiscovery/tlsx)|Fast and configurable TLS grabber focused on TLS based data collection|![](https://img.shields.io/github/stars/projectdiscovery/tlsx?label=%20)|[`ssl`](/categorize/tags/ssl.md) [`tls`](/categorize/tags/tls.md) [`certificates`](/categorize/tags/certificates.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n\n"
  },
  {
    "path": "categorize/tags/cidr.md",
    "content": "\n## Tools for cidr\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Utils|[mapcidr](https://github.com/projectdiscovery/mapcidr)|Utility program to perform multiple operations for a given subnet/CIDR ranges|![](https://img.shields.io/github/stars/projectdiscovery/mapcidr?label=%20)|[`cidr`](/categorize/tags/cidr.md) [`network`](/categorize/tags/network.md) [`ip-manipulation`](/categorize/tags/ip-manipulation.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n\n"
  },
  {
    "path": "categorize/tags/clipboard.md",
    "content": "\n## Tools for clipboard\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Utils|[Clipboard](https://github.com/Slackadays/Clipboard)|An external brain that remembers anything, anytime, anywhere.|![](https://img.shields.io/github/stars/Slackadays/Clipboard?label=%20)|[`clipboard`](/categorize/tags/clipboard.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![C++](/images/c++.png)](/categorize/langs/C++.md)|\n\n"
  },
  {
    "path": "categorize/tags/cloud.md",
    "content": "\n## Tools for cloud\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Recon|[cloudlist](https://github.com/projectdiscovery/cloudlist)|Cloudlist is a tool for listing Assets from multiple Cloud Providers|![](https://img.shields.io/github/stars/projectdiscovery/cloudlist?label=%20)|[`cloud`](/categorize/tags/cloud.md) [`asset-discovery`](/categorize/tags/asset-discovery.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[cloud-audit](https://github.com/gebalamariusz/cloud-audit)|Fast, opinionated AWS security scanner with Terraform remediation and attack chain detection|![](https://img.shields.io/github/stars/gebalamariusz/cloud-audit?label=%20)|[`aws`](/categorize/tags/aws.md) [`cloud`](/categorize/tags/cloud.md) [`security`](/categorize/tags/security.md) [`terraform`](/categorize/tags/terraform.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n\n"
  },
  {
    "path": "categorize/tags/code-analysis.md",
    "content": "\n## Tools for code-analysis\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Scanner|[semgrep](https://github.com/semgrep/semgrep)|Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.|![](https://img.shields.io/github/stars/semgrep/semgrep?label=%20)|[`sast`](/categorize/tags/sast.md) [`code-analysis`](/categorize/tags/code-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n\n"
  },
  {
    "path": "categorize/tags/container-security.md",
    "content": "\n## Tools for container-security\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Scanner|[trivy](https://github.com/aquasecurity/trivy)|Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more|![](https://img.shields.io/github/stars/aquasecurity/trivy?label=%20)|[`vulnerability-scanner`](/categorize/tags/vulnerability-scanner.md) [`container-security`](/categorize/tags/container-security.md) [`sbom`](/categorize/tags/sbom.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n\n"
  },
  {
    "path": "categorize/tags/cookie.md",
    "content": "\n## Tools for cookie\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Utils|[Edit-This-Cookie](https://github.com/ETCExtensions/Edit-This-Cookie)|EditThisCookie is the famous Google Chrome/Chromium extension for editing cookies|![](https://img.shields.io/github/stars/ETCExtensions/Edit-This-Cookie?label=%20)|[`cookie`](/categorize/tags/cookie.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![chrome](/images/chrome.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[cookie-quick-manager](https://github.com/ysard/cookie-quick-manager)|An addon to manage (view, search, create, edit, remove, backup, restore) cookies on Firefox.|![](https://img.shields.io/github/stars/ysard/cookie-quick-manager?label=%20)|[`cookie`](/categorize/tags/cookie.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![firefox](/images/firefox.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n\n"
  },
  {
    "path": "categorize/tags/cors.md",
    "content": "\n## Tools for cors\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Scanner|[Corsy](https://github.com/s0md3v/Corsy)|CORS Misconfiguration Scanner |![](https://img.shields.io/github/stars/s0md3v/Corsy?label=%20)|[`cors`](/categorize/tags/cors.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[corsair_scan](https://github.com/Santandersecurityresearch/corsair_scan)|Corsair_scan is a security tool to test Cross-Origin Resource Sharing (CORS).|![](https://img.shields.io/github/stars/Santandersecurityresearch/corsair_scan?label=%20)|[`cors`](/categorize/tags/cors.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[CorsMe](https://github.com/Shivangx01b/CorsMe)|Cross Origin Resource Sharing MisConfiguration Scanner |![](https://img.shields.io/github/stars/Shivangx01b/CorsMe?label=%20)|[`cors`](/categorize/tags/cors.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Exploit|[of-CORS](https://github.com/trufflesecurity/of-CORS)|Identifying and exploiting CORS misconfigurations on the internal networks|![](https://img.shields.io/github/stars/trufflesecurity/of-CORS?label=%20)|[`cors`](/categorize/tags/cors.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n\n"
  },
  {
    "path": "categorize/tags/crawl.md",
    "content": "\n## Tools for crawl\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Army-Knife|[ZAP](https://github.com/zaproxy/zaproxy)|The ZAP core project|![](https://img.shields.io/github/stars/zaproxy/zaproxy?label=%20)|[`mitmproxy`](/categorize/tags/mitmproxy.md) [`live-audit`](/categorize/tags/live-audit.md) [`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Army-Knife|[BurpSuite](https://portswigger.net/burp)|The BurpSuite Project||[`mitmproxy`](/categorize/tags/mitmproxy.md) [`live-audit`](/categorize/tags/live-audit.md) [`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Army-knife|[Ronin](https://ronin-rb.dev)|Free and Open Source Ruby Toolkit for Security Research and Development||[`pentest`](/categorize/tags/pentest.md) [`crawl`](/categorize/tags/crawl.md) [`recon`](/categorize/tags/recon.md) [`exploit`](/categorize/tags/exploit.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Recon|[crawlergo](https://github.com/Qianlitp/crawlergo)|A powerful browser crawler for web vulnerability scanners|![](https://img.shields.io/github/stars/Qianlitp/crawlergo?label=%20)|[`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[cariddi](https://github.com/edoardottt/cariddi)|Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more|![](https://img.shields.io/github/stars/edoardottt/cariddi?label=%20)|[`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[gospider](https://github.com/jaeles-project/gospider)|Gospider - Fast web spider written in Go |![](https://img.shields.io/github/stars/jaeles-project/gospider?label=%20)|[`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[hakrawler](https://github.com/hakluke/hakrawler)|Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application |![](https://img.shields.io/github/stars/hakluke/hakrawler?label=%20)|[`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[Photon](https://github.com/s0md3v/Photon)|Incredibly fast crawler designed for OSINT. |![](https://img.shields.io/github/stars/s0md3v/Photon?label=%20)|[`osint`](/categorize/tags/osint.md) [`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[katana](https://github.com/projectdiscovery/katana)|A next-generation crawling and spidering framework.|![](https://img.shields.io/github/stars/projectdiscovery/katana?label=%20)|[`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[security-crawl-maze](https://github.com/google/security-crawl-maze)|Security Crawl Maze is a comprehensive testbed for web security crawlers. It contains pages representing many ways in which one can link resources from a valid HTML document.|![](https://img.shields.io/github/stars/google/security-crawl-maze?label=%20)|[`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![HTML](/images/html.png)](/categorize/langs/HTML.md)|\n\n"
  },
  {
    "path": "categorize/tags/credentials.md",
    "content": "\n## Tools for credentials\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Scanner|[trufflehog](https://github.com/trufflesecurity/trufflehog)|Find and verify credentials in git repositories, filesystems, and S3 buckets|![](https://img.shields.io/github/stars/trufflesecurity/trufflehog?label=%20)|[`secret-scanning`](/categorize/tags/secret-scanning.md) [`credentials`](/categorize/tags/credentials.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n\n"
  },
  {
    "path": "categorize/tags/crlf.md",
    "content": "\n## Tools for crlf\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Fuzzer|[crlfuzz](https://github.com/dwisiswant0/crlfuzz)|A fast tool to scan CRLF vulnerability written in Go |![](https://img.shields.io/github/stars/dwisiswant0/crlfuzz?label=%20)|[`crlf`](/categorize/tags/crlf.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Scanner|[LOXS](https://github.com/coffinxp/loxs)|best tool for finding SQLi,CRLF,XSS,LFi,OpenRedirect|![](https://img.shields.io/github/stars/coffinxp/loxs?label=%20)|[`xss`](/categorize/tags/xss.md) [`sqli`](/categorize/tags/sqli.md) [`crlf`](/categorize/tags/crlf.md) [`lfi`](/categorize/tags/lfi.md) [`open-redirect`](/categorize/tags/open-redirect.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n\n"
  },
  {
    "path": "categorize/tags/csp.md",
    "content": "\n## Tools for csp\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Recon|[csprecon](https://github.com/edoardottt/csprecon)|Discover new target domains using Content Security Policy|![](https://img.shields.io/github/stars/edoardottt/csprecon?label=%20)|[`csp`](/categorize/tags/csp.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[csp-auditor](https://github.com/GoSecure/csp-auditor)||![](https://img.shields.io/github/stars/GoSecure/csp-auditor?label=%20)|[`csp`](/categorize/tags/csp.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[CSP Evaluator](https://csp-evaluator.withgoogle.com)|Online CSP Evaluator from google||[`csp`](/categorize/tags/csp.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)|\n\n"
  },
  {
    "path": "categorize/tags/darkmode.md",
    "content": "\n## Tools for darkmode\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Utils|[EvenBetter](https://github.com/bebiksior/EvenBetter)|EvenBetter is a frontend Caido plugin that makes the Caido experience even better|![](https://img.shields.io/github/stars/bebiksior/EvenBetter?label=%20)|[`encode`](/categorize/tags/encode.md) [`ssrf`](/categorize/tags/ssrf.md) [`darkmode`](/categorize/tags/darkmode.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![caido](/images/caido.png)[![TypeScript](/images/typescript.png)](/categorize/langs/TypeScript.md)|\n|Utils|[EvenBetterExtensions](https://github.com/bebiksior/EvenBetterExtensions)|EvenBetterExtensions allows you to quicky install and keep updated Caido extensions.|![](https://img.shields.io/github/stars/bebiksior/EvenBetterExtensions?label=%20)|[`encode`](/categorize/tags/encode.md) [`ssrf`](/categorize/tags/ssrf.md) [`darkmode`](/categorize/tags/darkmode.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![caido](/images/caido.png)[![TypeScript](/images/typescript.png)](/categorize/langs/TypeScript.md)|\n|Utils|[Dark Reader](https://github.com/darkreader/darkreader)|Dark mode to any site|![](https://img.shields.io/github/stars/darkreader/darkreader?label=%20)|[`darkmode`](/categorize/tags/darkmode.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![firefox](/images/firefox.png)![chrome](/images/chrome.png)[![TypeScript](/images/typescript.png)](/categorize/langs/TypeScript.md)|\n\n"
  },
  {
    "path": "categorize/tags/dependency-confusion.md",
    "content": "\n## Tools for dependency-confusion\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Scanner|[depenfusion](https://github.com/benjamin-mauss/depenfusion)|A powerful pentesting tool for detecting and exploiting dependency confusion vulnerabilities in Node.js projects|![](https://img.shields.io/github/stars/benjamin-mauss/depenfusion?label=%20)|[`dependency-confusion`](/categorize/tags/dependency-confusion.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[ConfusedDotnet](https://github.com/visma-prodsec/ConfusedDotnet)|Tool to check for dependency confusion vulnerabilities in NuGet package management systems|![](https://img.shields.io/github/stars/visma-prodsec/ConfusedDotnet?label=%20)|[`dependency-confusion`](/categorize/tags/dependency-confusion.md)|![windows](/images/windows.png)[![C#](/images/c%23.png)](/categorize/langs/C%23.md)|\n|Scanner|[confused](https://github.com/visma-prodsec/confused)|Tool to check for dependency confusion vulnerabilities in multiple package management systems|![](https://img.shields.io/github/stars/visma-prodsec/confused?label=%20)|[`dependency-confusion`](/categorize/tags/dependency-confusion.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[dependency-confusion-scanner](https://github.com/Yaniv-git/dependency-confusion-scanner)|This small repo is meant to scan Github's repositories for potential Dependency confusion vulnerabilities.|![](https://img.shields.io/github/stars/Yaniv-git/dependency-confusion-scanner?label=%20)|[`dependency-confusion`](/categorize/tags/dependency-confusion.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n\n"
  },
  {
    "path": "categorize/tags/dependency-scanning.md",
    "content": "\n## Tools for dependency-scanning\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Scanner|[osv-scanner](https://github.com/google/osv-scanner)|Vulnerability scanner which uses the OSV database to find vulnerabilities in open source projects|![](https://img.shields.io/github/stars/google/osv-scanner?label=%20)|[`vulnerability-scanner`](/categorize/tags/vulnerability-scanner.md) [`dependency-scanning`](/categorize/tags/dependency-scanning.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n\n"
  },
  {
    "path": "categorize/tags/deserialize.md",
    "content": "\n## Tools for deserialize\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Utils|[GadgetProbe](https://github.com/BishopFox/GadgetProbe)|Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.|![](https://img.shields.io/github/stars/BishopFox/GadgetProbe?label=%20)|[`deserialize`](/categorize/tags/deserialize.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[ysoserial.net](https://github.com/pwntester/ysoserial.net)|Deserialization payload generator for a variety of .NET formatters |![](https://img.shields.io/github/stars/pwntester/ysoserial.net?label=%20)|[`deserialize`](/categorize/tags/deserialize.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![C#](/images/c%23.png)](/categorize/langs/C%23.md)|\n|Utils|[SerializationDumper](https://github.com/NickstaDB/SerializationDumper)|A tool to dump Java serialization streams in a more human readable form.|![](https://img.shields.io/github/stars/NickstaDB/SerializationDumper?label=%20)|[`deserialize`](/categorize/tags/deserialize.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[ysoserial](https://github.com/frohoff/ysoserial)|A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization. |![](https://img.shields.io/github/stars/frohoff/ysoserial?label=%20)|[`deserialize`](/categorize/tags/deserialize.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n\n"
  },
  {
    "path": "categorize/tags/diff.md",
    "content": "\n## Tools for diff\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Utils|[difftastic](https://github.com/Wilfred/difftastic)|a structural diff that understands syntax|![](https://img.shields.io/github/stars/Wilfred/difftastic?label=%20)|[`diff`](/categorize/tags/diff.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n\n"
  },
  {
    "path": "categorize/tags/dns.md",
    "content": "\n## Tools for dns\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Recon|[puredns](https://github.com/d3mondev/puredns)|Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.|![](https://img.shields.io/github/stars/d3mondev/puredns?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`dns`](/categorize/tags/dns.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[rusolver](https://github.com/Edu4rdSHL/rusolver)|Fast and accurate DNS resolver.|![](https://img.shields.io/github/stars/Edu4rdSHL/rusolver?label=%20)|[`dns`](/categorize/tags/dns.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Recon|[scilla](https://github.com/edoardottt/scilla)|🏴‍☠️ Information Gathering tool 🏴‍☠️ dns/subdomain/port enumeration|![](https://img.shields.io/github/stars/edoardottt/scilla?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`dns`](/categorize/tags/dns.md) [`port`](/categorize/tags/port.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[zdns](https://github.com/zmap/zdns)|Fast CLI DNS Lookup Tool|![](https://img.shields.io/github/stars/zmap/zdns?label=%20)|[`dns`](/categorize/tags/dns.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[altdns](https://github.com/infosec-au/altdns)|Generates permutations, alterations and mutations of subdomains and then resolves them |![](https://img.shields.io/github/stars/infosec-au/altdns?label=%20)|[`dns`](/categorize/tags/dns.md) [`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[dnsx](https://github.com/projectdiscovery/dnsx)|dnsx is a fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolvers.|![](https://img.shields.io/github/stars/projectdiscovery/dnsx?label=%20)|[`dns`](/categorize/tags/dns.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[BLUTO](https://github.com/darryllane/Bluto)|DNS Analysis Tool|![](https://img.shields.io/github/stars/darryllane/Bluto?label=%20)|[`dns`](/categorize/tags/dns.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[dnsprobe](https://github.com/projectdiscovery/dnsprobe)|DNSProb (beta) is a tool built on top of retryabledns that allows you to perform multiple dns queries of your choice with a list of user supplied resolvers. |![](https://img.shields.io/github/stars/projectdiscovery/dnsprobe?label=%20)|[`dns`](/categorize/tags/dns.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[DNSDumpster](https://dnsdumpster.com)| Online dns recon & research, find & lookup dns records||[`dns`](/categorize/tags/dns.md) [`online`](/categorize/tags/online.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)|\n|Recon|[dnsvalidator](https://github.com/vortexau/dnsvalidator)|Maintains a list of IPv4 DNS servers by verifying them against baseline servers, and ensuring accurate responses.|![](https://img.shields.io/github/stars/vortexau/dnsvalidator?label=%20)|[`dns`](/categorize/tags/dns.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[shuffledns](https://github.com/projectdiscovery/shuffledns)|shuffleDNS is a wrapper around massdns written in go that allows you to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard handling and easy input-output support. |![](https://img.shields.io/github/stars/projectdiscovery/shuffledns?label=%20)|[`dns`](/categorize/tags/dns.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[dnsobserver](https://github.com/allyomalley/dnsobserver)|A handy DNS service written in Go to aid in the detection of several types of blind vulnerabilities. It monitors a pentester's server for out-of-band DNS interactions and sends lookup notifications via Slack. |![](https://img.shields.io/github/stars/allyomalley/dnsobserver?label=%20)|[`oast`](/categorize/tags/oast.md) [`dns`](/categorize/tags/dns.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n\n"
  },
  {
    "path": "categorize/tags/documents.md",
    "content": "\n## Tools for documents\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Utils|[bruteforce-lists](https://github.com/random-robbie/bruteforce-lists)|Some files for bruteforcing certain things.|![](https://img.shields.io/github/stars/random-robbie/bruteforce-lists?label=%20)|[`wordlist`](/categorize/tags/wordlist.md) [`documents`](/categorize/tags/documents.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Txt](/images/txt.png)](/categorize/langs/Txt.md)|\n|Utils|[Assetnote Wordlists](https://github.com/assetnote/wordlists)|Automated & Manual Wordlists provided by Assetnote|![](https://img.shields.io/github/stars/assetnote/wordlists?label=%20)|[`wordlist`](/categorize/tags/wordlist.md) [`documents`](/categorize/tags/documents.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![CSS](/images/css.png)](/categorize/langs/CSS.md)|\n|Utils|[SecLists](https://github.com/danielmiessler/SecLists)|SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place.|![](https://img.shields.io/github/stars/danielmiessler/SecLists?label=%20)|[`wordlist`](/categorize/tags/wordlist.md) [`documents`](/categorize/tags/documents.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Txt](/images/txt.png)](/categorize/langs/Txt.md)|\n|Utils|[weaponised-XSS-payloads](https://github.com/hakluke/weaponised-XSS-payloads)|XSS payloads designed to turn alert(1) into P1|![](https://img.shields.io/github/stars/hakluke/weaponised-XSS-payloads?label=%20)|[`xss`](/categorize/tags/xss.md) [`documents`](/categorize/tags/documents.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n\n"
  },
  {
    "path": "categorize/tags/dom.md",
    "content": "\n## Tools for dom\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Utils|[DOMLogger++](https://github.com/kevin-mizu/domloggerpp)|A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.|![](https://img.shields.io/github/stars/kevin-mizu/domloggerpp?label=%20)|[`dom`](/categorize/tags/dom.md) [`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![firefox](/images/firefox.png)![chrome](/images/chrome.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n\n"
  },
  {
    "path": "categorize/tags/domain.md",
    "content": "\n## Tools for domain\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Recon|[aquatone](https://github.com/michenriksen/aquatone)|A Tool for Domain Flyovers |![](https://img.shields.io/github/stars/michenriksen/aquatone?label=%20)|[`domain`](/categorize/tags/domain.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n\n"
  },
  {
    "path": "categorize/tags/encode.md",
    "content": "\n## Tools for encode\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Utils|[eoyc](https://github.com/hahwul/eoyc)|Encoding Only Your Choices|![](https://img.shields.io/github/stars/hahwul/eoyc?label=%20)|[`encode`](/categorize/tags/encode.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Crystal](/images/crystal.png)](/categorize/langs/Crystal.md)|\n|Utils|[EvenBetter](https://github.com/bebiksior/EvenBetter)|EvenBetter is a frontend Caido plugin that makes the Caido experience even better|![](https://img.shields.io/github/stars/bebiksior/EvenBetter?label=%20)|[`encode`](/categorize/tags/encode.md) [`ssrf`](/categorize/tags/ssrf.md) [`darkmode`](/categorize/tags/darkmode.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![caido](/images/caido.png)[![TypeScript](/images/typescript.png)](/categorize/langs/TypeScript.md)|\n|Utils|[EvenBetterExtensions](https://github.com/bebiksior/EvenBetterExtensions)|EvenBetterExtensions allows you to quicky install and keep updated Caido extensions.|![](https://img.shields.io/github/stars/bebiksior/EvenBetterExtensions?label=%20)|[`encode`](/categorize/tags/encode.md) [`ssrf`](/categorize/tags/ssrf.md) [`darkmode`](/categorize/tags/darkmode.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![caido](/images/caido.png)[![TypeScript](/images/typescript.png)](/categorize/langs/TypeScript.md)|\n\n"
  },
  {
    "path": "categorize/tags/endpoint.md",
    "content": "\n## Tools for endpoint\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Recon|[apkleaks](https://github.com/dwisiswant0/apkleaks)|Scanning APK file for URIs, endpoints & secrets. |![](https://img.shields.io/github/stars/dwisiswant0/apkleaks?label=%20)|[`apk`](/categorize/tags/apk.md) [`url`](/categorize/tags/url.md) [`endpoint`](/categorize/tags/endpoint.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[attack-surface-detector-burp](https://github.com/secdec/attack-surface-detector-burp)|The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters|![](https://img.shields.io/github/stars/secdec/attack-surface-detector-burp?label=%20)|[`endpoint`](/categorize/tags/endpoint.md) [`url`](/categorize/tags/url.md) [`attack-surface`](/categorize/tags/attack-surface.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Recon|[attack-surface-detector-zap](https://github.com/secdec/attack-surface-detector-zap)|The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters|![](https://img.shields.io/github/stars/secdec/attack-surface-detector-zap?label=%20)|[`endpoint`](/categorize/tags/endpoint.md) [`url`](/categorize/tags/url.md) [`attack-surface`](/categorize/tags/attack-surface.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Recon|[noir](https://github.com/noir-cr/noir)|Attack surface detector that identifies endpoints by static analysis|![](https://img.shields.io/github/stars/noir-cr/noir?label=%20)|[`endpoint`](/categorize/tags/endpoint.md) [`url`](/categorize/tags/url.md) [`attack-surface`](/categorize/tags/attack-surface.md)|![linux](/images/linux.png)![macos](/images/apple.png)[![Crystal](/images/crystal.png)](/categorize/langs/Crystal.md)|\n\n"
  },
  {
    "path": "categorize/tags/exploit.md",
    "content": "\n## Tools for exploit\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Army-knife|[Ronin](https://ronin-rb.dev)|Free and Open Source Ruby Toolkit for Security Research and Development||[`pentest`](/categorize/tags/pentest.md) [`crawl`](/categorize/tags/crawl.md) [`recon`](/categorize/tags/recon.md) [`exploit`](/categorize/tags/exploit.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Scanner|[commix](https://github.com/commixproject/commix)|Automated All-in-One OS Command Injection Exploitation Tool.|![](https://img.shields.io/github/stars/commixproject/commix?label=%20)|[`exploit`](/categorize/tags/exploit.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[Findsploit](https://github.com/1N3/Findsploit)|Find exploits in local and online databases instantly|![](https://img.shields.io/github/stars/1N3/Findsploit?label=%20)|[`exploit`](/categorize/tags/exploit.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n\n"
  },
  {
    "path": "categorize/tags/favicon.md",
    "content": "\n## Tools for favicon\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Recon|[favirecon](https://github.com/edoardottt/favirecon)|Use favicon.ico to improve your target recon phase. Quickly detect technologies, WAF, exposed panels, known services.|![](https://img.shields.io/github/stars/edoardottt/favirecon?label=%20)|[`favicon`](/categorize/tags/favicon.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n\n"
  },
  {
    "path": "categorize/tags/forensics.md",
    "content": "\n## Tools for forensics\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Army-knife|[Baudrillard Suite](https://github.com/bad-antics/baudrillard-suite)|Cross-platform security research toolkit with OSINT aggregation, memory forensics, social engineering tools, steganography, and predictive threat modeling.|![](https://img.shields.io/github/stars/bad-antics/baudrillard-suite?label=%20)|[`osint`](/categorize/tags/osint.md) [`recon`](/categorize/tags/recon.md) [`forensics`](/categorize/tags/forensics.md) [`social-engineering`](/categorize/tags/social-engineering.md) [`steganography`](/categorize/tags/steganography.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n\n"
  },
  {
    "path": "categorize/tags/fuzz.md",
    "content": "\n## Tools for fuzz\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Fuzzer|[SmuggleFuzz](https://github.com/Moopinger/smugglefuzz/)|A rapid HTTP downgrade smuggling scanner written in Go.|![](https://img.shields.io/github/stars/Moopinger/smugglefuzz/?label=%20)|[`smuggle`](/categorize/tags/smuggle.md) [`fuzz`](/categorize/tags/fuzz.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[REcollapse](https://github.com/0xacb/recollapse)|REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications|![](https://img.shields.io/github/stars/0xacb/recollapse?label=%20)|[`fuzz`](/categorize/tags/fuzz.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n\n"
  },
  {
    "path": "categorize/tags/gRPC-Web.md",
    "content": "\n## Tools for gRPC-Web\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Utils|[gRPC-Web Pentest Suite](https://github.com/nxenon/grpc-pentest-suite)|gRPC-Pentest-Suite is set of tools for pentesting / hacking gRPC Web (gRPC-Web) applications.|![](https://img.shields.io/github/stars/nxenon/grpc-pentest-suite?label=%20)|[`gRPC-Web`](/categorize/tags/gRPC-Web.md)|![burp](/images/burp.png)![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n\n"
  },
  {
    "path": "categorize/tags/graphql.md",
    "content": "\n## Tools for graphql\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Recon|[graphw00f](https://github.com/dolevf/graphw00f)|GraphQL Server Engine Fingerprinting utility|![](https://img.shields.io/github/stars/dolevf/graphw00f?label=%20)|[`graphql`](/categorize/tags/graphql.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Fuzzer|[Clairvoyance](https://github.com/nikitastupin/clairvoyance)|Obtain GraphQL API schema even if the introspection is disabled|![](https://img.shields.io/github/stars/nikitastupin/clairvoyance?label=%20)|[`graphql`](/categorize/tags/graphql.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Fuzzer|[BatchQL](https://github.com/assetnote/batchql)|GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations|![](https://img.shields.io/github/stars/assetnote/batchql?label=%20)|[`graphql`](/categorize/tags/graphql.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Fuzzer|[CrackQL](https://github.com/nicholasaleks/CrackQL)|CrackQL is a GraphQL password brute-force and fuzzing utility.|![](https://img.shields.io/github/stars/nicholasaleks/CrackQL?label=%20)|[`graphql`](/categorize/tags/graphql.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Fuzzer|[GraphQLmap](https://github.com/swisskyrepo/GraphQLmap)|GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes.|![](https://img.shields.io/github/stars/swisskyrepo/GraphQLmap?label=%20)|[`graphql`](/categorize/tags/graphql.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[graphql-voyager](https://github.com/APIs-guru/graphql-voyager)|🛰️ Represent any GraphQL API as an interactive graph |![](https://img.shields.io/github/stars/APIs-guru/graphql-voyager?label=%20)|[`graphql`](/categorize/tags/graphql.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![TypeScript](/images/typescript.png)](/categorize/langs/TypeScript.md)|\n|Utils|[GQLSpection](https://github.com/doyensec/GQLSpection)|parses GraphQL introspection schema and generates possible queries|![](https://img.shields.io/github/stars/doyensec/GQLSpection?label=%20)|[`graphql`](/categorize/tags/graphql.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n\n"
  },
  {
    "path": "categorize/tags/header.md",
    "content": "\n## Tools for header\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Fuzzer|[headerpwn](https://github.com/devanshbatham/headerpwn)|A fuzzer for finding anomalies and analyzing how servers respond to different HTTP headers|![](https://img.shields.io/github/stars/devanshbatham/headerpwn?label=%20)|[`header`](/categorize/tags/header.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[hinject](https://github.com/dwisiswant0/hinject)|Host Header Injection Checker |![](https://img.shields.io/github/stars/dwisiswant0/hinject?label=%20)|[`header`](/categorize/tags/header.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[headi](https://github.com/mlcsec/headi)|Customisable  and automated HTTP header injection|![](https://img.shields.io/github/stars/mlcsec/headi?label=%20)|[`header`](/categorize/tags/header.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n\n"
  },
  {
    "path": "categorize/tags/http.md",
    "content": "\n## Tools for http\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Proxy|[rep](https://github.com/repplus/rep)|Chrome DevTools extension for capturing, modifying, and replaying HTTP requests with AI-powered security analysis|![](https://img.shields.io/github/stars/repplus/rep?label=%20)|[`http`](/categorize/tags/http.md) [`repeater`](/categorize/tags/repeater.md)|![chrome](/images/chrome.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[wuzz](https://github.com/asciimoo/wuzz)|Interactive cli tool for HTTP inspection |![](https://img.shields.io/github/stars/asciimoo/wuzz?label=%20)|[`http`](/categorize/tags/http.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[httpie](https://github.com/httpie/httpie)|modern, user-friendly command-line HTTP client for the API era|![](https://img.shields.io/github/stars/httpie/httpie?label=%20)|[`http`](/categorize/tags/http.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[hoppscotch](https://github.com/hoppscotch/hoppscotch)|Open source API development ecosystem|![](https://img.shields.io/github/stars/hoppscotch/hoppscotch?label=%20)|[`http`](/categorize/tags/http.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![TypeScript](/images/typescript.png)](/categorize/langs/TypeScript.md)|\n\n"
  },
  {
    "path": "categorize/tags/infra.md",
    "content": "\n## Tools for infra\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Army-Knife|[axiom](https://github.com/pry0cc/axiom)|A dynamic infrastructure toolkit for red teamers and bug bounty hunters! |![](https://img.shields.io/github/stars/pry0cc/axiom?label=%20)|[`infra`](/categorize/tags/infra.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Utils|[Redcloud](https://github.com/khast3x/Redcloud)|Automated Red Team Infrastructure deployement using Docker|![](https://img.shields.io/github/stars/khast3x/Redcloud?label=%20)|[`infra`](/categorize/tags/infra.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n\n"
  },
  {
    "path": "categorize/tags/ip-manipulation.md",
    "content": "\n## Tools for ip-manipulation\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Utils|[mapcidr](https://github.com/projectdiscovery/mapcidr)|Utility program to perform multiple operations for a given subnet/CIDR ranges|![](https://img.shields.io/github/stars/projectdiscovery/mapcidr?label=%20)|[`cidr`](/categorize/tags/cidr.md) [`network`](/categorize/tags/network.md) [`ip-manipulation`](/categorize/tags/ip-manipulation.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n\n"
  },
  {
    "path": "categorize/tags/js-analysis.md",
    "content": "\n## Tools for js-analysis\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Recon|[xnLinkFinder](https://github.com/xnl-h4ck3r/xnLinkFinder)|A python tool used to discover endpoints (and potential parameters) for a given target|![](https://img.shields.io/github/stars/xnl-h4ck3r/xnLinkFinder?label=%20)|[`js-analysis`](/categorize/tags/js-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[JSFScan.sh](https://github.com/KathanP19/JSFScan.sh)|Automation for javascript recon in bug bounty. |![](https://img.shields.io/github/stars/KathanP19/JSFScan.sh?label=%20)|[`js-analysis`](/categorize/tags/js-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Recon|[BurpJSLinkFinder](https://github.com/InitRoot/BurpJSLinkFinder)||![](https://img.shields.io/github/stars/InitRoot/BurpJSLinkFinder?label=%20)|[`js-analysis`](/categorize/tags/js-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[burp-retire-js](https://github.com/h3xstream/burp-retire-js)||![](https://img.shields.io/github/stars/h3xstream/burp-retire-js?label=%20)|[`js-analysis`](/categorize/tags/js-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Recon|[getJS](https://github.com/003random/getJS)|A tool to fastly get all javascript sources/files|![](https://img.shields.io/github/stars/003random/getJS?label=%20)|[`js-analysis`](/categorize/tags/js-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[jsluice](https://github.com/BishopFox/jsluice)|Extract URLs, paths, secrets, and other interesting bits from JavaScript|![](https://img.shields.io/github/stars/BishopFox/jsluice?label=%20)|[`js-analysis`](/categorize/tags/js-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[LinkFinder](https://github.com/GerbenJavado/LinkFinder)|A python script that finds endpoints in JavaScript files |![](https://img.shields.io/github/stars/GerbenJavado/LinkFinder?label=%20)|[`js-analysis`](/categorize/tags/js-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[jsprime](https://github.com/dpnishant/jsprime)|a javascript static security analysis tool|![](https://img.shields.io/github/stars/dpnishant/jsprime?label=%20)|[`js-analysis`](/categorize/tags/js-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[postMessage-tracker](https://github.com/fransr/postMessage-tracker)|A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon|![](https://img.shields.io/github/stars/fransr/postMessage-tracker?label=%20)|[`js-analysis`](/categorize/tags/js-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![chrome](/images/chrome.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n\n"
  },
  {
    "path": "categorize/tags/json.md",
    "content": "\n## Tools for json\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Utils|[gron](https://github.com/tomnomnom/gron)|Make JSON greppable!|![](https://img.shields.io/github/stars/tomnomnom/gron?label=%20)|[`json`](/categorize/tags/json.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n\n"
  },
  {
    "path": "categorize/tags/jwt.md",
    "content": "\n## Tools for jwt\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Fuzzer|[c-jwt-cracker](https://github.com/brendan-rius/c-jwt-cracker)|JWT brute force cracker written in C |![](https://img.shields.io/github/stars/brendan-rius/c-jwt-cracker?label=%20)|[`jwt`](/categorize/tags/jwt.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![C](/images/c.png)](/categorize/langs/C.md)|\n|Fuzzer|[jwt-hack](https://github.com/hahwul/jwt-hack)|🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)|![](https://img.shields.io/github/stars/hahwul/jwt-hack?label=%20)|[`jwt`](/categorize/tags/jwt.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Fuzzer|[jwt-cracker](https://github.com/lmammino/jwt-cracker)|Simple HS256 JWT token brute force cracker |![](https://img.shields.io/github/stars/lmammino/jwt-cracker?label=%20)|[`jwt`](/categorize/tags/jwt.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Exploit|[jwt_tool](https://github.com/ticarpi/jwt_tool)|A toolkit for testing, tweaking and cracking JSON Web Tokens|![](https://img.shields.io/github/stars/ticarpi/jwt_tool?label=%20)|[`jwt`](/categorize/tags/jwt.md) [`authentication`](/categorize/tags/authentication.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[jsonwebtoken.github.io](https://github.com/jsonwebtoken/jsonwebtoken.github.io)|JWT En/Decode and Verify|![](https://img.shields.io/github/stars/jsonwebtoken/jsonwebtoken.github.io?label=%20)|[`jwt`](/categorize/tags/jwt.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|utils|[owasp-zap-jwt-addon](https://github.com/SasanLabs/owasp-zap-jwt-addon)||![](https://img.shields.io/github/stars/SasanLabs/owasp-zap-jwt-addon?label=%20)|[`jwt`](/categorize/tags/jwt.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n\n"
  },
  {
    "path": "categorize/tags/lfi.md",
    "content": "\n## Tools for lfi\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Scanner|[V3n0M-Scanner](https://github.com/v3n0m-Scanner/V3n0M-Scanner)|Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns|![](https://img.shields.io/github/stars/v3n0m-Scanner/V3n0M-Scanner?label=%20)|[`sqli`](/categorize/tags/sqli.md) [`xss`](/categorize/tags/xss.md) [`lfi`](/categorize/tags/lfi.md) [`rfi`](/categorize/tags/rfi.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[LOXS](https://github.com/coffinxp/loxs)|best tool for finding SQLi,CRLF,XSS,LFi,OpenRedirect|![](https://img.shields.io/github/stars/coffinxp/loxs?label=%20)|[`xss`](/categorize/tags/xss.md) [`sqli`](/categorize/tags/sqli.md) [`crlf`](/categorize/tags/crlf.md) [`lfi`](/categorize/tags/lfi.md) [`open-redirect`](/categorize/tags/open-redirect.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Exploit|[Liffy](https://github.com/mzfr/liffy)|Local file inclusion exploitation tool|![](https://img.shields.io/github/stars/mzfr/liffy?label=%20)|[`lfi`](/categorize/tags/lfi.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n\n"
  },
  {
    "path": "categorize/tags/live-audit.md",
    "content": "\n## Tools for live-audit\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Army-Knife|[ZAP](https://github.com/zaproxy/zaproxy)|The ZAP core project|![](https://img.shields.io/github/stars/zaproxy/zaproxy?label=%20)|[`mitmproxy`](/categorize/tags/mitmproxy.md) [`live-audit`](/categorize/tags/live-audit.md) [`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Army-Knife|[BurpSuite](https://portswigger.net/burp)|The BurpSuite Project||[`mitmproxy`](/categorize/tags/mitmproxy.md) [`live-audit`](/categorize/tags/live-audit.md) [`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Army-Knife|[jaeles](https://github.com/jaeles-project/jaeles)|The Swiss Army knife for automated Web Application Testing |![](https://img.shields.io/github/stars/jaeles-project/jaeles?label=%20)|[`live-audit`](/categorize/tags/live-audit.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n\n"
  },
  {
    "path": "categorize/tags/mitmproxy.md",
    "content": "\n## Tools for mitmproxy\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Army-Knife|[ZAP](https://github.com/zaproxy/zaproxy)|The ZAP core project|![](https://img.shields.io/github/stars/zaproxy/zaproxy?label=%20)|[`mitmproxy`](/categorize/tags/mitmproxy.md) [`live-audit`](/categorize/tags/live-audit.md) [`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Army-Knife|[BurpSuite](https://portswigger.net/burp)|The BurpSuite Project||[`mitmproxy`](/categorize/tags/mitmproxy.md) [`live-audit`](/categorize/tags/live-audit.md) [`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Proxy|[Glorp](https://github.com/denandz/glorp)|A CLI-based HTTP intercept and replay proxy|![](https://img.shields.io/github/stars/denandz/glorp?label=%20)|[`mitmproxy`](/categorize/tags/mitmproxy.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Proxy|[Caido](https://caido.io)|A lightweight web security auditing toolkit||[`mitmproxy`](/categorize/tags/mitmproxy.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![caido](/images/caido.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Proxy|[proxify](https://github.com/projectdiscovery/proxify)|Swiss Army knife Proxy tool for HTTP/HTTPS traffic capture, manipulation and replay|![](https://img.shields.io/github/stars/projectdiscovery/proxify?label=%20)|[`mitmproxy`](/categorize/tags/mitmproxy.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Proxy|[hetty](https://github.com/dstotijn/hetty)|Hetty is an HTTP toolkit for security research. It aims to become an open source alternative to commercial software like Burp Suite Pro, with powerful features tailored to the needs of the infosec and bug bounty community.|![](https://img.shields.io/github/stars/dstotijn/hetty?label=%20)|[`mitmproxy`](/categorize/tags/mitmproxy.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Proxy|[mitmproxy](https://github.com/mitmproxy/mitmproxy)|An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.|![](https://img.shields.io/github/stars/mitmproxy/mitmproxy?label=%20)|[`mitmproxy`](/categorize/tags/mitmproxy.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Proxy|[EvilProxy](https://github.com/bbtfr/evil-proxy)|A ruby http/https proxy to do EVIL things.|![](https://img.shields.io/github/stars/bbtfr/evil-proxy?label=%20)|[`mitmproxy`](/categorize/tags/mitmproxy.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Proxy|[Echo Mirage](https://sourceforge.net/projects/echomirage.oldbutgold.p/)|A generic network proxy that uses DLL injection to capture and alter TCP traffic.||[`mitmproxy`](/categorize/tags/mitmproxy.md)|![windows](/images/windows.png)|\n\n"
  },
  {
    "path": "categorize/tags/network-mapping.md",
    "content": "\n## Tools for network-mapping\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Recon|[asnmap](https://github.com/projectdiscovery/asnmap)|Go CLI and Library for quickly mapping organization network ranges using ASN information|![](https://img.shields.io/github/stars/projectdiscovery/asnmap?label=%20)|[`asn`](/categorize/tags/asn.md) [`network-mapping`](/categorize/tags/network-mapping.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n\n"
  },
  {
    "path": "categorize/tags/network.md",
    "content": "\n## Tools for network\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Utils|[mapcidr](https://github.com/projectdiscovery/mapcidr)|Utility program to perform multiple operations for a given subnet/CIDR ranges|![](https://img.shields.io/github/stars/projectdiscovery/mapcidr?label=%20)|[`cidr`](/categorize/tags/cidr.md) [`network`](/categorize/tags/network.md) [`ip-manipulation`](/categorize/tags/ip-manipulation.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n\n"
  },
  {
    "path": "categorize/tags/nosqli.md",
    "content": "\n## Tools for nosqli\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Scanner|[NoSQLMap](https://github.com/codingo/NoSQLMap)|Automated NoSQL database enumeration and web application exploitation tool. |![](https://img.shields.io/github/stars/codingo/NoSQLMap?label=%20)|[`nosqli`](/categorize/tags/nosqli.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[nosqli](https://github.com/Charlie-belmer/nosqli)|NoSql Injection CLI tool|![](https://img.shields.io/github/stars/Charlie-belmer/nosqli?label=%20)|[`nosqli`](/categorize/tags/nosqli.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n\n"
  },
  {
    "path": "categorize/tags/note.md",
    "content": "\n## Tools for note\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Utils|[notebook](https://github.com/caido-community/notebook)|Notebook Caido Plugin|![](https://img.shields.io/github/stars/caido-community/notebook?label=%20)|[`note`](/categorize/tags/note.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![caido](/images/caido.png)[![TypeScript](/images/typescript.png)](/categorize/langs/TypeScript.md)|\n\n"
  },
  {
    "path": "categorize/tags/notify.md",
    "content": "\n## Tools for notify\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Utils|[Emissary](https://github.com/BountyStrike/Emissary)|Send notifications on different channels such as Slack, Telegram, Discord etc.|![](https://img.shields.io/github/stars/BountyStrike/Emissary?label=%20)|[`notify`](/categorize/tags/notify.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[slackcat](https://github.com/bcicen/slackcat)|CLI utility to post files and command output to slack|![](https://img.shields.io/github/stars/bcicen/slackcat?label=%20)|[`notify`](/categorize/tags/notify.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[ob_hacky_slack](https://github.com/openbridge/ob_hacky_slack)|Hacky Slack - a bash script that sends beautiful messages to Slack|![](https://img.shields.io/github/stars/openbridge/ob_hacky_slack?label=%20)|[`notify`](/categorize/tags/notify.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n\n"
  },
  {
    "path": "categorize/tags/nuclei-templates.md",
    "content": "\n## Tools for nuclei-templates\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Utils|[nuclei-templates](https://github.com/projectdiscovery/nuclei-templates)|Community curated list of templates for the nuclei engine to find security vulnerabilities.|![](https://img.shields.io/github/stars/projectdiscovery/nuclei-templates?label=%20)|[`nuclei-templates`](/categorize/tags/nuclei-templates.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[nuclei-wordfence-cve](https://github.com/topscoder/nuclei-wordfence-cve)|Every single day new templates are added to this repo based on updates on Wordfence.com|![](https://img.shields.io/github/stars/topscoder/nuclei-wordfence-cve?label=%20)|[`nuclei-templates`](/categorize/tags/nuclei-templates.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[missing-cve-nuclei-templates](https://github.com/edoardottt/missing-cve-nuclei-templates)|Weekly updated list of missing CVEs in nuclei templates official repository|![](https://img.shields.io/github/stars/edoardottt/missing-cve-nuclei-templates?label=%20)|[`nuclei-templates`](/categorize/tags/nuclei-templates.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Txt](/images/txt.png)](/categorize/langs/Txt.md)|\n|Utils|[cent](https://github.com/xm1k3/cent)|Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place.|![](https://img.shields.io/github/stars/xm1k3/cent?label=%20)|[`nuclei-templates`](/categorize/tags/nuclei-templates.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n\n"
  },
  {
    "path": "categorize/tags/oast.md",
    "content": "\n## Tools for oast\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Scanner|[collaborator-everywhere](https://github.com/PortSwigger/collaborator-everywhere)||![](https://img.shields.io/github/stars/PortSwigger/collaborator-everywhere?label=%20)|[`oast`](/categorize/tags/oast.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Utils|[dnsobserver](https://github.com/allyomalley/dnsobserver)|A handy DNS service written in Go to aid in the detection of several types of blind vulnerabilities. It monitors a pentester's server for out-of-band DNS interactions and sends lookup notifications via Slack. |![](https://img.shields.io/github/stars/allyomalley/dnsobserver?label=%20)|[`oast`](/categorize/tags/oast.md) [`dns`](/categorize/tags/dns.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[TukTuk](https://github.com/ArturSS7/TukTuk)|Tool for catching and logging different types of requests. |![](https://img.shields.io/github/stars/ArturSS7/TukTuk?label=%20)|[`oast`](/categorize/tags/oast.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[interactsh](https://github.com/projectdiscovery/interactsh)|An OOB interaction gathering server and client library|![](https://img.shields.io/github/stars/projectdiscovery/interactsh?label=%20)|[`oast`](/categorize/tags/oast.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[boast](https://github.com/marcoagner/boast)|The BOAST Outpost for AppSec Testing (v0.1.0)|![](https://img.shields.io/github/stars/marcoagner/boast?label=%20)|[`oast`](/categorize/tags/oast.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[taborator](https://github.com/hackvertor/taborator)||![](https://img.shields.io/github/stars/hackvertor/taborator?label=%20)|[`oast`](/categorize/tags/oast.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n\n"
  },
  {
    "path": "categorize/tags/online.md",
    "content": "\n## Tools for online\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Recon|[DNSDumpster](https://dnsdumpster.com)| Online dns recon & research, find & lookup dns records||[`dns`](/categorize/tags/dns.md) [`online`](/categorize/tags/online.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)|\n|Recon|[SecurityTrails](https://securitytrails.com)| Online dns / subdomain / recon tool||[`subdomains`](/categorize/tags/subdomains.md) [`online`](/categorize/tags/online.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)|\n|Utils|[Phoenix](https://www.hahwul.com/phoenix/)|hahwul's online tools||[`online`](/categorize/tags/online.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[SequenceDiagram](https://sequencediagram.org)|Online tool for creating UML sequence diagrams||[`online`](/categorize/tags/online.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)|\n\n"
  },
  {
    "path": "categorize/tags/open-redirect.md",
    "content": "\n## Tools for open-redirect\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Scanner|[LOXS](https://github.com/coffinxp/loxs)|best tool for finding SQLi,CRLF,XSS,LFi,OpenRedirect|![](https://img.shields.io/github/stars/coffinxp/loxs?label=%20)|[`xss`](/categorize/tags/xss.md) [`sqli`](/categorize/tags/sqli.md) [`crlf`](/categorize/tags/crlf.md) [`lfi`](/categorize/tags/lfi.md) [`open-redirect`](/categorize/tags/open-redirect.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n\n"
  },
  {
    "path": "categorize/tags/osint.md",
    "content": "\n## Tools for osint\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Army-knife|[Baudrillard Suite](https://github.com/bad-antics/baudrillard-suite)|Cross-platform security research toolkit with OSINT aggregation, memory forensics, social engineering tools, steganography, and predictive threat modeling.|![](https://img.shields.io/github/stars/bad-antics/baudrillard-suite?label=%20)|[`osint`](/categorize/tags/osint.md) [`recon`](/categorize/tags/recon.md) [`forensics`](/categorize/tags/forensics.md) [`social-engineering`](/categorize/tags/social-engineering.md) [`steganography`](/categorize/tags/steganography.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[spiderfoot](https://github.com/smicallef/spiderfoot)|SpiderFoot automates OSINT collection so that you can focus on analysis.|![](https://img.shields.io/github/stars/smicallef/spiderfoot?label=%20)|[`osint`](/categorize/tags/osint.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[sn0int](https://github.com/kpcyrd/sn0int)|Semi-automatic OSINT framework and package manager|![](https://img.shields.io/github/stars/kpcyrd/sn0int?label=%20)|[`osint`](/categorize/tags/osint.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Recon|[bbot](https://github.com/blacklanternsecurity/bbot)|OSINT automation for hackers|![](https://img.shields.io/github/stars/blacklanternsecurity/bbot?label=%20)|[`osint`](/categorize/tags/osint.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[Shodan](https://www.shodan.io/)| World's first search engine for Internet-connected devices||[`osint`](/categorize/tags/osint.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)|\n|Recon|[HostHunter](https://github.com/SpiderLabs/HostHunter)|Recon tool for discovering hostnames using OSINT techniques.|![](https://img.shields.io/github/stars/SpiderLabs/HostHunter?label=%20)|[`osint`](/categorize/tags/osint.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[Photon](https://github.com/s0md3v/Photon)|Incredibly fast crawler designed for OSINT. |![](https://img.shields.io/github/stars/s0md3v/Photon?label=%20)|[`osint`](/categorize/tags/osint.md) [`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n\n"
  },
  {
    "path": "categorize/tags/package-manager.md",
    "content": "\n## Tools for package-manager\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Utils|[pdtm](https://github.com/projectdiscovery/pdtm)|ProjectDiscovery's Open Source Tool Manager|![](https://img.shields.io/github/stars/projectdiscovery/pdtm?label=%20)|[`package-manager`](/categorize/tags/package-manager.md) [`tools-management`](/categorize/tags/tools-management.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n\n"
  },
  {
    "path": "categorize/tags/param.md",
    "content": "\n## Tools for param\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Recon|[HUNT](https://github.com/bugcrowd/HUNT)|Identifies common parameters vulnerable to certain vulnerability classes|![](https://img.shields.io/github/stars/bugcrowd/HUNT?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)![burp](/images/burp.png)[![Kotlin](/images/kotlin.png)](/categorize/langs/Kotlin.md)|\n|Recon|[ParamWizard](https://github.com/iamunixtz/ParamWizard)|ParamWizard is a powerful Python-based tool designed for extracting and identifying URLs with parameters from a specified website.|![](https://img.shields.io/github/stars/iamunixtz/ParamWizard?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[Parth](https://github.com/s0md3v/Parth)|Heuristic Vulnerable Parameter Scanner |![](https://img.shields.io/github/stars/s0md3v/Parth?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[Dr. Watson](https://github.com/prodigysml/Dr.-Watson)|Dr. Watson is a simple Burp Suite extension that helps find assets, keys, subdomains, IP addresses, and other useful information|![](https://img.shields.io/github/stars/prodigysml/Dr.-Watson?label=%20)|[`param`](/categorize/tags/param.md) [`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[Arjun](https://github.com/s0md3v/Arjun)|HTTP parameter discovery suite. |![](https://img.shields.io/github/stars/s0md3v/Arjun?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[ParamSpider](https://github.com/devanshbatham/ParamSpider)|Mining parameters from dark corners of Web Archives |![](https://img.shields.io/github/stars/devanshbatham/ParamSpider?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[reflected-parameters](https://github.com/PortSwigger/reflected-parameters)||![](https://img.shields.io/github/stars/PortSwigger/reflected-parameters?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Fuzzer|[ParamPamPam](https://github.com/Bo0oM/ParamPamPam)|This tool for brute discover GET and POST parameters.|![](https://img.shields.io/github/stars/Bo0oM/ParamPamPam?label=%20)|[`param`](/categorize/tags/param.md) [`cache-vuln`](/categorize/tags/cache-vuln.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Fuzzer|[GAP](https://github.com/xnl-h4ck3r/GAP-Burp-Extension)|This is an evolution of the original getAllParams extension for Burp. Not only does it find more potential parameters for you to investigate, but it also finds potential links to try these parameters on.|![](https://img.shields.io/github/stars/xnl-h4ck3r/GAP-Burp-Extension?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Fuzzer|[fuzzparam](https://github.com/0xsapra/fuzzparam)|A fast go based param miner to fuzz possible parameters a URL can have.|![](https://img.shields.io/github/stars/0xsapra/fuzzparam?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Fuzzer|[param-miner](https://github.com/PortSwigger/param-miner)|Param Miner|![](https://img.shields.io/github/stars/PortSwigger/param-miner?label=%20)|[`param`](/categorize/tags/param.md) [`cache-vuln`](/categorize/tags/cache-vuln.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n\n"
  },
  {
    "path": "categorize/tags/path-traversal.md",
    "content": "\n## Tools for path-traversal\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Fuzzer|[dotdotpwn](https://github.com/wireghoul/dotdotpwn)|DotDotPwn - The Directory Traversal Fuzzer |![](https://img.shields.io/github/stars/wireghoul/dotdotpwn?label=%20)|[`path-traversal`](/categorize/tags/path-traversal.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Perl](/images/perl.png)](/categorize/langs/Perl.md)|\n\n"
  },
  {
    "path": "categorize/tags/payload.md",
    "content": "\n## Tools for payload\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Utils|[reverse-shell-generator](https://github.com/0dayCTF/reverse-shell-generator)|Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)|![](https://img.shields.io/github/stars/0dayCTF/reverse-shell-generator?label=%20)|[`payload`](/categorize/tags/payload.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n\n"
  },
  {
    "path": "categorize/tags/pentest.md",
    "content": "\n## Tools for pentest\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Army-Knife|[Metasploit](https://github.com/rapid7/metasploit-framework)|The world’s most used penetration testing framework|![](https://img.shields.io/github/stars/rapid7/metasploit-framework?label=%20)|[`pentest`](/categorize/tags/pentest.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Army-knife|[Ronin](https://ronin-rb.dev)|Free and Open Source Ruby Toolkit for Security Research and Development||[`pentest`](/categorize/tags/pentest.md) [`crawl`](/categorize/tags/crawl.md) [`recon`](/categorize/tags/recon.md) [`exploit`](/categorize/tags/exploit.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Env|[pentest-env](https://github.com/Sliim/pentest-env)|Pentest environment deployer (kali linux + targets) using vagrant and chef.|![](https://img.shields.io/github/stars/Sliim/pentest-env?label=%20)|[`pentest`](/categorize/tags/pentest.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n\n"
  },
  {
    "path": "categorize/tags/permutation.md",
    "content": "\n## Tools for permutation\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Recon|[alterx](https://github.com/projectdiscovery/alterx)|Fast and customizable subdomain wordlist generator using DSL|![](https://img.shields.io/github/stars/projectdiscovery/alterx?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`wordlist`](/categorize/tags/wordlist.md) [`permutation`](/categorize/tags/permutation.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n\n"
  },
  {
    "path": "categorize/tags/port.md",
    "content": "\n## Tools for port\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Recon|[scilla](https://github.com/edoardottt/scilla)|🏴‍☠️ Information Gathering tool 🏴‍☠️ dns/subdomain/port enumeration|![](https://img.shields.io/github/stars/edoardottt/scilla?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`dns`](/categorize/tags/dns.md) [`port`](/categorize/tags/port.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[Silver](https://github.com/s0md3v/Silver)|Mass scan IPs for vulnerable services |![](https://img.shields.io/github/stars/s0md3v/Silver?label=%20)|[`port`](/categorize/tags/port.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[Smap](https://github.com/s0md3v/smap/)|a drop-in replacement for Nmap powered by shodan.io|![](https://img.shields.io/github/stars/s0md3v/smap/?label=%20)|[`port`](/categorize/tags/port.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n\n"
  },
  {
    "path": "categorize/tags/portscan.md",
    "content": "\n## Tools for portscan\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Recon|[naabu](https://github.com/projectdiscovery/naabu)|A fast port scanner written in go with focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests |![](https://img.shields.io/github/stars/projectdiscovery/naabu?label=%20)|[`portscan`](/categorize/tags/portscan.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[masscan](https://github.com/robertdavidgraham/masscan)|TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes. |![](https://img.shields.io/github/stars/robertdavidgraham/masscan?label=%20)|[`portscan`](/categorize/tags/portscan.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![C](/images/c.png)](/categorize/langs/C.md)|\n|Recon|[RustScan](https://github.com/brandonskerritt/RustScan)|Faster Nmap Scanning with Rust |![](https://img.shields.io/github/stars/brandonskerritt/RustScan?label=%20)|[`portscan`](/categorize/tags/portscan.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Scanner|[nmap](https://github.com/nmap/nmap)|Nmap - the Network Mapper. Github mirror of official SVN repository. |![](https://img.shields.io/github/stars/nmap/nmap?label=%20)|[`portscan`](/categorize/tags/portscan.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![C](/images/c.png)](/categorize/langs/C.md)|\n\n"
  },
  {
    "path": "categorize/tags/prototype-pollution.md",
    "content": "\n## Tools for prototype-pollution\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Fuzzer|[ppfuzz](https://github.com/dwisiswant0/ppfuzz)|A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀|![](https://img.shields.io/github/stars/dwisiswant0/ppfuzz?label=%20)|[`prototypepollution`](/categorize/tags/prototypepollution.md) [`prototype-pollution`](/categorize/tags/prototype-pollution.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Scanner|[pphack](https://github.com/edoardottt/pphack)|The Most Advanced Client-Side Prototype Pollution Scanner|![](https://img.shields.io/github/stars/edoardottt/pphack?label=%20)|[`prototypepollution`](/categorize/tags/prototypepollution.md) [`prototype-pollution`](/categorize/tags/prototype-pollution.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[PPScan](https://github.com/msrkp/PPScan)|Client Side Prototype Pollution Scanner|![](https://img.shields.io/github/stars/msrkp/PPScan?label=%20)|[`prototypepollution`](/categorize/tags/prototypepollution.md) [`prototype-pollution`](/categorize/tags/prototype-pollution.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Scanner|[ppmap](https://github.com/kleiton0x00/ppmap)|A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.|![](https://img.shields.io/github/stars/kleiton0x00/ppmap?label=%20)|[`prototypepollution`](/categorize/tags/prototypepollution.md) [`prototype-pollution`](/categorize/tags/prototype-pollution.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[plution](https://github.com/raverrr/plution)|Prototype pollution scanner using headless chrome|![](https://img.shields.io/github/stars/raverrr/plution?label=%20)|[`prototypepollution`](/categorize/tags/prototypepollution.md) [`prototype-pollution`](/categorize/tags/prototype-pollution.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n\n"
  },
  {
    "path": "categorize/tags/prototypepollution.md",
    "content": "\n## Tools for prototypepollution\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Fuzzer|[ppfuzz](https://github.com/dwisiswant0/ppfuzz)|A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀|![](https://img.shields.io/github/stars/dwisiswant0/ppfuzz?label=%20)|[`prototypepollution`](/categorize/tags/prototypepollution.md) [`prototype-pollution`](/categorize/tags/prototype-pollution.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Scanner|[pphack](https://github.com/edoardottt/pphack)|The Most Advanced Client-Side Prototype Pollution Scanner|![](https://img.shields.io/github/stars/edoardottt/pphack?label=%20)|[`prototypepollution`](/categorize/tags/prototypepollution.md) [`prototype-pollution`](/categorize/tags/prototype-pollution.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[PPScan](https://github.com/msrkp/PPScan)|Client Side Prototype Pollution Scanner|![](https://img.shields.io/github/stars/msrkp/PPScan?label=%20)|[`prototypepollution`](/categorize/tags/prototypepollution.md) [`prototype-pollution`](/categorize/tags/prototype-pollution.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Scanner|[ppmap](https://github.com/kleiton0x00/ppmap)|A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.|![](https://img.shields.io/github/stars/kleiton0x00/ppmap?label=%20)|[`prototypepollution`](/categorize/tags/prototypepollution.md) [`prototype-pollution`](/categorize/tags/prototype-pollution.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[plution](https://github.com/raverrr/plution)|Prototype pollution scanner using headless chrome|![](https://img.shields.io/github/stars/raverrr/plution?label=%20)|[`prototypepollution`](/categorize/tags/prototypepollution.md) [`prototype-pollution`](/categorize/tags/prototype-pollution.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n\n"
  },
  {
    "path": "categorize/tags/race-condition.md",
    "content": "\n## Tools for race-condition\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Utils|[h2spacex](https://github.com/nxenon/h2spacex)|HTTP/2 Single Packet Attack low level library based on Scapy|![](https://img.shields.io/github/stars/nxenon/h2spacex?label=%20)|[`race-condition`](/categorize/tags/race-condition.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[race-the-web](https://github.com/TheHackerDev/race-the-web)|Tests for race conditions in web applications by sending out a user-specified number of requests to a target URL (or URLs) simultaneously, and then compares the responses from the server for uniqueness.|![](https://img.shields.io/github/stars/TheHackerDev/race-the-web?label=%20)|[`race-condition`](/categorize/tags/race-condition.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n\n"
  },
  {
    "path": "categorize/tags/recon.md",
    "content": "\n## Tools for recon\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Army-knife|[Baudrillard Suite](https://github.com/bad-antics/baudrillard-suite)|Cross-platform security research toolkit with OSINT aggregation, memory forensics, social engineering tools, steganography, and predictive threat modeling.|![](https://img.shields.io/github/stars/bad-antics/baudrillard-suite?label=%20)|[`osint`](/categorize/tags/osint.md) [`recon`](/categorize/tags/recon.md) [`forensics`](/categorize/tags/forensics.md) [`social-engineering`](/categorize/tags/social-engineering.md) [`steganography`](/categorize/tags/steganography.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Army-knife|[Ronin](https://ronin-rb.dev)|Free and Open Source Ruby Toolkit for Security Research and Development||[`pentest`](/categorize/tags/pentest.md) [`crawl`](/categorize/tags/crawl.md) [`recon`](/categorize/tags/recon.md) [`exploit`](/categorize/tags/exploit.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n\n"
  },
  {
    "path": "categorize/tags/repeater.md",
    "content": "\n## Tools for repeater\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Proxy|[rep](https://github.com/repplus/rep)|Chrome DevTools extension for capturing, modifying, and replaying HTTP requests with AI-powered security analysis|![](https://img.shields.io/github/stars/repplus/rep?label=%20)|[`http`](/categorize/tags/http.md) [`repeater`](/categorize/tags/repeater.md)|![chrome](/images/chrome.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n\n"
  },
  {
    "path": "categorize/tags/report.md",
    "content": "\n## Tools for report\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Utils|[bountyplz](https://github.com/fransr/bountyplz)|Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported) |![](https://img.shields.io/github/stars/fransr/bountyplz?label=%20)|[`report`](/categorize/tags/report.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n\n"
  },
  {
    "path": "categorize/tags/rfi.md",
    "content": "\n## Tools for rfi\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Scanner|[V3n0M-Scanner](https://github.com/v3n0m-Scanner/V3n0M-Scanner)|Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns|![](https://img.shields.io/github/stars/v3n0m-Scanner/V3n0M-Scanner?label=%20)|[`sqli`](/categorize/tags/sqli.md) [`xss`](/categorize/tags/xss.md) [`lfi`](/categorize/tags/lfi.md) [`rfi`](/categorize/tags/rfi.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n\n"
  },
  {
    "path": "categorize/tags/rop.md",
    "content": "\n## Tools for rop\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Exploit|[ropr](https://github.com/Ben-Lichtman/ropr)|A blazing fast™ multithreaded ROP Gadget finder. ropper|![](https://img.shields.io/github/stars/Ben-Lichtman/ropr?label=%20)|[`rop`](/categorize/tags/rop.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n\n"
  },
  {
    "path": "categorize/tags/s3.md",
    "content": "\n## Tools for s3\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Scanner|[AWSBucketDump](https://github.com/jordanpotti/AWSBucketDump)|Security Tool to Look For Interesting Files in S3 Buckets|![](https://img.shields.io/github/stars/jordanpotti/AWSBucketDump?label=%20)|[`s3`](/categorize/tags/s3.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[S3Scanner](https://github.com/sa7mon/S3Scanner)|Scan for open AWS S3 buckets and dump the contents |![](https://img.shields.io/github/stars/sa7mon/S3Scanner?label=%20)|[`s3`](/categorize/tags/s3.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[S3cret Scanner](https://github.com/Eilonh/s3crets_scanner)|Hunting For Secrets Uploaded To Public S3 Buckets|![](https://img.shields.io/github/stars/Eilonh/s3crets_scanner?label=%20)|[`s3`](/categorize/tags/s3.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[s3reverse](https://github.com/hahwul/s3reverse)|The format of various s3 buckets is convert in one format. for bugbounty and security testing. |![](https://img.shields.io/github/stars/hahwul/s3reverse?label=%20)|[`s3`](/categorize/tags/s3.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n\n"
  },
  {
    "path": "categorize/tags/sast.md",
    "content": "\n## Tools for sast\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Scanner|[semgrep](https://github.com/semgrep/semgrep)|Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.|![](https://img.shields.io/github/stars/semgrep/semgrep?label=%20)|[`sast`](/categorize/tags/sast.md) [`code-analysis`](/categorize/tags/code-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n\n"
  },
  {
    "path": "categorize/tags/sbom.md",
    "content": "\n## Tools for sbom\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Scanner|[trivy](https://github.com/aquasecurity/trivy)|Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more|![](https://img.shields.io/github/stars/aquasecurity/trivy?label=%20)|[`vulnerability-scanner`](/categorize/tags/vulnerability-scanner.md) [`container-security`](/categorize/tags/container-security.md) [`sbom`](/categorize/tags/sbom.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n\n"
  },
  {
    "path": "categorize/tags/secret-scanning.md",
    "content": "\n## Tools for secret-scanning\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Scanner|[trufflehog](https://github.com/trufflesecurity/trufflehog)|Find and verify credentials in git repositories, filesystems, and S3 buckets|![](https://img.shields.io/github/stars/trufflesecurity/trufflehog?label=%20)|[`secret-scanning`](/categorize/tags/secret-scanning.md) [`credentials`](/categorize/tags/credentials.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n\n"
  },
  {
    "path": "categorize/tags/security.md",
    "content": "\n## Tools for security\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Scanner|[cloud-audit](https://github.com/gebalamariusz/cloud-audit)|Fast, opinionated AWS security scanner with Terraform remediation and attack chain detection|![](https://img.shields.io/github/stars/gebalamariusz/cloud-audit?label=%20)|[`aws`](/categorize/tags/aws.md) [`cloud`](/categorize/tags/cloud.md) [`security`](/categorize/tags/security.md) [`terraform`](/categorize/tags/terraform.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n\n"
  },
  {
    "path": "categorize/tags/smuggle.md",
    "content": "\n## Tools for smuggle\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Fuzzer|[SmuggleFuzz](https://github.com/Moopinger/smugglefuzz/)|A rapid HTTP downgrade smuggling scanner written in Go.|![](https://img.shields.io/github/stars/Moopinger/smugglefuzz/?label=%20)|[`smuggle`](/categorize/tags/smuggle.md) [`fuzz`](/categorize/tags/fuzz.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[ws-smuggler](https://github.com/hahwul/ws-smuggler)|WebSocket Connection Smuggler|![](https://img.shields.io/github/stars/hahwul/ws-smuggler?label=%20)|[`smuggle`](/categorize/tags/smuggle.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[h2csmuggler](https://github.com/assetnote/h2csmuggler)|HTTP Request Smuggling Detection Tool|![](https://img.shields.io/github/stars/assetnote/h2csmuggler?label=%20)|[`smuggle`](/categorize/tags/smuggle.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[websocket-connection-smuggler](https://github.com/hahwul/websocket-connection-smuggler)|websocket-connection-smuggler|![](https://img.shields.io/github/stars/hahwul/websocket-connection-smuggler?label=%20)|[`smuggle`](/categorize/tags/smuggle.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[http-request-smuggler](https://github.com/PortSwigger/http-request-smuggler)||![](https://img.shields.io/github/stars/PortSwigger/http-request-smuggler?label=%20)|[`smuggle`](/categorize/tags/smuggle.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Scanner|[smugglex](https://github.com/hahwul/smugglex)|Rust-powered HTTP Request Smuggling Scanner|![](https://img.shields.io/github/stars/hahwul/smugglex?label=%20)|[`smuggle`](/categorize/tags/smuggle.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Scanner|[BurpSuiteHTTPSmuggler](https://github.com/nccgroup/BurpSuiteHTTPSmuggler)||![](https://img.shields.io/github/stars/nccgroup/BurpSuiteHTTPSmuggler?label=%20)|[`smuggle`](/categorize/tags/smuggle.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Scanner|[smuggler](https://github.com/defparam/smuggler)|Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3 |![](https://img.shields.io/github/stars/defparam/smuggler?label=%20)|[`smuggle`](/categorize/tags/smuggle.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n\n"
  },
  {
    "path": "categorize/tags/social-engineering.md",
    "content": "\n## Tools for social-engineering\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Army-knife|[Baudrillard Suite](https://github.com/bad-antics/baudrillard-suite)|Cross-platform security research toolkit with OSINT aggregation, memory forensics, social engineering tools, steganography, and predictive threat modeling.|![](https://img.shields.io/github/stars/bad-antics/baudrillard-suite?label=%20)|[`osint`](/categorize/tags/osint.md) [`recon`](/categorize/tags/recon.md) [`forensics`](/categorize/tags/forensics.md) [`social-engineering`](/categorize/tags/social-engineering.md) [`steganography`](/categorize/tags/steganography.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n\n"
  },
  {
    "path": "categorize/tags/sqli.md",
    "content": "\n## Tools for sqli\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Scanner|[V3n0M-Scanner](https://github.com/v3n0m-Scanner/V3n0M-Scanner)|Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns|![](https://img.shields.io/github/stars/v3n0m-Scanner/V3n0M-Scanner?label=%20)|[`sqli`](/categorize/tags/sqli.md) [`xss`](/categorize/tags/xss.md) [`lfi`](/categorize/tags/lfi.md) [`rfi`](/categorize/tags/rfi.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[LOXS](https://github.com/coffinxp/loxs)|best tool for finding SQLi,CRLF,XSS,LFi,OpenRedirect|![](https://img.shields.io/github/stars/coffinxp/loxs?label=%20)|[`xss`](/categorize/tags/xss.md) [`sqli`](/categorize/tags/sqli.md) [`crlf`](/categorize/tags/crlf.md) [`lfi`](/categorize/tags/lfi.md) [`open-redirect`](/categorize/tags/open-redirect.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[sqlmap](https://github.com/sqlmapproject/sqlmap)|Automatic SQL injection and database takeover tool|![](https://img.shields.io/github/stars/sqlmapproject/sqlmap?label=%20)|[`sqli`](/categorize/tags/sqli.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[DSSS](https://github.com/stamparm/DSSS)|Damn Small SQLi Scanner|![](https://img.shields.io/github/stars/stamparm/DSSS?label=%20)|[`sqli`](/categorize/tags/sqli.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[sqliv](https://github.com/the-robot/sqliv)|massive SQL injection vulnerability scanner|![](https://img.shields.io/github/stars/the-robot/sqliv?label=%20)|[`sqli`](/categorize/tags/sqli.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[SQLiDetector](https://github.com/eslam3kl/SQLiDetector)|Simple python script supported with BurpBouty profile that helps you to detect SQL injection \"Error based\" by sending multiple requests with 14 payloads and checking for 152 regex patterns for different databases.|![](https://img.shields.io/github/stars/eslam3kl/SQLiDetector?label=%20)|[`sqli`](/categorize/tags/sqli.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Exploit|[ghauri](https://github.com/r0oth3x49/ghauri)|An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws|![](https://img.shields.io/github/stars/r0oth3x49/ghauri?label=%20)|[`sqli`](/categorize/tags/sqli.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Exploit|[SQLNinja](https://gitlab.com/kalilinux/packages/sqlninja)|Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities.||[`sqli`](/categorize/tags/sqli.md)|![linux](/images/linux.png)![macos](/images/apple.png)[![Perl](/images/perl.png)](/categorize/langs/Perl.md)|\n|Utils|[Atlas](https://github.com/m4ll0k/Atlas)|Quick SQLMap Tamper Suggester |![](https://img.shields.io/github/stars/m4ll0k/Atlas?label=%20)|[`sqli`](/categorize/tags/sqli.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n\n"
  },
  {
    "path": "categorize/tags/ssl.md",
    "content": "\n## Tools for ssl\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Recon|[tlsx](https://github.com/projectdiscovery/tlsx)|Fast and configurable TLS grabber focused on TLS based data collection|![](https://img.shields.io/github/stars/projectdiscovery/tlsx?label=%20)|[`ssl`](/categorize/tags/ssl.md) [`tls`](/categorize/tags/tls.md) [`certificates`](/categorize/tags/certificates.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[DeepViolet](https://github.com/spoofzu/DeepViolet)|Tool for introspection of SSL\\TLS sessions|![](https://img.shields.io/github/stars/spoofzu/DeepViolet?label=%20)|[`ssl`](/categorize/tags/ssl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Scanner|[testssl.sh](https://github.com/drwetter/testssl.sh)|Testing TLS/SSL encryption anywhere on any port |![](https://img.shields.io/github/stars/drwetter/testssl.sh?label=%20)|[`ssl`](/categorize/tags/ssl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Scanner|[a2sv](https://github.com/hahwul/a2sv)|Auto Scanning to SSL Vulnerability |![](https://img.shields.io/github/stars/hahwul/a2sv?label=%20)|[`ssl`](/categorize/tags/ssl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n\n"
  },
  {
    "path": "categorize/tags/ssrf.md",
    "content": "\n## Tools for ssrf\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Fuzzer|[SSRFmap](https://github.com/swisskyrepo/SSRFmap)|Automatic SSRF fuzzer and exploitation tool |![](https://img.shields.io/github/stars/swisskyrepo/SSRFmap?label=%20)|[`ssrf`](/categorize/tags/ssrf.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Fuzzer|[SSRFire](https://github.com/ksharinarayanan/SSRFire)|An automated SSRF finder. Just give the domain name and your server and chill|![](https://img.shields.io/github/stars/ksharinarayanan/SSRFire?label=%20)|[`ssrf`](/categorize/tags/ssrf.md)|![linux](/images/linux.png)![macos](/images/apple.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Scanner|[ssrf-sheriff](https://github.com/teknogeek/ssrf-sheriff)|A simple SSRF-testing sheriff written in Go |![](https://img.shields.io/github/stars/teknogeek/ssrf-sheriff?label=%20)|[`ssrf`](/categorize/tags/ssrf.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Exploit|[Gopherus](https://github.com/tarunkant/Gopherus)|This tool generates gopher link for exploiting SSRF and gaining RCE in various servers |![](https://img.shields.io/github/stars/tarunkant/Gopherus?label=%20)|[`ssrf`](/categorize/tags/ssrf.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[EvenBetter](https://github.com/bebiksior/EvenBetter)|EvenBetter is a frontend Caido plugin that makes the Caido experience even better|![](https://img.shields.io/github/stars/bebiksior/EvenBetter?label=%20)|[`encode`](/categorize/tags/encode.md) [`ssrf`](/categorize/tags/ssrf.md) [`darkmode`](/categorize/tags/darkmode.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![caido](/images/caido.png)[![TypeScript](/images/typescript.png)](/categorize/langs/TypeScript.md)|\n|Utils|[EvenBetterExtensions](https://github.com/bebiksior/EvenBetterExtensions)|EvenBetterExtensions allows you to quicky install and keep updated Caido extensions.|![](https://img.shields.io/github/stars/bebiksior/EvenBetterExtensions?label=%20)|[`encode`](/categorize/tags/encode.md) [`ssrf`](/categorize/tags/ssrf.md) [`darkmode`](/categorize/tags/darkmode.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![caido](/images/caido.png)[![TypeScript](/images/typescript.png)](/categorize/langs/TypeScript.md)|\n\n"
  },
  {
    "path": "categorize/tags/ssti.md",
    "content": "\n## Tools for ssti\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Fuzzer|[SSTImap](https://github.com/vladko312/SSTImap)|Automatic SSTI detection tool with interactive interface|![](https://img.shields.io/github/stars/vladko312/SSTImap?label=%20)|[`ssti`](/categorize/tags/ssti.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n\n"
  },
  {
    "path": "categorize/tags/steganography.md",
    "content": "\n## Tools for steganography\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Army-knife|[Baudrillard Suite](https://github.com/bad-antics/baudrillard-suite)|Cross-platform security research toolkit with OSINT aggregation, memory forensics, social engineering tools, steganography, and predictive threat modeling.|![](https://img.shields.io/github/stars/bad-antics/baudrillard-suite?label=%20)|[`osint`](/categorize/tags/osint.md) [`recon`](/categorize/tags/recon.md) [`forensics`](/categorize/tags/forensics.md) [`social-engineering`](/categorize/tags/social-engineering.md) [`steganography`](/categorize/tags/steganography.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n\n"
  },
  {
    "path": "categorize/tags/subdomains.md",
    "content": "\n## Tools for subdomains\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Recon|[puredns](https://github.com/d3mondev/puredns)|Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.|![](https://img.shields.io/github/stars/d3mondev/puredns?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`dns`](/categorize/tags/dns.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[subs_all](https://github.com/emadshanab/subs_all)|Subdomain Enumeration Wordlist. 8956437 unique words. Updated. |![](https://img.shields.io/github/stars/emadshanab/subs_all?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)|\n|Recon|[Sudomy](https://github.com/screetsec/Sudomy)|subdomain enumeration tool to collect subdomains and analyzing domains|![](https://img.shields.io/github/stars/screetsec/Sudomy?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Recon|[scilla](https://github.com/edoardottt/scilla)|🏴‍☠️ Information Gathering tool 🏴‍☠️ dns/subdomain/port enumeration|![](https://img.shields.io/github/stars/edoardottt/scilla?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`dns`](/categorize/tags/dns.md) [`port`](/categorize/tags/port.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[Dr. Watson](https://github.com/prodigysml/Dr.-Watson)|Dr. Watson is a simple Burp Suite extension that helps find assets, keys, subdomains, IP addresses, and other useful information|![](https://img.shields.io/github/stars/prodigysml/Dr.-Watson?label=%20)|[`param`](/categorize/tags/param.md) [`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[CT_subdomains](https://github.com/internetwache/CT_subdomains)|An hourly updated list of subdomains gathered from certificate transparency logs |![](https://img.shields.io/github/stars/internetwache/CT_subdomains?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)|\n|Recon|[shosubgo](https://github.com/incogbyte/shosubgo)|Small tool to Grab subdomains using Shodan api.|![](https://img.shields.io/github/stars/incogbyte/shosubgo?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[altdns](https://github.com/infosec-au/altdns)|Generates permutations, alterations and mutations of subdomains and then resolves them |![](https://img.shields.io/github/stars/infosec-au/altdns?label=%20)|[`dns`](/categorize/tags/dns.md) [`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[gobuster](https://github.com/OJ/gobuster)|Directory/File, DNS and VHost busting tool written in Go |![](https://img.shields.io/github/stars/OJ/gobuster?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[Sub404](https://github.com/r3curs1v3-pr0xy/sub404)|A python tool to check subdomain takeover vulnerability|![](https://img.shields.io/github/stars/r3curs1v3-pr0xy/sub404?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`takeover`](/categorize/tags/takeover.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[knock](https://github.com/guelfoweb/knock)|Knock Subdomain Scan |![](https://img.shields.io/github/stars/guelfoweb/knock?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[Sublist3r](https://github.com/aboul3la/Sublist3r)|Fast subdomains enumeration tool for penetration testers |![](https://img.shields.io/github/stars/aboul3la/Sublist3r?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[dmut](https://github.com/bp0lr/dmut)|A tool to perform permutations, mutations and alteration of subdomains in golang.|![](https://img.shields.io/github/stars/bp0lr/dmut?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[assetfinder](https://github.com/tomnomnom/assetfinder)|Find domains and subdomains related to a given domain |![](https://img.shields.io/github/stars/tomnomnom/assetfinder?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[github-subdomains](https://github.com/gwen001/github-subdomains)|Find subdomains on GitHub|![](https://img.shields.io/github/stars/gwen001/github-subdomains?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[Amass](https://github.com/OWASP/Amass)|In-depth Attack Surface Mapping and Asset Discovery |![](https://img.shields.io/github/stars/OWASP/Amass?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[SubBrute](https://github.com/aboul3la/Sublist3r)|https://github.com/TheRook/subbrute|![](https://img.shields.io/github/stars/aboul3la/Sublist3r?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[subgen](https://github.com/pry0cc/subgen)|A really simple utility to concate wordlists to a domain name - to pipe into your favourite resolver!|![](https://img.shields.io/github/stars/pry0cc/subgen?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[subfinder](https://github.com/projectdiscovery/subfinder)|Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing. |![](https://img.shields.io/github/stars/projectdiscovery/subfinder?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[Lepus](https://github.com/gfek/Lepus)|Subdomain finder|![](https://img.shields.io/github/stars/gfek/Lepus?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[SubOver](https://github.com/Ice3man543/SubOver)|A Powerful Subdomain Takeover Tool|![](https://img.shields.io/github/stars/Ice3man543/SubOver?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`takeover`](/categorize/tags/takeover.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[SecurityTrails](https://securitytrails.com)| Online dns / subdomain / recon tool||[`subdomains`](/categorize/tags/subdomains.md) [`online`](/categorize/tags/online.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)|\n|Recon|[subjs](https://github.com/lc/subjs)|Fetches javascript file from a list of URLS or subdomains.|![](https://img.shields.io/github/stars/lc/subjs?label=%20)|[`url`](/categorize/tags/url.md) [`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[subzy](https://github.com/LukaSikic/subzy)|Subdomain takeover vulnerability checker|![](https://img.shields.io/github/stars/LukaSikic/subzy?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`takeover`](/categorize/tags/takeover.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[subjack](https://github.com/haccer/subjack)|Subdomain Takeover tool written in Go |![](https://img.shields.io/github/stars/haccer/subjack?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`takeover`](/categorize/tags/takeover.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[alterx](https://github.com/projectdiscovery/alterx)|Fast and customizable subdomain wordlist generator using DSL|![](https://img.shields.io/github/stars/projectdiscovery/alterx?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`wordlist`](/categorize/tags/wordlist.md) [`permutation`](/categorize/tags/permutation.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[findomain](https://github.com/Edu4rdSHL/findomain)|The fastest and cross-platform subdomain enumerator, do not waste your time. |![](https://img.shields.io/github/stars/Edu4rdSHL/findomain?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Utils|[dsieve](https://github.com/trickest/dsieve)|Filter and enrich a list of subdomains by level|![](https://img.shields.io/github/stars/trickest/dsieve?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n\n"
  },
  {
    "path": "categorize/tags/takeover.md",
    "content": "\n## Tools for takeover\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Recon|[Sub404](https://github.com/r3curs1v3-pr0xy/sub404)|A python tool to check subdomain takeover vulnerability|![](https://img.shields.io/github/stars/r3curs1v3-pr0xy/sub404?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`takeover`](/categorize/tags/takeover.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[SubOver](https://github.com/Ice3man543/SubOver)|A Powerful Subdomain Takeover Tool|![](https://img.shields.io/github/stars/Ice3man543/SubOver?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`takeover`](/categorize/tags/takeover.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[subzy](https://github.com/LukaSikic/subzy)|Subdomain takeover vulnerability checker|![](https://img.shields.io/github/stars/LukaSikic/subzy?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`takeover`](/categorize/tags/takeover.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[subjack](https://github.com/haccer/subjack)|Subdomain Takeover tool written in Go |![](https://img.shields.io/github/stars/haccer/subjack?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`takeover`](/categorize/tags/takeover.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n\n"
  },
  {
    "path": "categorize/tags/terraform.md",
    "content": "\n## Tools for terraform\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Scanner|[cloud-audit](https://github.com/gebalamariusz/cloud-audit)|Fast, opinionated AWS security scanner with Terraform remediation and attack chain detection|![](https://img.shields.io/github/stars/gebalamariusz/cloud-audit?label=%20)|[`aws`](/categorize/tags/aws.md) [`cloud`](/categorize/tags/cloud.md) [`security`](/categorize/tags/security.md) [`terraform`](/categorize/tags/terraform.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n\n"
  },
  {
    "path": "categorize/tags/tls.md",
    "content": "\n## Tools for tls\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Recon|[tlsx](https://github.com/projectdiscovery/tlsx)|Fast and configurable TLS grabber focused on TLS based data collection|![](https://img.shields.io/github/stars/projectdiscovery/tlsx?label=%20)|[`ssl`](/categorize/tags/ssl.md) [`tls`](/categorize/tags/tls.md) [`certificates`](/categorize/tags/certificates.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n\n"
  },
  {
    "path": "categorize/tags/tools-management.md",
    "content": "\n## Tools for tools-management\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Utils|[pdtm](https://github.com/projectdiscovery/pdtm)|ProjectDiscovery's Open Source Tool Manager|![](https://img.shields.io/github/stars/projectdiscovery/pdtm?label=%20)|[`package-manager`](/categorize/tags/package-manager.md) [`tools-management`](/categorize/tags/tools-management.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n\n"
  },
  {
    "path": "categorize/tags/url.md",
    "content": "\n## Tools for url\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Recon|[apkleaks](https://github.com/dwisiswant0/apkleaks)|Scanning APK file for URIs, endpoints & secrets. |![](https://img.shields.io/github/stars/dwisiswant0/apkleaks?label=%20)|[`apk`](/categorize/tags/apk.md) [`url`](/categorize/tags/url.md) [`endpoint`](/categorize/tags/endpoint.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[waybackurls](https://github.com/tomnomnom/waybackurls)|Fetch all the URLs that the Wayback Machine knows about for a domain |![](https://img.shields.io/github/stars/tomnomnom/waybackurls?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[attack-surface-detector-burp](https://github.com/secdec/attack-surface-detector-burp)|The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters|![](https://img.shields.io/github/stars/secdec/attack-surface-detector-burp?label=%20)|[`endpoint`](/categorize/tags/endpoint.md) [`url`](/categorize/tags/url.md) [`attack-surface`](/categorize/tags/attack-surface.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Recon|[gauplus](https://github.com/bp0lr/gauplus)|A modified version of gau for personal usage. Support workers, proxies and some extra things.|![](https://img.shields.io/github/stars/bp0lr/gauplus?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[waymore](https://github.com/xnl-h4ck3r/waymore)|Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan, VirusTotal & Intelligence X!|![](https://img.shields.io/github/stars/xnl-h4ck3r/waymore?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[attack-surface-detector-zap](https://github.com/secdec/attack-surface-detector-zap)|The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters|![](https://img.shields.io/github/stars/secdec/attack-surface-detector-zap?label=%20)|[`endpoint`](/categorize/tags/endpoint.md) [`url`](/categorize/tags/url.md) [`attack-surface`](/categorize/tags/attack-surface.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n|Recon|[urx](https://github.com/hahwul/urx)|Extracts URLs from OSINT Archives for Security Insights|![](https://img.shields.io/github/stars/hahwul/urx?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|\n|Recon|[httpx](https://github.com/projectdiscovery/httpx)|httpx is a fast and multi-purpose HTTP toolkit allow to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads. |![](https://img.shields.io/github/stars/projectdiscovery/httpx?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[noir](https://github.com/noir-cr/noir)|Attack surface detector that identifies endpoints by static analysis|![](https://img.shields.io/github/stars/noir-cr/noir?label=%20)|[`endpoint`](/categorize/tags/endpoint.md) [`url`](/categorize/tags/url.md) [`attack-surface`](/categorize/tags/attack-surface.md)|![linux](/images/linux.png)![macos](/images/apple.png)[![Crystal](/images/crystal.png)](/categorize/langs/Crystal.md)|\n|Recon|[goverview](https://github.com/j3ssie/goverview)|goverview - Get an overview of the list of URLs|![](https://img.shields.io/github/stars/j3ssie/goverview?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[xurlfind3r](https://github.com/hueristiq/xurlfind3r)|A command-line utility designed to discover URLs for a given domain in a simple, efficient way.|![](https://img.shields.io/github/stars/hueristiq/xurlfind3r?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[uro](https://github.com/s0md3v/uro)|declutters url lists for crawling/pentesting|![](https://img.shields.io/github/stars/s0md3v/uro?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Recon|[urlhunter](https://github.com/utkusen/urlhunter)|a recon tool that allows searching on URLs that are exposed via shortener services|![](https://img.shields.io/github/stars/utkusen/urlhunter?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[subjs](https://github.com/lc/subjs)|Fetches javascript file from a list of URLS or subdomains.|![](https://img.shields.io/github/stars/lc/subjs?label=%20)|[`url`](/categorize/tags/url.md) [`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[gau](https://github.com/lc/gau)|Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.|![](https://img.shields.io/github/stars/lc/gau?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Recon|[cc.py](https://github.com/si9int/cc.py)|Extracting URLs of a specific target based on the results of \"commoncrawl.org\" |![](https://img.shields.io/github/stars/si9int/cc.py?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[urlprobe](https://github.com/1ndianl33t/urlprobe)|Urls status code & content length checker |![](https://img.shields.io/github/stars/1ndianl33t/urlprobe?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[fff](https://github.com/tomnomnom/fff)|The Fairly Fast Fetcher. Requests a bunch of URLs provided on stdin fairly quickly.|![](https://img.shields.io/github/stars/tomnomnom/fff?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[urlgrab](https://github.com/IAmStoxe/urlgrab)|A golang utility to spider through a website searching for additional links. |![](https://img.shields.io/github/stars/IAmStoxe/urlgrab?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[burl](https://github.com/tomnomnom/burl)|A Broken-URL Checker |![](https://img.shields.io/github/stars/tomnomnom/burl?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[godeclutter](https://github.com/c3l3si4n/godeclutter)|Declutters URLs in a fast and flexible way, for improving input for web hacking automations such as crawlers and vulnerability scans.|![](https://img.shields.io/github/stars/c3l3si4n/godeclutter?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[unfurl](https://github.com/tomnomnom/unfurl)|Pull out bits of URLs provided on stdin |![](https://img.shields.io/github/stars/tomnomnom/unfurl?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n\n"
  },
  {
    "path": "categorize/tags/vulnerability-scanner.md",
    "content": "\n## Tools for vulnerability-scanner\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Scanner|[osv-scanner](https://github.com/google/osv-scanner)|Vulnerability scanner which uses the OSV database to find vulnerabilities in open source projects|![](https://img.shields.io/github/stars/google/osv-scanner?label=%20)|[`vulnerability-scanner`](/categorize/tags/vulnerability-scanner.md) [`dependency-scanning`](/categorize/tags/dependency-scanning.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[trivy](https://github.com/aquasecurity/trivy)|Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more|![](https://img.shields.io/github/stars/aquasecurity/trivy?label=%20)|[`vulnerability-scanner`](/categorize/tags/vulnerability-scanner.md) [`container-security`](/categorize/tags/container-security.md) [`sbom`](/categorize/tags/sbom.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[CMSmap](https://github.com/dionach/CMSmap)|CMSmap is a python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs.|![](https://img.shields.io/github/stars/dionach/CMSmap?label=%20)|[`web-scanner`](/categorize/tags/web-scanner.md) [`vulnerability-scanner`](/categorize/tags/vulnerability-scanner.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[wapiti](https://github.com/wapiti-scanner/wapiti)|Web application vulnerability scanner. Wapiti allows you to audit the security of your websites or web applications.|![](https://img.shields.io/github/stars/wapiti-scanner/wapiti?label=%20)|[`vulnerability-scanner`](/categorize/tags/vulnerability-scanner.md) [`web-scanner`](/categorize/tags/web-scanner.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n\n"
  },
  {
    "path": "categorize/tags/web-scanner.md",
    "content": "\n## Tools for web-scanner\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Scanner|[CMSmap](https://github.com/dionach/CMSmap)|CMSmap is a python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs.|![](https://img.shields.io/github/stars/dionach/CMSmap?label=%20)|[`web-scanner`](/categorize/tags/web-scanner.md) [`vulnerability-scanner`](/categorize/tags/vulnerability-scanner.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[wapiti](https://github.com/wapiti-scanner/wapiti)|Web application vulnerability scanner. Wapiti allows you to audit the security of your websites or web applications.|![](https://img.shields.io/github/stars/wapiti-scanner/wapiti?label=%20)|[`vulnerability-scanner`](/categorize/tags/vulnerability-scanner.md) [`web-scanner`](/categorize/tags/web-scanner.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n\n"
  },
  {
    "path": "categorize/tags/web3.md",
    "content": "\n## Tools for web3\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Utils|[Web3 Decoder](https://github.com/nccgroup/web3-decoder)|Burp Extension for Web3|![](https://img.shields.io/github/stars/nccgroup/web3-decoder?label=%20)|[`web3`](/categorize/tags/web3.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|\n\n"
  },
  {
    "path": "categorize/tags/wordlist.md",
    "content": "\n## Tools for wordlist\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Recon|[alterx](https://github.com/projectdiscovery/alterx)|Fast and customizable subdomain wordlist generator using DSL|![](https://img.shields.io/github/stars/projectdiscovery/alterx?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`wordlist`](/categorize/tags/wordlist.md) [`permutation`](/categorize/tags/permutation.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[bruteforce-lists](https://github.com/random-robbie/bruteforce-lists)|Some files for bruteforcing certain things.|![](https://img.shields.io/github/stars/random-robbie/bruteforce-lists?label=%20)|[`wordlist`](/categorize/tags/wordlist.md) [`documents`](/categorize/tags/documents.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Txt](/images/txt.png)](/categorize/langs/Txt.md)|\n|Utils|[Assetnote Wordlists](https://github.com/assetnote/wordlists)|Automated & Manual Wordlists provided by Assetnote|![](https://img.shields.io/github/stars/assetnote/wordlists?label=%20)|[`wordlist`](/categorize/tags/wordlist.md) [`documents`](/categorize/tags/documents.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![CSS](/images/css.png)](/categorize/langs/CSS.md)|\n|Utils|[SecLists](https://github.com/danielmiessler/SecLists)|SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place.|![](https://img.shields.io/github/stars/danielmiessler/SecLists?label=%20)|[`wordlist`](/categorize/tags/wordlist.md) [`documents`](/categorize/tags/documents.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Txt](/images/txt.png)](/categorize/langs/Txt.md)|\n\n"
  },
  {
    "path": "categorize/tags/xss.md",
    "content": "\n## Tools for xss\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Scanner|[PwnXSS](https://github.com/pwn0sec/PwnXSS)|Vulnerability (XSS) scanner exploit|![](https://img.shields.io/github/stars/pwn0sec/PwnXSS?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[V3n0M-Scanner](https://github.com/v3n0m-Scanner/V3n0M-Scanner)|Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns|![](https://img.shields.io/github/stars/v3n0m-Scanner/V3n0M-Scanner?label=%20)|[`sqli`](/categorize/tags/sqli.md) [`xss`](/categorize/tags/xss.md) [`lfi`](/categorize/tags/lfi.md) [`rfi`](/categorize/tags/rfi.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[Chromium-based-XSS-Taint-Tracking](https://github.com/v8blink/Chromium-based-XSS-Taint-Tracking)|Cyclops is a web browser with XSS detection feature, it is chromium-based xss detection that used to find the flows from a source to a sink.|![](https://img.shields.io/github/stars/v8blink/Chromium-based-XSS-Taint-Tracking?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)|\n|Scanner|[LOXS](https://github.com/coffinxp/loxs)|best tool for finding SQLi,CRLF,XSS,LFi,OpenRedirect|![](https://img.shields.io/github/stars/coffinxp/loxs?label=%20)|[`xss`](/categorize/tags/xss.md) [`sqli`](/categorize/tags/sqli.md) [`crlf`](/categorize/tags/crlf.md) [`lfi`](/categorize/tags/lfi.md) [`open-redirect`](/categorize/tags/open-redirect.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[XSpear](https://github.com/hahwul/XSpear)|Powerfull XSS Scanning and Parameter analysis tool&gem |![](https://img.shields.io/github/stars/hahwul/XSpear?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Scanner|[NoXss](https://github.com/lwzSoviet/)|Faster xss scanner,support reflected-xss and dom-xss|![](https://img.shields.io/github/stars/lwzSoviet/?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[XSStrike](https://github.com/s0md3v/XSStrike)|Most advanced XSS scanner. |![](https://img.shields.io/github/stars/s0md3v/XSStrike?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[xsssniper](https://github.com/gbrindisi/xsssniper)|An automatic XSS discovery tool|![](https://img.shields.io/github/stars/gbrindisi/xsssniper?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[DOMPurify](https://github.com/cure53/DOMPurify)|DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:|![](https://img.shields.io/github/stars/cure53/DOMPurify?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Scanner|[dalfox](https://github.com/hahwul/dalfox)|🌘🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.|![](https://img.shields.io/github/stars/hahwul/dalfox?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Scanner|[xsser](https://github.com/epsylon/xsser)|Cross Site \"Scripter\" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications. |![](https://img.shields.io/github/stars/epsylon/xsser?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[domdig](https://github.com/fcavallarin/domdig)|DOM XSS scanner for Single Page Applications |![](https://img.shields.io/github/stars/fcavallarin/domdig?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Scanner|[findom-xss](https://github.com/dwisiswant0/findom-xss)|A fast DOM based XSS vulnerability scanner with simplicity. |![](https://img.shields.io/github/stars/dwisiswant0/findom-xss?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|\n|Scanner|[XssPy](https://github.com/faizann24/)|Web Application XSS Scanner|![](https://img.shields.io/github/stars/faizann24/?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Scanner|[xsscrapy](https://github.com/DanMcInerney/xsscrapy)|XSS/SQLi spider. Give it a URL and it'll test every link it finds for XSS and some SQLi. |![](https://img.shields.io/github/stars/DanMcInerney/xsscrapy?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Exploit|[toxssin](https://github.com/t3l3machus/toxssin)|An XSS exploitation command-line interface and payload generator.|![](https://img.shields.io/github/stars/t3l3machus/toxssin?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Exploit|[beef](https://github.com/beefproject/beef)|The Browser Exploitation Framework Project|![](https://img.shields.io/github/stars/beefproject/beef?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Utils|[docem](https://github.com/whitel1st/docem)|Uility to embed XXE and XSS payloads in docx,odt,pptx,etc (OXML_XEE on steroids)|![](https://img.shields.io/github/stars/whitel1st/docem?label=%20)|[`xxe`](/categorize/tags/xxe.md) [`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[eval_villain](https://github.com/swoops/eval_villain)|A Firefox Web Extension to improve the discovery of DOM XSS.|![](https://img.shields.io/github/stars/swoops/eval_villain?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![firefox](/images/firefox.png)![zap](/images/zap.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[jsfuck](https://github.com/aemkei/jsfuck)|Write any JavaScript with 6 Characters|![](https://img.shields.io/github/stars/aemkei/jsfuck?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[hbxss](https://github.com/hahwul/hbxss)|Security test tool for Blind XSS|![](https://img.shields.io/github/stars/hahwul/hbxss?label=%20)|[`xss`](/categorize/tags/xss.md) [`blind-xss`](/categorize/tags/blind-xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Utils|[gxss](https://github.com/rverton/gxss)|Blind XSS service alerting over slack or email|![](https://img.shields.io/github/stars/rverton/gxss?label=%20)|[`xss`](/categorize/tags/xss.md) [`blind-xss`](/categorize/tags/blind-xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[weaponised-XSS-payloads](https://github.com/hakluke/weaponised-XSS-payloads)|XSS payloads designed to turn alert(1) into P1|![](https://img.shields.io/github/stars/hakluke/weaponised-XSS-payloads?label=%20)|[`xss`](/categorize/tags/xss.md) [`documents`](/categorize/tags/documents.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[blistener](https://github.com/fyxme/blistener)|Blind-XSS listener with payloads|![](https://img.shields.io/github/stars/fyxme/blistener?label=%20)|[`xss`](/categorize/tags/xss.md) [`blind-xss`](/categorize/tags/blind-xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|\n|Utils|[DOMLogger++](https://github.com/kevin-mizu/domloggerpp)|A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.|![](https://img.shields.io/github/stars/kevin-mizu/domloggerpp?label=%20)|[`dom`](/categorize/tags/dom.md) [`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![firefox](/images/firefox.png)![chrome](/images/chrome.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[xssor2](https://github.com/evilcos/xssor2)|XSS'OR - Hack with JavaScript.|![](https://img.shields.io/github/stars/evilcos/xssor2?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[xless](https://github.com/mazen160/xless)|The Serverless Blind XSS App|![](https://img.shields.io/github/stars/mazen160/xless?label=%20)|[`xss`](/categorize/tags/xss.md) [`blind-xss`](/categorize/tags/blind-xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|\n|Utils|[xss-cheatsheet-data](https://github.com/PortSwigger/xss-cheatsheet-data)|This repository contains all the XSS cheatsheet data to allow contributions from the community. |![](https://img.shields.io/github/stars/PortSwigger/xss-cheatsheet-data?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)|\n|Utils|[CaidoReflector](https://github.com/bebiksior/CaidoReflector)|Automatically look for paramater reflections in the HTTP response|![](https://img.shields.io/github/stars/bebiksior/CaidoReflector?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![caido](/images/caido.png)[![TypeScript](/images/typescript.png)](/categorize/langs/TypeScript.md)|\n|Utils|[XSS-Catcher](https://github.com/daxAKAhackerman/XSS-Catcher)|Find blind XSS but why not gather data while you're at it.|![](https://img.shields.io/github/stars/daxAKAhackerman/XSS-Catcher?label=%20)|[`xss`](/categorize/tags/xss.md) [`blind-xss`](/categorize/tags/blind-xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[ezXSS](https://github.com/ssl/ezXSS)|ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting. |![](https://img.shields.io/github/stars/ssl/ezXSS?label=%20)|[`xss`](/categorize/tags/xss.md) [`blind-xss`](/categorize/tags/blind-xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![PHP](/images/php.png)](/categorize/langs/PHP.md)|\n\n"
  },
  {
    "path": "categorize/tags/xxe.md",
    "content": "\n## Tools for xxe\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Exploit|[XXEinjector](https://github.com/enjoiz/XXEinjector)|Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.|![](https://img.shields.io/github/stars/enjoiz/XXEinjector?label=%20)|[`xxe`](/categorize/tags/xxe.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|\n|Exploit|[XXExploiter](https://github.com/luisfontes19/xxexploiter)|Tool to help exploit XXE vulnerabilities|![](https://img.shields.io/github/stars/luisfontes19/xxexploiter?label=%20)|[`xxe`](/categorize/tags/xxe.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![TypeScript](/images/typescript.png)](/categorize/langs/TypeScript.md)|\n|Utils|[docem](https://github.com/whitel1st/docem)|Uility to embed XXE and XSS payloads in docx,odt,pptx,etc (OXML_XEE on steroids)|![](https://img.shields.io/github/stars/whitel1st/docem?label=%20)|[`xxe`](/categorize/tags/xxe.md) [`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[230-OOB](https://github.com/lc/230-OOB)|An Out-of-Band XXE server for retrieving file contents over FTP.|![](https://img.shields.io/github/stars/lc/230-OOB?label=%20)|[`xxe`](/categorize/tags/xxe.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n\n"
  },
  {
    "path": "categorize/tags/zipbomb.md",
    "content": "\n## Tools for zipbomb\n\n| Type | Name | Description | Star | Tags | Badges |\n| --- | --- | --- | --- | --- | --- |\n|Utils|[zip-bomb](https://github.com/damianrusinek/zip-bomb)|Create a ZIPBomb for a given uncompressed size (flat and nested modes).|![](https://img.shields.io/github/stars/damianrusinek/zip-bomb?label=%20)|[`zipbomb`](/categorize/tags/zipbomb.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n|Utils|[ZipBomb](https://github.com/abdulfatir/ZipBomb)|A simple implementation of ZipBomb in Python|![](https://img.shields.io/github/stars/abdulfatir/ZipBomb?label=%20)|[`zipbomb`](/categorize/tags/zipbomb.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|\n\n"
  },
  {
    "path": "scripts/erb.rb",
    "content": "require 'erb'\nrequire 'yaml'\n\ndef generate_badge array\n    badge = \"\"\n    array.each { |t|\n        case t\n        when 'linux'\n            badge = badge + \"![linux](/images/linux.png)\"\n        when 'windows'\n            badge = badge + \"![windows](/images/windows.png)\"\n        when 'macos'\n            badge = badge + \"![macos](/images/apple.png)\"\n        when 'firefox'\n            badge = badge + \"![firefox](/images/firefox.png)\"\n        when 'safari'\n            badge = badge + \"![safari](/images/safari.png)\"\n        when 'chrome'\n            badge = badge + \"![chrome](/images/chrome.png)\"\n        when 'burpsuite'\n            badge = badge + \"![burp](/images/burp.png)\"\n        when 'caido'\n            badge = badge + \"![caido](/images/caido.png)\"\n        when 'zap'\n            badge = badge + \"![zap](/images/zap.png)\"\n        end\n    }\n    return badge\nend\n\ndef generate_tags array\n    tags = \"\"\n    array.each { |t|\n        tags = tags + \"`#{t}` \"\n    }\n    return tags\nend\n\ncategorize_template_tags = %q{\n## Tools for <%= @ct_tag %>\n\n<%= @ct_head %>\n<%= @ct_data %>\n\n}.gsub(/^  /, '')\n\ncategorize_template_langs = %q{\n## Tools Made of <%= @ct_lang %>\n\n<%= @ct_head %>\n<%= @ct_data %>\n\n}.gsub(/^  /, '')\n\ntemplate = %q{\n<div align=\"center\">\n    <picture>\n      <source media=\"(prefers-color-scheme: dark)\" srcset=\"images/whw-dark.png\" width=\"500px;\">\n      <source media=\"(prefers-color-scheme: light)\" srcset=\"images/whw-light.png\" width=\"500px;\">\n      <img alt=\"WebHackersWeapons Logo\" src=\"images/whw-dark.png\" width=\"500px;\">\n    </picture>\n    <p>A collection of awesome tools used by Web hackers. Happy hacking , Happy bug-hunting!</p>\n</div>\n\n<p align=\"center\">\n<a href=\"https://github.com/hahwul/WebHackersWeapons/blob/main/CONTRIBUTING.md\">\n<img src=\"https://img.shields.io/badge/CONTRIBUTIONS-WELCOME-000000?style=for-the-badge&labelColor=black\"></a>\n</p>\n\n## Family project\n[![WebHackersWeapons](https://img.shields.io/github/stars/hahwul/WebHackersWeapons?label=WebHackersWeapons)](https://github.com/hahwul/WebHackersWeapons)\n[![MobileHackersWeapons](https://img.shields.io/github/stars/hahwul/MobileHackersWeapons?label=MobileHackersWeapons)](https://github.com/hahwul/MobileHackersWeapons)\n\n## Table of Contents\n- [Weapons](#weapons)\n    - [Tools](#tools)\n    - [Bookmarklets](#bookmarklets)\n    - [Browser Addons](#browser-addons)\n    - [Burpsuite, Caido and ZAP Addons](#burpsuite-caido-and-zap-addons)\n- [Contribute](CONTRIBUTING.md)\n- [Thanks to contributor](#thanks-to-contributor)\n\n## Weapons\n*Attributes*\n|       | Attributes                                        |\n|-------|---------------------------------------------------|\n| Types | `Army-Knife` `Proxy` `Recon` `Fuzzer` `Scanner` `Exploit` `Env` `Utils` `Etc`|\n| Tags  | <%= tags.uniq.join ' ' %>                         |\n| Langs | <%= langs.uniq.join ' ' %>                        |\n\n### Tools\n<%= tools %>\n\n### Bookmarklets\n<%= bookmarklets %>\n\n### Browser Addons\n<%= browser_addons %>\n\n### Burpsuite, Caido and ZAP Addons\n<%= tool_addons %>\n\n## Thanks to (Contributor)\nWHW's open-source project and made it with ❤️ if you want contribute this project, please see [CONTRIBUTING.md](https://github.com/hahwul/WebHackersWeapons/blob/main/CONTRIBUTING.md) and Pull-Request with cool your contents.\n\n[![](/images/CONTRIBUTORS.svg)](https://github.com/hahwul/WebHackersWeapons/graphs/contributors)\n\n}.gsub(/^  /, '')\n\ntags = []\nlangs = []\ncategorize_tags = {}\ncategorize_langs = {}\nhead = \"| Type | Name | Description | Star | Tags | Badges |\\n\"\nhead = head + \"| --- | --- | --- | --- | --- | --- |\"\ntools = head + \"\\n\"\nbookmarklets = head + \"\\n\"\nbrowser_addons = head + \"\\n\"\ntool_addons = head + \"\\n\"\n\nweapons = []\nweapons_obj = {\n    \"army-knife\" => [],\n    \"proxy\" => [],\n    \"recon\"=> [],\n    \"fuzzer\"=> [],\n    \"scanner\"=> [],\n    \"exploit\"=> [],\n    \"utils\"=> [],\n    \"etc\"=> []\n}\n\nDir.entries(\"./weapons/\").each do | name |\n    if name != '.' && name != '..'\n        begin\n            data = YAML.load(File.open(\"./weapons/#{name}\"))\n\n            if data['type'] != \"\" && data['type'] != nil\n                if weapons_obj[data['type'].downcase] != nil\n                    weapons_obj[data['type'].downcase].push data\n                else\n                    weapons_obj[data['type'].downcase] = []\n                    weapons_obj[data['type'].downcase].push data\n                end\n            else\n                weapons_obj['etc'].push data\n            end\n        rescue => e\n            puts e\n        end\n    end\nend\n\nweapons_obj.each do |key,value|\n    weapons.concat value\nend\n\nweapons.each do | data |\n    begin\n        name = data['name']\n        temp_tags = []\n        begin\n          data['tags'].each do |t|\n             temp_tags.push \"[`#{t}`](/categorize/tags/#{t}.md)\"\n          end\n          tags.concat temp_tags\n        rescue\n        end\n        lang_badge = \"\"\n        begin\n          if data['lang'].length > 0 && data['lang'] != \"null\"\n              langs.push \"[`#{data['lang']}`](/categorize/langs/#{data['lang'].gsub('#','%23')}.md)\"\n              lang_badge = \"[![#{data['lang']}](/images/#{data['lang'].downcase.gsub('#','%23')}.png)](/categorize/langs/#{data['lang'].gsub('#','%23')}.md)\"\n          end\n        rescue\n        end\n\n        popularity = \"\"\n\n        if data['url'].length > 0\n            name = \"[#{name}](#{data['url']})\"\n        end\n\n        if data['url'].include? \"github.com\"\n            split_result = data['url'].split \"//github.com/\"\n            popularity = \"![](https://img.shields.io/github/stars/#{split_result[1]}?label=%20)\"\n        end\n        badge = generate_badge(data['platform'])\n        line = \"|#{data['type']}|#{name}|#{data['description']}|#{popularity}|#{temp_tags.join ' '}|#{badge}#{lang_badge}|\"\n        case data['category'].downcase\n        when 'tool'\n            tools = tools + line + \"\\n\"\n        when 'tool-addon'\n            tool_addons = tool_addons + line + \"\\n\"\n        when 'browser-addon'\n            browser_addons = browser_addons + line + \"\\n\"\n        when 'bookmarklet'\n            bookmarklets = bookmarklets + line + \"\\n\"\n        else\n            puts name\n        end\n\n        tmp_lang = data['lang']\n        tmp_tags = data['tags']\n\n        if tmp_tags != nil\n            tmp_tags.each do |t|\n                if categorize_tags[t] == nil\n                    categorize_tags[t] = line + \"\\n\"\n                else\n                    categorize_tags[t] = categorize_tags[t] + line + \"\\n\"\n                end\n            end\n        end\n\n        if tmp_lang != nil\n            if categorize_langs[tmp_lang] == nil\n                categorize_langs[tmp_lang] = line + \"\\n\"\n            else\n                categorize_langs[tmp_lang] = categorize_langs[tmp_lang] + line + \"\\n\"\n            end\n        end\n\n    rescue => e\n        puts e\n    end\nend\n\nmarkdown = ERB.new(template, trim_mode: \"%<>\")\n#puts markdown.result\nFile.write './README.md', markdown.result\n\ncategorize_tags.each do |key,value|\n    if key != nil && key != \"\"\n        @ct_tag = key\n        @ct_head = head + \"\\n\"\n        @ct_data = value\n        tag_markdown = ERB.new(categorize_template_tags, trim_mode: \"%<>\")\n        File.write \"./categorize/tags/#{@ct_tag}.md\", tag_markdown.result\n    end\nend\n\ncategorize_langs.each do |key,value|\n    if key != nil && key != \"\"\n        @ct_lang = key\n        @ct_head = head + \"\\n\"\n        @ct_data = value\n        lang_markdown = ERB.new(categorize_template_langs, trim_mode: \"%<>\")\n        File.write \"./categorize/langs/#{@ct_lang}.md\", lang_markdown.result\n    end\nend\n"
  },
  {
    "path": "scripts/for_migration/apply_platform.rb",
    "content": "require 'yaml'\n\nDir.entries(\"./weapons\").each do | name |\n    if name.strip != \".\"  || name != \"..\"\n      begin\n        data = YAML.load(File.open(\"./weapons/#{name}\"))\n        data['platform'] = ['linux','macos','windows']\n        yaml_data = YAML.dump(data)\n        File.write(\"./weapons/#{name}\", yaml_data)\n      rescue => e\n        puts e\n      end\n    end\nend"
  },
  {
    "path": "scripts/for_migration/fetch_lang.rb",
    "content": "# https://api.github.com/repos/hahwul/dalfox/languages\n#\n#\nrequire 'yaml'\n\nlangs = []\nDir.entries(\"./weapons\").each do | name |\n    if name.strip != \".\"  || name != \"..\"\n      begin\n        data = YAML.load(File.open(\"./weapons/#{name}\"))\n        if data['url'].include? \"//github.com\"\n            t = data['url'].split(\"/\")\n            lang = `curl -s https://api.github.com/repos/#{t[3]}/#{t[4]}/languages | jq 'to_entries | max_by(.value) | .key'`\n            lang_str = lang.gsub(\"\\\"\",\"\").gsub(\"\\n\",\"\")\n            if lang_str != \"documentation_url\"\n              puts \"hit #{name}\"\n              data['lang'] = lang_str\n              yaml_data = YAML.dump(data)\n              File.write(\"./weapons/#{name}\", yaml_data)\n              langs.push lang_str\n            else\n              puts \"denied #{name}\"\n            end\n            sleep(90)\n        end\n      rescue => e\n        puts e\n      end\n    end\n  end\nputs langs.uniq"
  },
  {
    "path": "scripts/for_migration/migration.rb",
    "content": "require 'json'\nrequire 'yaml'\nrequire \"uri\"\n\ndef get_os install\n     lst = []\n     if install['Linux'].length > 1\n          lst.push 'linux'\n     end\n     if install['MacOS'].length > 1\n          lst.push 'macos'\n     end\n     if install['Windows'].length > 1\n          lst.push 'windows'\n     end\n     return lst\nend\n\ndef get_browser str\n     lst = []\n     if str.include? 'Chrome'\n          lst.push 'chrome'\n     end\n     if str.include? 'Firefox'\n          lst.push 'firefox'\n     end\n     if str.include? 'Safari'\n          lst.push 'safari'\n     end\n     if str.include? 'Burp'\n          lst.push 'burpsuite'\n     end\n     if str.include? 'ZAP'\n          lst.push 'zap'\n     end\n     if str.include? 'All'\n          lst.push 'burpsuite'\n          lst.push 'zap'\n     end\n     return lst\nend\n\ndef get_url str\n     urls = URI.extract(str).uniq\n     urls.each do |url|\n          if !url.include? \"img.shields.io\"\n               return url.gsub(\")\",\"\")\n          end\n     end\n     return \"\"\nend\n\ndef get_lang url\n     if url.include? \"https://github.com\"\n          \n     end\nend\n\ndef migrate jsonfile, category\n     file = File.read(jsonfile)\n     data_hash = JSON.parse(file)\n\n     data_hash.each do | name, obj |\n          filename = name.gsub(' ','_')+\".yaml\"\n          # Make object\n          new_obj = {}\n          new_obj['name'] = name\n          new_obj['description'] = obj['Description']\n          new_obj['url'] = get_url obj['Data']\n          new_obj['category'] = category\n          new_obj['types'] = []\n          if obj['Install'] != nil \n               new_obj['platform'] = get_os(obj['Install'])\n          end\n          if category.include? 'addon'\n               if obj['Type'].length > 0 \n                    new_obj['platform'] = get_browser(obj['Type'])\n               end\n          end\n          new_obj['lang'] = [] # parse DATA\n          new_obj['tags'] = []\n\n          # Convert to YAML\n          yaml_data = YAML.dump(new_obj)\n\n          # Save yaml file\n          puts filename\n          File.write(\"./weapons/#{filename}\", yaml_data)\n     end\nend \n\nmigrate './data.json', 'tool'\nmigrate './Bookmarklets/data.json', 'bookmarklet'\nmigrate './Browser Extensions/data.json', 'browser-addon'\nmigrate './Burp and ZAP Extensions/data.json', 'tool-addon'"
  },
  {
    "path": "scripts/last_change",
    "content": "Fri Mar 20 11:27:24 UTC 2026\n"
  },
  {
    "path": "scripts/validate_weapons.rb",
    "content": "require 'yaml'\n\nDir.entries(\"./weapons\").each do | name |\n    if name.strip != \".\"  || name != \"..\"\n      begin\n        data = YAML.load(File.open(\"./weapons/#{name}\"))\n        if data['type'] == \"\" || data['type'] == nil\n            puts \"./weapons/#{name} :: none-type\"\n        end\n        if data['lang'] == \"\" || data['lang'] == nil || data['lang'].length == 0\n          if data['url'].include? \"github.com\"\n            puts \"./weapons/#{name} :: none-lang\"\n          end\n        end\n        if data['tags'].length == 0 || data['tags'] == nil\n            #puts \"#{name} :: none-tags\"\n        end\n      rescue => e\n        puts e\n      end\n    end\nend"
  },
  {
    "path": "weapons/230-OOB.yaml",
    "content": "---\nname: 230-OOB\ndescription: An Out-of-Band XXE server for retrieving file contents over FTP.\nurl: https://github.com/lc/230-OOB\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Python\ntags: [xxe]\n"
  },
  {
    "path": "weapons/3klCon.yaml",
    "content": "---\nname: 3klCon\ndescription: Automation Recon tool which works with Large & Medium scopes. It performs\n  more than 20 tasks and gets back all the results in separated files.\nurl: https://github.com/eslam3kl/3klCon\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Python\ntags: []\n"
  },
  {
    "path": "weapons/AWSBucketDump.yaml",
    "content": "---\nname: AWSBucketDump\ndescription: Security Tool to Look For Interesting Files in S3 Buckets\nurl: https://github.com/jordanpotti/AWSBucketDump\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: [s3]\n"
  },
  {
    "path": "weapons/AWSSigner.yaml",
    "content": "---\nname: AWSSigner\ndescription: Burp Extension for AWS Signing\nurl: https://github.com/NetSPI/AWSSigner\ncategory: tool-addon\ntype: Utils\nplatform: [linux, macos, windows, burpsuite]\nlang: Java\ntags: []\n"
  },
  {
    "path": "weapons/Amass.yaml",
    "content": "---\nname: Amass\ndescription: 'In-depth Attack Surface Mapping and Asset Discovery '\nurl: https://github.com/OWASP/Amass\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [subdomains]\n"
  },
  {
    "path": "weapons/Arjun.yaml",
    "content": "---\nname: Arjun\ndescription: 'HTTP parameter discovery suite. '\nurl: https://github.com/s0md3v/Arjun\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Python\ntags: [param]\n"
  },
  {
    "path": "weapons/Assetnote_Wordlists.yaml",
    "content": "---\nname: Assetnote Wordlists\ndescription: Automated & Manual Wordlists provided by Assetnote\nurl: https://github.com/assetnote/wordlists\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: CSS\ntags: [wordlist, documents]\n"
  },
  {
    "path": "weapons/Atlas.yaml",
    "content": "---\nname: Atlas\ndescription: 'Quick SQLMap Tamper Suggester '\nurl: https://github.com/m4ll0k/Atlas\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Python\ntags: [sqli]\n"
  },
  {
    "path": "weapons/AuthMatrix.yaml",
    "content": "---\nname: AuthMatrix\ndescription:\nurl: https://github.com/SecurityInnovation/AuthMatrix\ncategory: tool-addon\ntype: Scanner\nplatform: [linux, macos, windows, burpsuite]\nlang: Python\ntags: [aaa]\n"
  },
  {
    "path": "weapons/AutoRepeater.yaml",
    "content": "---\nname: AuthMatrix\ndescription: Automated HTTP Request Repeating With Burp Suite\nurl: https://github.com/SecurityInnovation/AuthMatrix\ncategory: tool-addon\ntype: Utils\nplatform: [linux, macos, windows, burpsuite]\nlang: Java\ntags: []\n"
  },
  {
    "path": "weapons/Autorize.yaml",
    "content": "---\nname: Autorize\ndescription:\nurl: https://github.com/Quitten/Autorize\ncategory: tool-addon\ntype: Scanner\nplatform: [linux, macos, windows, burpsuite]\nlang: Python\ntags: [aaa]\n"
  },
  {
    "path": "weapons/BLUTO.yaml",
    "content": "---\nname: BLUTO\ndescription: DNS Analysis Tool\nurl: https://github.com/darryllane/Bluto\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Python\ntags: [dns]\n"
  },
  {
    "path": "weapons/BaRMIe.yaml",
    "content": "---\nname: BaRMIe\ndescription: Java RMI enumeration and attack tool.\nurl: https://github.com/NickstaDB/BaRMIe\ncategory: tool\ntype: Exploit\nplatform: [linux, macos, windows]\nlang: Java\ntags: [RMI]\n"
  },
  {
    "path": "weapons/BatchQL.yaml",
    "content": "---\nname: BatchQL\ndescription: GraphQL security auditing script with a focus on performing batch GraphQL\n  queries and mutations\nurl: https://github.com/assetnote/batchql\ncategory: tool\ntype: Fuzzer\nplatform: [linux, macos, windows]\nlang: Python\ntags: [graphql]\n"
  },
  {
    "path": "weapons/Berserko.yaml",
    "content": "---\nname: Berserko\ndescription: Burp Suite extension to perform Kerberos authentication\nurl: https://github.com/nccgroup/Berserko\ncategory: tool-addon\ntype: Utils\nplatform: [linux, macos, windows, burpsuite]\nlang: Java\ntags: []\n"
  },
  {
    "path": "weapons/Blacklist3r.yaml",
    "content": "---\nname: Blacklist3r\ndescription: 'project-blacklist3r '\nurl: https://github.com/NotSoSecure/Blacklist3r\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: C#\ntags: []\n"
  },
  {
    "path": "weapons/BruteX.yaml",
    "content": "---\nname: BruteX\ndescription: Automatically brute force all services running on a target.\nurl: https://github.com/1N3/BruteX\ncategory: tool\ntype: Fuzzer\nplatform: [linux, macos, windows]\nlang: Shell\ntags: []\n"
  },
  {
    "path": "weapons/Bug-Bounty-Toolz.yaml",
    "content": "---\nname: Bug-Bounty-Toolz\ndescription: 'BBT - Bug Bounty Tools '\nurl: https://github.com/m4ll0k/Bug-Bounty-Toolz\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Python\ntags: []\n"
  },
  {
    "path": "weapons/BugBountyScanner.yaml",
    "content": "---\nname: BugBountyScanner\ndescription: A Bash script and Docker image for Bug Bounty reconnaissance.\nurl: https://github.com/chvancooten/BugBountyScanner\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Shell\ntags: []\n"
  },
  {
    "path": "weapons/BurpBounty.yaml",
    "content": "---\nname: BurpBounty\ndescription:\nurl: https://github.com/wagiro/BurpBounty\ncategory: tool-addon\ntype: Utils\nplatform: [linux, macos, windows, burpsuite]\nlang: BlitzBasic\ntags: []\n"
  },
  {
    "path": "weapons/BurpCustomizer.yaml",
    "content": "---\nname: BurpCustomizer\ndescription: Because just a dark theme wasn't enough!\nurl: https://github.com/CoreyD97/BurpCustomizer\ncategory: tool-addon\ntype: Utils\nplatform: [linux, macos, windows, burpsuite]\nlang: Java\ntags: []\n"
  },
  {
    "path": "weapons/BurpJSLinkFinder.yaml",
    "content": "---\nname: BurpJSLinkFinder\ndescription:\nurl: https://github.com/InitRoot/BurpJSLinkFinder\ncategory: tool-addon\ntype: Recon\nplatform: [linux, macos, windows, burpsuite]\nlang: Python\ntags: [js-analysis]\n"
  },
  {
    "path": "weapons/BurpSuite-Secret_Finder.yaml",
    "content": "---\nname: BurpSuite-Secret_Finder\ndescription:\nurl: https://github.com/m4ll0k/BurpSuite-Secret_Finder\ncategory: tool-addon\ntype: Recon\nplatform: [linux, macos, windows, burpsuite]\nlang:\ntags: []\n"
  },
  {
    "path": "weapons/BurpSuite.yaml",
    "content": "---\nname: BurpSuite\ndescription: The BurpSuite Project\nurl: https://portswigger.net/burp\ncategory: tool\ntype: Army-Knife\nplatform: [linux, macos, windows, burpsuite]\nlang: Java\ntags: [mitmproxy, live-audit, crawl]\n"
  },
  {
    "path": "weapons/BurpSuiteHTTPSmuggler.yaml",
    "content": "---\nname: BurpSuiteHTTPSmuggler\ndescription:\nurl: https://github.com/nccgroup/BurpSuiteHTTPSmuggler\ncategory: tool-addon\ntype: Scanner\nplatform: [linux, macos, windows, burpsuite]\nlang: Java\ntags: [smuggle]\n"
  },
  {
    "path": "weapons/BurpSuiteLoggerPlusPlus.yaml",
    "content": "---\nname: BurpSuiteLoggerPlusPlus\ndescription:\nurl: https://github.com/nccgroup/BurpSuiteLoggerPlusPlus\ncategory: tool-addon\ntype: Utils\nplatform: [linux, macos, windows, burpsuite]\nlang: Java\ntags: []\n"
  },
  {
    "path": "weapons/CMSmap.yaml",
    "content": "---\nname: CMSmap\ndescription: CMSmap is a python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs.\nurl: https://github.com/dionach/CMSmap\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: [web-scanner, vulnerability-scanner]\n"
  },
  {
    "path": "weapons/CSP_Evaluator.yaml",
    "content": "---\nname: CSP Evaluator\ndescription: Online CSP Evaluator from google\nurl: https://csp-evaluator.withgoogle.com\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang:\ntags: [csp]\n"
  },
  {
    "path": "weapons/CT_subdomains.yaml",
    "content": "---\nname: CT_subdomains\ndescription: 'An hourly updated list of subdomains gathered from certificate transparency\n  logs '\nurl: https://github.com/internetwache/CT_subdomains\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang:\ntags: [subdomains]\n"
  },
  {
    "path": "weapons/CaidoReflector.yaml",
    "content": "---\nname: CaidoReflector\ndescription: Automatically look for paramater reflections in the HTTP response\nurl: https://github.com/bebiksior/CaidoReflector\ncategory: tool-addon\ntype: Utils\nplatform: [linux, macos, windows, caido]\nlang: TypeScript\ntags: [xss]\n"
  },
  {
    "path": "weapons/Chaos_Web.yaml",
    "content": "---\nname: Chaos Web\ndescription: \" actively scan and maintain internet-wide assets' data. enhance research\\\n  \\ and analyse changes around DNS for better insights.\"\nurl: https://chaos.projectdiscovery.io\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang:\ntags: []\n"
  },
  {
    "path": "weapons/Chromium-based-XSS-Taint-Tracking.yaml",
    "content": "---\nname: Chromium-based-XSS-Taint-Tracking\ndescription: Cyclops is a web browser with XSS detection feature, it is chromium-based\n  xss detection that used to find the flows from a source to a sink.\nurl: https://github.com/v8blink/Chromium-based-XSS-Taint-Tracking\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang:\ntags: [xss]\n"
  },
  {
    "path": "weapons/Clipboard.yaml",
    "content": "---\nname: Clipboard\ndescription: An external brain that remembers anything, anytime, anywhere.\nurl: https://github.com/Slackadays/Clipboard\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: C++\ntags: [clipboard]\n"
  },
  {
    "path": "weapons/ConfusedDotnet.yaml",
    "content": "---\nname: ConfusedDotnet\ndescription: Tool to check for dependency confusion vulnerabilities in NuGet package management systems\nurl: https://github.com/visma-prodsec/ConfusedDotnet\ncategory: tool\ntype: Scanner\nplatform: [windows]\nlang: C#\ntags: [dependency-confusion]\n"
  },
  {
    "path": "weapons/CorsMe.yaml",
    "content": "---\nname: CorsMe\ndescription: 'Cross Origin Resource Sharing MisConfiguration Scanner '\nurl: https://github.com/Shivangx01b/CorsMe\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Go\ntags: [cors]\n"
  },
  {
    "path": "weapons/Corsy.yaml",
    "content": "---\nname: Corsy\ndescription: 'CORS Misconfiguration Scanner '\nurl: https://github.com/s0md3v/Corsy\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: [cors]\n"
  },
  {
    "path": "weapons/CrackQL.yaml",
    "content": "---\nname: CrackQL\ndescription: CrackQL is a GraphQL password brute-force and fuzzing utility.\nurl: https://github.com/nicholasaleks/CrackQL\ncategory: tool\ntype: Fuzzer\nplatform: [linux, macos, windows]\nlang: Python\ntags: [graphql]\n"
  },
  {
    "path": "weapons/CyberChef.yaml",
    "content": "---\nname: CyberChef\ndescription: 'The Cyber Swiss Army Knife - a web app for encryption, encoding, compression\n  and data analysis '\nurl: https://github.com/gchq/CyberChef\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: JavaScript\ntags: []\n"
  },
  {
    "path": "weapons/DNSDumpster.yaml",
    "content": "---\nname: DNSDumpster\ndescription: ' Online dns recon & research, find & lookup dns records'\nurl: https://dnsdumpster.com\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang:\ntags: [dns, online]\n"
  },
  {
    "path": "weapons/DOMPurify.yaml",
    "content": "---\nname: DOMPurify\ndescription: 'DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for\n  HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of\n  configurability and hooks. Demo:'\nurl: https://github.com/cure53/DOMPurify\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: JavaScript\ntags: [xss]\n"
  },
  {
    "path": "weapons/DSSS.yaml",
    "content": "---\nname: DSSS\ndescription: Damn Small SQLi Scanner\nurl: https://github.com/stamparm/DSSS\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: [sqli]\n"
  },
  {
    "path": "weapons/Dark_Reader.yaml",
    "content": "---\nname: Dark Reader\ndescription: Dark mode to any site\nurl: https://github.com/darkreader/darkreader\ncategory: browser-addon\ntype: Utils\nplatform: [linux, macos, windows, firefox, chrome]\nlang: TypeScript\ntags: [darkmode]\n"
  },
  {
    "path": "weapons/Dark_Reader_for_Safari.yaml",
    "content": "---\nname: Dark Reader for Safari\ndescription: Dark mode to any site\nurl: https://apps.apple.com/us/app/dark-reader-for-safari/id1438243180\ncategory: browser-addon\ntype: Utils\nplatform: [linux, macos, windows, safari]\nlang:\ntags: []\n"
  },
  {
    "path": "weapons/Decoder-Improved.yaml",
    "content": "---\nname: Decoder-Improved\ndescription: Improved decoder for Burp Suite\nurl: https://github.com/nccgroup/Decoder-Improved\ncategory: tool-addon\ntype: Utils\nplatform: [linux, macos, windows, burpsuite]\nlang: Java\ntags: []\n"
  },
  {
    "path": "weapons/DeepViolet.yaml",
    "content": "---\nname: DeepViolet\ndescription: Tool for introspection of SSL\\TLS sessions\nurl: https://github.com/spoofzu/DeepViolet\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Java\ntags: [ssl]\n"
  },
  {
    "path": "weapons/DirDar.yaml",
    "content": "---\nname: DirDar\ndescription: DirDar is a tool that searches for (403-Forbidden) directories to break\n  it and get dir listing on it\nurl: https://github.com/M4DM0e/DirDar\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Go\ntags: [403]\n"
  },
  {
    "path": "weapons/DotGit.yaml",
    "content": "---\nname: DotGit\ndescription: An extension for checking if .git is exposed in visited websites\nurl: https://github.com/davtur19/DotGit\ncategory: browser-addon\ntype: Recon\nplatform: [linux, macos, windows, firefox, chrome]\nlang: JavaScript\ntags: []\n"
  },
  {
    "path": "weapons/Dr. Watson.yaml",
    "content": "---\nname: Dr. Watson\ndescription: Dr. Watson is a simple Burp Suite extension that helps find assets, keys,\n  subdomains, IP addresses, and other useful information\nurl: https://github.com/prodigysml/Dr.-Watson\ncategory: tool-addon\ntype: Recon\nplatform: [linux, macos, windows, burpsuite]\nlang: Python\ntags: [param, subdomains]\n"
  },
  {
    "path": "weapons/EchoMirage.yaml",
    "content": "---\nname: Echo Mirage\ndescription: A generic network proxy that uses DLL injection to capture and alter\n  TCP traffic.\nurl: https://sourceforge.net/projects/echomirage.oldbutgold.p/\ncategory: tool\ntype: Proxy\nplatform: [windows]\nlang:\ntags: [mitmproxy]\n"
  },
  {
    "path": "weapons/Edit-This-Cookie.yaml",
    "content": "---\nname: Edit-This-Cookie\ndescription: EditThisCookie is the famous Google Chrome/Chromium extension for editing\n  cookies\nurl: https://github.com/ETCExtensions/Edit-This-Cookie\ncategory: browser-addon\ntype: Utils\nplatform: [linux, macos, windows, chrome]\nlang: JavaScript\ntags: [cookie]\n"
  },
  {
    "path": "weapons/Emissary.yaml",
    "content": "---\nname: Emissary\ndescription: Send notifications on different channels such as Slack, Telegram, Discord\n  etc.\nurl: https://github.com/BountyStrike/Emissary\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Go\ntags: [notify]\n"
  },
  {
    "path": "weapons/EvenBetter.yaml",
    "content": "---\nname: EvenBetter\ndescription: EvenBetter is a frontend Caido plugin that makes the Caido experience\n  even better\nurl: https://github.com/bebiksior/EvenBetter\ncategory: tool-addon\ntype: Utils\nplatform: [linux, macos, windows, caido]\nlang: TypeScript\ntags: [encode, ssrf, darkmode]\n"
  },
  {
    "path": "weapons/EvenBetterExtensions.yaml",
    "content": "---\nname: EvenBetterExtensions\ndescription: EvenBetterExtensions allows you to quicky install and keep updated Caido extensions.\nurl: https://github.com/bebiksior/EvenBetterExtensions\ncategory: tool-addon\ntype: Utils\nplatform: [linux, macos, windows, caido]\nlang: TypeScript\ntags: [encode, ssrf, darkmode]\n"
  },
  {
    "path": "weapons/FavFreak.yaml",
    "content": "---\nname: FavFreak\ndescription: 'Making Favicon.ico based Recon Great again ! '\nurl: https://github.com/devanshbatham/FavFreak\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Python\ntags: []\n"
  },
  {
    "path": "weapons/Findsploit.yaml",
    "content": "---\nname: Findsploit\ndescription: Find exploits in local and online databases instantly\nurl: https://github.com/1N3/Findsploit\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Shell\ntags: [exploit]\n"
  },
  {
    "path": "weapons/Firefox Multi-Account Containers.yaml",
    "content": "---\nname: Firefox Multi-Account Containers\ndescription: Firefox Multi-Account Containers lets you keep parts of your online life\n  separated into color-coded tabs\nurl: https://github.com/mozilla/multi-account-containers\ncategory: browser-addon\ntype: Utils\nplatform: [linux, macos, windows, firefox]\nlang: JavaScript\ntags: []\n"
  },
  {
    "path": "weapons/FockCache.yaml",
    "content": "---\nname: FockCache\ndescription: Minimalized Test Cache Poisoning\nurl: https://github.com/tismayil/fockcache\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Go\ntags: [cache-vuln]\n"
  },
  {
    "path": "weapons/GAP.yaml",
    "content": "---\nname: GAP\ndescription: This is an evolution of the original getAllParams extension for Burp.\n  Not only does it find more potential parameters for you to investigate, but it also\n  finds potential links to try these parameters on.\nurl: https://github.com/xnl-h4ck3r/GAP-Burp-Extension\ncategory: tool-addon\ntype: Fuzzer\nplatform: [linux, macos, windows, burpsuite]\nlang: Python\ntags: [param]\n"
  },
  {
    "path": "weapons/GQLSpection.yaml",
    "content": "---\nname: GQLSpection\ndescription: parses GraphQL introspection schema and generates possible queries\nurl: https://github.com/doyensec/GQLSpection\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Python\ntags: [graphql]\n"
  },
  {
    "path": "weapons/GadgetProbe.yaml",
    "content": "---\nname: GadgetProbe\ndescription: Probe endpoints consuming Java serialized objects to identify classes,\n  libraries, and library versions on remote Java classpaths.\nurl: https://github.com/BishopFox/GadgetProbe\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Java\ntags: [deserialize]\n"
  },
  {
    "path": "weapons/Gf-Patterns.yaml",
    "content": "---\nname: Gf-Patterns\ndescription: 'GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic)\n  parameters grep '\nurl: https://github.com/1ndianl33t/Gf-Patterns\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang:\ntags:\n"
  },
  {
    "path": "weapons/GitMiner.yaml",
    "content": "---\nname: GitMiner\ndescription: 'Tool for advanced mining for content on Github '\nurl: https://github.com/UnkL4b/GitMiner\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Python\ntags: []\n"
  },
  {
    "path": "weapons/Glorp.yaml",
    "content": "---\nname: Glorp\ndescription: A CLI-based HTTP intercept and replay proxy\nurl: https://github.com/denandz/glorp\ncategory: tool\ntype: Proxy\nplatform: [linux, macos, windows]\nlang: Go\ntags: [mitmproxy]\n"
  },
  {
    "path": "weapons/Glue.yaml",
    "content": "---\nname: Glue\ndescription: Application Security Automation\nurl: https://github.com/OWASP/glue\ncategory: tool\ntype: Env\nplatform: [linux, macos, windows]\nlang: Ruby\ntags: []\n"
  },
  {
    "path": "weapons/Gopherus.yaml",
    "content": "---\nname: Gopherus\ndescription: 'This tool generates gopher link for exploiting SSRF and gaining RCE\n  in various servers '\nurl: https://github.com/tarunkant/Gopherus\ncategory: tool\ntype: Exploit\nplatform: [linux, macos, windows]\nlang: Python\ntags: [ssrf]\n"
  },
  {
    "path": "weapons/GraphQLmap.yaml",
    "content": "---\nname: GraphQLmap\ndescription: GraphQLmap is a scripting engine to interact with a graphql endpoint\n  for pentesting purposes.\nurl: https://github.com/swisskyrepo/GraphQLmap\ncategory: tool\ntype: Fuzzer\nplatform: [linux, macos, windows]\nlang: Python\ntags: [graphql]\n"
  },
  {
    "path": "weapons/HRS.yaml",
    "content": "---\nname: HRS\ndescription: HTTP Request Smuggling demonstration Perl script, for variants 1, 2 and\n  5 in my BlackHat US 2020 paper HTTP Request Smuggling in 2020.\nurl: https://github.com/SafeBreach-Labs/HRS\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Perl\ntags: []\n"
  },
  {
    "path": "weapons/HTTPSignatures.yaml",
    "content": "---\nname: HTTPSignatures\ndescription: A Burp Suite extension implementing the Signing HTTP Messages draft-ietf-httpbis-message-signatures-01\n  draft.\nurl: https://github.com/nccgroup/HTTPSignatures\ncategory: tool-addon\ntype: Utils\nplatform: [linux, macos, windows, burpsuite]\nlang: Java\ntags: []\n"
  },
  {
    "path": "weapons/HUNT.yaml",
    "content": "---\nname: HUNT\ndescription: Identifies common parameters vulnerable to certain vulnerability classes\nurl: https://github.com/bugcrowd/HUNT\ncategory: tool-addon\ntype: Recon\nplatform: [linux, macos, windows, zap, burpsuite]\nlang: Kotlin\ntags: [param]\n"
  },
  {
    "path": "weapons/Hack-Tools.yaml",
    "content": "---\nname: Hack-Tools\ndescription: The all-in-one Red Team extension for Web Pentester 🛠\nurl: https://github.com/LasCC/Hack-Tools\ncategory: browser-addon\ntype: Utils\nplatform: [linux, macos, windows, firefox, chrome, safari]\nlang: TypeScript\ntags: []\n"
  },
  {
    "path": "weapons/HostHunter.yaml",
    "content": "---\nname: HostHunter\ndescription: Recon tool for discovering hostnames using OSINT techniques.\nurl: https://github.com/SpiderLabs/HostHunter\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Python\ntags: [osint]\n"
  },
  {
    "path": "weapons/Hunt3r.yaml",
    "content": "---\nname: Hunt3r\ndescription: Made your bugbounty subdomains reconnaissance easier with Hunt3r the\n  web application reconnaissance framework\nurl: https://github.com/EasyRecon/Hunt3r\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Ruby\ntags: []\n"
  },
  {
    "path": "weapons/HydraRecon.yaml",
    "content": "---\nname: HydraRecon\ndescription: All In One, Fast, Easy Recon Tool\nurl: https://github.com/aufzayed/HydraRecon\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Python\ntags: []\n"
  },
  {
    "path": "weapons/IntruderPayloads.yaml",
    "content": "---\nname: IntruderPayloads\ndescription:\nurl: https://github.com/1N3/IntruderPayloads\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows, burpsuite]\nlang: BlitzBasic\ntags: []\n"
  },
  {
    "path": "weapons/JSFScan.sh.yaml",
    "content": "---\nname: JSFScan.sh\ndescription: 'Automation for javascript recon in bug bounty. '\nurl: https://github.com/KathanP19/JSFScan.sh\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Shell\ntags: [js-analysis]\n"
  },
  {
    "path": "weapons/LFISuite.yaml",
    "content": "---\nname: LFISuite\ndescription: 'Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner '\nurl: https://github.com/D35m0nd142/LFISuite\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: []\n"
  },
  {
    "path": "weapons/LOXS.yaml",
    "content": "---\nname: LOXS\ndescription: best tool for finding SQLi,CRLF,XSS,LFi,OpenRedirect\nurl: https://github.com/coffinxp/loxs\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: [xss, sqli, crlf, lfi, open-redirect]\n"
  },
  {
    "path": "weapons/Lepus.yaml",
    "content": "---\nname: Lepus\ndescription: Subdomain finder\nurl: https://github.com/gfek/Lepus\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Python\ntags: [subdomains]\n"
  },
  {
    "path": "weapons/LinkFinder.yaml",
    "content": "---\nname: LinkFinder\ndescription: 'A python script that finds endpoints in JavaScript files '\nurl: https://github.com/GerbenJavado/LinkFinder\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Python\ntags: [js-analysis]\n"
  },
  {
    "path": "weapons/MM3_ProxySwitch.yaml",
    "content": "---\nname: MM3 ProxySwitch\ndescription: Proxy Switch in Firefox and Chrome\nurl: https://proxy-offline-browser.com/ProxySwitch/\ncategory: browser-addon\ntype: Utils\nplatform: [linux, macos, windows, firefox, chrome]\nlang: JavaScript\ntags: []\n"
  },
  {
    "path": "weapons/NoSQLMap.yaml",
    "content": "---\nname: NoSQLMap\ndescription: 'Automated NoSQL database enumeration and web application exploitation\n  tool. '\nurl: https://github.com/codingo/NoSQLMap\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: [nosqli]\n"
  },
  {
    "path": "weapons/NoXss.yaml",
    "content": "---\nname: NoXss\ndescription: Faster xss scanner,support reflected-xss and dom-xss\nurl: https://github.com/lwzSoviet/\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: [xss]\n"
  },
  {
    "path": "weapons/OneForAll.yaml",
    "content": "---\nname: OneForAll\ndescription: 'OneForAll是一款功能强大的子域收集工具 '\nurl: https://github.com/shmilylty/OneForAll\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Python\ntags: []\n"
  },
  {
    "path": "weapons/OpenRedireX.yaml",
    "content": "---\nname: OpenRedireX\ndescription: A Fuzzer for OpenRedirect issues\nurl: https://github.com/devanshbatham/OpenRedireX\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: []\n"
  },
  {
    "path": "weapons/Oralyzer.yaml",
    "content": "---\nname: Oralyzer\ndescription: Open Redirection Analyzer\nurl: https://github.com/r0075h3ll/Oralyzer\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: []\n"
  },
  {
    "path": "weapons/Osmedeus.yaml",
    "content": "---\nname: Osmedeus\ndescription: 'Fully automated offensive security framework for reconnaissance and\n  vulnerability scanning '\nurl: https://github.com/j3ssie/Osmedeus\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: []\n"
  },
  {
    "path": "weapons/PPScan.yaml",
    "content": "---\nname: PPScan\ndescription: Client Side Prototype Pollution Scanner\nurl: https://github.com/msrkp/PPScan\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: JavaScript\ntags: [prototypepollution, prototype-pollution]\n"
  },
  {
    "path": "weapons/ParamPamPam.yaml",
    "content": "---\nname: ParamPamPam\ndescription: This tool for brute discover GET and POST parameters.\nurl: https://github.com/Bo0oM/ParamPamPam\ncategory: tool\ntype: Fuzzer\nplatform: [linux, macos, windows]\nlang: Python\ntags: [param, cache-vuln]\n"
  },
  {
    "path": "weapons/ParamSpider.yaml",
    "content": "---\nname: ParamSpider\ndescription: 'Mining parameters from dark corners of Web Archives '\nurl: https://github.com/devanshbatham/ParamSpider\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Python\ntags: [param]\n"
  },
  {
    "path": "weapons/ParamWizard.yaml",
    "content": "---\nname: ParamWizard\ndescription: ParamWizard is a powerful Python-based tool designed for extracting and identifying URLs with parameters from a specified website.\nurl: https://github.com/iamunixtz/ParamWizard\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Python\ntags: [param]\n"
  },
  {
    "path": "weapons/Parth.yaml",
    "content": "---\nname: Parth\ndescription: 'Heuristic Vulnerable Parameter Scanner '\nurl: https://github.com/s0md3v/Parth\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Python\ntags: [param]\n"
  },
  {
    "path": "weapons/PayloadsAllTheThings.yaml",
    "content": "---\nname: PayloadsAllTheThings\ndescription: 'A list of useful payloads and bypass for Web Application Security and\n  Pentest/CTF '\nurl: https://github.com/swisskyrepo/PayloadsAllTheThings\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Python\ntags: []\n"
  },
  {
    "path": "weapons/Phoenix.yaml",
    "content": "---\nname: Phoenix\ndescription: hahwul's online tools\nurl: https://www.hahwul.com/phoenix/\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: JavaScript\ntags: [online]\n"
  },
  {
    "path": "weapons/Photon.yaml",
    "content": "---\nname: Photon\ndescription: 'Incredibly fast crawler designed for OSINT. '\nurl: https://github.com/s0md3v/Photon\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Python\ntags: [osint, crawl]\n"
  },
  {
    "path": "weapons/PoC-in-GitHub.yaml",
    "content": "---\nname: PoC-in-GitHub\ndescription: 📡 PoC auto collect from GitHub. Be careful  malware.\nurl: https://github.com/nomi-sec/PoC-in-GitHub\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang:\ntags: []\n"
  },
  {
    "path": "weapons/PwnFox.yaml",
    "content": "---\nname: PwnFox\ndescription: Firefox/Burp extension that provide usefull tools for your security audit.\nurl: https://github.com/yeswehack/PwnFox\ncategory: browser-addon\ntype: Utils\nplatform: [linux, macos, windows, firefox, burpsuite]\nlang: JavaScript\ntags: []\n"
  },
  {
    "path": "weapons/PwnXSS.yaml",
    "content": "---\nname: PwnXSS\ndescription: Vulnerability (XSS) scanner exploit\nurl: https://github.com/pwn0sec/PwnXSS\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: [xss]\n"
  },
  {
    "path": "weapons/REcollapse.yaml",
    "content": "---\nname: REcollapse\ndescription: REcollapse is a helper tool for black-box regex fuzzing to bypass validations\n  and discover normalizations in web applications\nurl: https://github.com/0xacb/recollapse\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Python\ntags: [fuzz]\n"
  },
  {
    "path": "weapons/Redcloud.yaml",
    "content": "---\nname: Redcloud\ndescription: Automated Red Team Infrastructure deployement using Docker\nurl: https://github.com/khast3x/Redcloud\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Python\ntags: [infra]\n"
  },
  {
    "path": "weapons/RustScan.yaml",
    "content": "---\nname: RustScan\ndescription: 'Faster Nmap Scanning with Rust '\nurl: https://github.com/brandonskerritt/RustScan\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Rust\ntags: [portscan]\n"
  },
  {
    "path": "weapons/S3Scanner.yaml",
    "content": "---\nname: S3Scanner\ndescription: 'Scan for open AWS S3 buckets and dump the contents '\nurl: https://github.com/sa7mon/S3Scanner\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: [s3]\n"
  },
  {
    "path": "weapons/S3cret Scanner.yaml",
    "content": "---\nname: S3cret Scanner\ndescription: Hunting For Secrets Uploaded To Public S3 Buckets\nurl: https://github.com/Eilonh/s3crets_scanner\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: [s3]\n"
  },
  {
    "path": "weapons/SQLNinja.yaml",
    "content": "---\nname: SQLNinja\ndescription: Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities.\nurl: https://gitlab.com/kalilinux/packages/sqlninja\ncategory: tool\ntype: Exploit\nplatform: [linux, macos]\nlang: Perl\ntags: [sqli]\n"
  },
  {
    "path": "weapons/SQLiDetector.yaml",
    "content": "---\nname: SQLiDetector\ndescription: Simple python script supported with BurpBouty profile that helps you to detect SQL injection \"Error based\" by sending multiple requests with 14 payloads and checking for 152 regex patterns for different databases.\nurl: https://github.com/eslam3kl/SQLiDetector\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: [sqli]\n"
  },
  {
    "path": "weapons/SSRFire.yaml",
    "content": "---\nname: SSRFire\ndescription: An automated SSRF finder. Just give the domain name and your server and\n  chill\nurl: https://github.com/ksharinarayanan/SSRFire\ncategory: tool\ntype: Fuzzer\nplatform: [linux, macos]\nlang: Shell\ntags: [ssrf]\n"
  },
  {
    "path": "weapons/SSRFmap.yaml",
    "content": "---\nname: SSRFmap\ndescription: 'Automatic SSRF fuzzer and exploitation tool '\nurl: https://github.com/swisskyrepo/SSRFmap\ncategory: tool\ntype: Fuzzer\nplatform: [linux, macos, windows]\nlang: Python\ntags: [ssrf]\n"
  },
  {
    "path": "weapons/SSTImap.yaml",
    "content": "---\nname: SSTImap\ndescription: Automatic SSTI detection tool with interactive interface\nurl: https://github.com/vladko312/SSTImap\ncategory: tool\ntype: Fuzzer\nplatform: [linux, macos, windows]\nlang: Python\ntags: [ssti]\n"
  },
  {
    "path": "weapons/STEWS.yaml",
    "content": "---\nname: STEWS\ndescription: A Security Tool for Enumerating WebSockets\nurl: https://github.com/PalindromeLabs/STEWS\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Python\ntags: []\n"
  },
  {
    "path": "weapons/SecLists.yaml",
    "content": "---\nname: SecLists\ndescription: SecLists is the security tester's companion. It's a collection of multiple\n  types of lists used during security assessments, collected in one place.\nurl: https://github.com/danielmiessler/SecLists\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Txt\ntags: [wordlist, documents]\n"
  },
  {
    "path": "weapons/SecretFinder.yaml",
    "content": "---\nname: SecretFinder\ndescription: 'SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..)\n  and search anything on javascript files '\nurl: https://github.com/m4ll0k/SecretFinder\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Python\ntags: []\n"
  },
  {
    "path": "weapons/SecurityTrails.yaml",
    "content": "---\nname: SecurityTrails\ndescription: ' Online dns / subdomain / recon tool'\nurl: https://securitytrails.com\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang:\ntags: [subdomains, online]\n"
  },
  {
    "path": "weapons/SequenceDiagram.yaml",
    "content": "---\nname: SequenceDiagram\ndescription: Online tool for creating UML sequence diagrams\nurl: https://sequencediagram.org\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang:\ntags: [online]\n"
  },
  {
    "path": "weapons/SerializationDumper.yaml",
    "content": "---\nname: SerializationDumper\ndescription: A tool to dump Java serialization streams in a more human readable form.\nurl: https://github.com/NickstaDB/SerializationDumper\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Java\ntags: [deserialize]\n"
  },
  {
    "path": "weapons/Shodan.yaml",
    "content": "---\nname: Shodan\ndescription: \" World's first search engine for Internet-connected devices\"\nurl: https://www.shodan.io/\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang:\ntags: [osint]\n"
  },
  {
    "path": "weapons/Silver.yaml",
    "content": "---\nname: Silver\ndescription: 'Mass scan IPs for vulnerable services '\nurl: https://github.com/s0md3v/Silver\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Python\ntags: [port]\n"
  },
  {
    "path": "weapons/Sn1per.yaml",
    "content": "---\nname: Sn1per\ndescription: 'Automated pentest framework for offensive security experts '\nurl: https://github.com/1N3/Sn1per\ncategory: tool\ntype: Exploit\nplatform: [linux, macos, windows]\nlang: Shell\ntags: []\n"
  },
  {
    "path": "weapons/Stepper.yaml",
    "content": "---\nname: Stepper\ndescription:\nurl: https://github.com/CoreyD97/Stepper\ncategory: tool-addon\ntype: Utils\nplatform: [linux, macos, windows, burpsuite]\nlang: Java\ntags: []\n"
  },
  {
    "path": "weapons/Striker.yaml",
    "content": "---\nname: Striker\ndescription: 'Striker is an offensive information and vulnerability scanner. '\nurl: https://github.com/s0md3v/Striker\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: []\n"
  },
  {
    "path": "weapons/SubOver.yaml",
    "content": "---\nname: SubOver\ndescription: A Powerful Subdomain Takeover Tool\nurl: https://github.com/Ice3man543/SubOver\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [subdomains, takeover]\n"
  },
  {
    "path": "weapons/Sublist3r.yaml",
    "content": "---\nname: Sublist3r\ndescription: 'Fast subdomains enumeration tool for penetration testers '\nurl: https://github.com/aboul3la/Sublist3r\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Python\ntags: [subdomains]\n"
  },
  {
    "path": "weapons/Taipan.yaml",
    "content": "---\nname: Taipan\ndescription: Web application vulnerability scanner\nurl: https://github.com/enkomio/Taipan\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang:\ntags: []\n"
  },
  {
    "path": "weapons/TukTuk.yaml",
    "content": "---\nname: TukTuk\ndescription: 'Tool for catching and logging different types of requests. '\nurl: https://github.com/ArturSS7/TukTuk\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Go\ntags: [oast]\n"
  },
  {
    "path": "weapons/User-Agent_Switcher.yaml",
    "content": "---\nname: User-Agent Switcher\ndescription: quick and easy way to switch between user-agents.\nurl: https://addons.mozilla.org/ko/firefox/addon/user-agent-switcher-revived/\ncategory: browser-addon\ntype: Utils\nplatform: [linux, macos, windows, firefox]\nlang:\ntags: []\n"
  },
  {
    "path": "weapons/V3n0M-Scanner.yaml",
    "content": "---\nname: V3n0M-Scanner\ndescription: Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns\nurl: https://github.com/v3n0m-Scanner/V3n0M-Scanner\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: [sqli, xss, lfi, rfi]\n"
  },
  {
    "path": "weapons/VHostScan.yaml",
    "content": "---\nname: VHostScan\ndescription: 'A virtual host scanner that performs reverse lookups, can be used with\n  pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic\n  default pages. '\nurl: https://github.com/codingo/VHostScan\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: []\n"
  },
  {
    "path": "weapons/Wayback_Machine.yaml",
    "content": "---\nname: Wayback Machine\ndescription: History of website\nurl: https://apps.apple.com/us/app/wayback-machine/id1472432422\ncategory: browser-addon\ntype: Recon\nplatform: [linux, macos, windows, safari]\nlang:\ntags: []\n"
  },
  {
    "path": "weapons/Web-Cache-Vulnerability-Scanner.yaml",
    "content": "---\nname: Web-Cache-Vulnerability-Scanner\ndescription: Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for\n  web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).\nurl: https://github.com/Hackmanit/Web-Cache-Vulnerability-Scanner\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Go\ntags: [cache-vuln]\n"
  },
  {
    "path": "weapons/Web3 Decoder.yaml",
    "content": "---\nname: Web3 Decoder\ndescription: Burp Extension for Web3\nurl: https://github.com/nccgroup/web3-decoder\ncategory: tool-addon\ntype: Utils\nplatform: [linux, macos, windows, burpsuite]\nlang: Java\ntags: [web3]\n"
  },
  {
    "path": "weapons/XSRFProbe.yaml",
    "content": "---\nname: XSRFProbe\ndescription: The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.\nurl: https://github.com/0xInfection/XSRFProbe\ncategory: tool\ntype: Exploit\nplatform: [linux, macos, windows]\nlang: Python\ntags: []\n"
  },
  {
    "path": "weapons/XSS-Catcher.yaml",
    "content": "---\nname: XSS-Catcher\ndescription: Find blind XSS but why not gather data while you're at it.\nurl: https://github.com/daxAKAhackerman/XSS-Catcher\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Python\ntags: [xss, blind-xss]\n"
  },
  {
    "path": "weapons/XSStrike.yaml",
    "content": "---\nname: XSStrike\ndescription: 'Most advanced XSS scanner. '\nurl: https://github.com/s0md3v/XSStrike\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: [xss]\n"
  },
  {
    "path": "weapons/XSpear.yaml",
    "content": "---\nname: XSpear\ndescription: 'Powerfull XSS Scanning and Parameter analysis tool&gem '\nurl: https://github.com/hahwul/XSpear\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Ruby\ntags: [xss]\n"
  },
  {
    "path": "weapons/XXEinjector.yaml",
    "content": "---\nname: XXEinjector\ndescription: Tool for automatic exploitation of XXE vulnerability using direct and\n  different out of band methods.\nurl: https://github.com/enjoiz/XXEinjector\ncategory: tool\ntype: Exploit\nplatform: [linux, macos, windows]\nlang: Ruby\ntags: [xxe]\n"
  },
  {
    "path": "weapons/XXExploiter.yaml",
    "content": "---\nname: XXExploiter\ndescription: Tool to help exploit XXE vulnerabilities\nurl: https://github.com/luisfontes19/xxexploiter\ncategory: tool\ntype: Exploit\nplatform: [linux, macos, windows]\nlang: TypeScript\ntags: [xxe]\n"
  },
  {
    "path": "weapons/XssPy.yaml",
    "content": "---\nname: XssPy\ndescription: Web Application XSS Scanner\nurl: https://github.com/faizann24/\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: [xss]\n"
  },
  {
    "path": "weapons/ZipBomb.yaml",
    "content": "---\nname: ZipBomb\ndescription: A simple implementation of ZipBomb in Python\nurl: https://github.com/abdulfatir/ZipBomb\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Python\ntags: [zipbomb]\n"
  },
  {
    "path": "weapons/a2sv.yaml",
    "content": "---\nname: a2sv\ndescription: 'Auto Scanning to SSL Vulnerability '\nurl: https://github.com/hahwul/a2sv\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: [ssl]\n"
  },
  {
    "path": "weapons/altdns.yaml",
    "content": "---\nname: altdns\ndescription: 'Generates permutations, alterations and mutations of subdomains and\n  then resolves them '\nurl: https://github.com/infosec-au/altdns\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Python\ntags: [dns, subdomains]\n"
  },
  {
    "path": "weapons/alterx.yaml",
    "content": "---\nname: alterx\ndescription: Fast and customizable subdomain wordlist generator using DSL\nurl: https://github.com/projectdiscovery/alterx\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [subdomains, wordlist, permutation]\n"
  },
  {
    "path": "weapons/anew.yaml",
    "content": "---\nname: anew\ndescription: A tool for adding new lines to files, skipping duplicates\nurl: https://github.com/tomnomnom/anew\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Go\ntags: []\n"
  },
  {
    "path": "weapons/apkleaks.yaml",
    "content": "---\nname: apkleaks\ndescription: 'Scanning APK file for URIs, endpoints & secrets. '\nurl: https://github.com/dwisiswant0/apkleaks\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Python\ntags: [apk, url, endpoint]\n"
  },
  {
    "path": "weapons/aquatone.yaml",
    "content": "---\nname: aquatone\ndescription: 'A Tool for Domain Flyovers '\nurl: https://github.com/michenriksen/aquatone\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [domain]\n"
  },
  {
    "path": "weapons/arachni.yaml",
    "content": "---\nname: arachni\ndescription: 'Web Application Security Scanner Framework '\nurl: https://github.com/Arachni/arachni\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Ruby\ntags: []\n"
  },
  {
    "path": "weapons/argumentinjectionhammer.yaml",
    "content": "---\nname: argumentinjectionhammer\ndescription: A Burp Extension designed to identify argument injection vulnerabilities.\nurl: https://github.com/nccgroup/argumentinjectionhammer\ncategory: tool-addon\ntype: Utils\nplatform: [linux, macos, windows, burpsuite]\nlang: Python\ntags: []\n"
  },
  {
    "path": "weapons/asnmap.yaml",
    "content": "---\nname: asnmap\ndescription: Go CLI and Library for quickly mapping organization network ranges using ASN information\nurl: https://github.com/projectdiscovery/asnmap\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [asn, network-mapping]\n"
  },
  {
    "path": "weapons/assetfinder.yaml",
    "content": "---\nname: assetfinder\ndescription: 'Find domains and subdomains related to a given domain '\nurl: https://github.com/tomnomnom/assetfinder\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [subdomains]\n"
  },
  {
    "path": "weapons/attack-surface-detector-burp.yaml",
    "content": "---\nname: attack-surface-detector-burp\ndescription: The Attack Surface Detector uses static code analyses to identify web\n  app endpoints by parsing routes and identifying parameters\nurl: https://github.com/secdec/attack-surface-detector-burp\ncategory: tool-addon\ntype: Recon\nplatform: [linux, macos, windows, burpsuite]\nlang: Java\ntags: [endpoint, url, attack-surface]\n"
  },
  {
    "path": "weapons/attack-surface-detector-zap.yaml",
    "content": "---\nname: attack-surface-detector-zap\ndescription: The Attack Surface Detector uses static code analyses to identify web\n  app endpoints by parsing routes and identifying parameters\nurl: https://github.com/secdec/attack-surface-detector-zap\ncategory: tool-addon\ntype: Recon\nplatform: [linux, macos, windows, zap]\nlang: Java\ntags: [endpoint, url, attack-surface]\n"
  },
  {
    "path": "weapons/autochrome.yaml",
    "content": "---\nname: autochrome\ndescription: This tool downloads, installs, and configures a shiny new copy of Chromium.\nurl: https://github.com/nccgroup/autochrome\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: HTML\ntags: []\n"
  },
  {
    "path": "weapons/autopoisoner.yaml",
    "content": "---\nname: autopoisoner\ndescription: Web cache poisoning vulnerability scanner.\nurl: https://github.com/Th0h0/autopoisoner\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: [cache-vuln]\n"
  },
  {
    "path": "weapons/axiom.yaml",
    "content": "---\nname: axiom\ndescription: 'A dynamic infrastructure toolkit for red teamers and bug bounty hunters! '\nurl: https://github.com/pry0cc/axiom\ncategory: tool\ntype: Army-Knife\nplatform: [linux, macos, windows]\nlang: Shell\ntags: [infra]\n"
  },
  {
    "path": "weapons/bat.yaml",
    "content": "---\nname: bat\ndescription: A cat(1) clone with wings.\nurl: https://github.com/sharkdp/bat\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Rust\ntags: []\n"
  },
  {
    "path": "weapons/baudrillard-suite.yaml",
    "content": "---\nname: Baudrillard Suite\ndescription: Cross-platform security research toolkit with OSINT aggregation, memory\n  forensics, social engineering tools, steganography, and predictive threat modeling.\nurl: https://github.com/bad-antics/baudrillard-suite\ncategory: tool\ntype: Army-knife\nplatform: [linux, macos, windows]\nlang: Python\ntags: [osint, recon, forensics, social-engineering, steganography]\n"
  },
  {
    "path": "weapons/bbot.yaml",
    "content": "---\nname: bbot\ndescription: OSINT automation for hackers\nurl: https://github.com/blacklanternsecurity/bbot\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Python\ntags: [osint]\n"
  },
  {
    "path": "weapons/beef.yaml",
    "content": "---\nname: beef\ndescription: The Browser Exploitation Framework Project\nurl: https://github.com/beefproject/beef\ncategory: tool\ntype: Exploit\nplatform: [linux, macos, windows]\nlang: Ruby\ntags: [xss]\n"
  },
  {
    "path": "weapons/blackboxprotobuf.yaml",
    "content": "---\nname: blackboxprotobuf\ndescription: Blackbox protobuf is a Burp Suite extension for decoding and modifying\n  arbitrary protobuf messages without the protobuf type definition.\nurl: https://github.com/nccgroup/blackboxprotobuf\ncategory: tool-addon\ntype: Utils\nplatform: [linux, macos, windows, burpsuite]\nlang: Python\ntags: []\n"
  },
  {
    "path": "weapons/blistener.yaml",
    "content": "---\nname: blistener\ndescription: Blind-XSS listener with payloads\nurl: https://github.com/fyxme/blistener\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Go\ntags: [xss, blind-xss]\n"
  },
  {
    "path": "weapons/boast.yaml",
    "content": "---\nname: boast\ndescription: The BOAST Outpost for AppSec Testing (v0.1.0)\nurl: https://github.com/marcoagner/boast\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Go\ntags: [oast]\n"
  },
  {
    "path": "weapons/bountyplz.yaml",
    "content": "---\nname: bountyplz\ndescription: 'Automated security reporting from markdown templates (HackerOne and\n  Bugcrowd are currently the platforms supported) '\nurl: https://github.com/fransr/bountyplz\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Shell\ntags: [report]\n"
  },
  {
    "path": "weapons/bruteforce-lists.yaml",
    "content": "---\nname: bruteforce-lists\ndescription: Some files for bruteforcing certain things.\nurl: https://github.com/random-robbie/bruteforce-lists\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Txt\ntags: [wordlist, documents]\n"
  },
  {
    "path": "weapons/burl.yaml",
    "content": "---\nname: burl\ndescription: 'A Broken-URL Checker '\nurl: https://github.com/tomnomnom/burl\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Go\ntags: [url]\n"
  },
  {
    "path": "weapons/burp-exporter.yaml",
    "content": "---\nname: burp-exporter\ndescription:\nurl: https://github.com/artssec/burp-exporter\ncategory: tool-addon\ntype: Utils\nplatform: [linux, macos, windows, burpsuite]\nlang: Python\ntags: []\n"
  },
  {
    "path": "weapons/burp-piper.yaml",
    "content": "---\nname: burp-piper\ndescription:\nurl: https://github.com/silentsignal/burp-piper\ncategory: tool-addon\ntype: Utils\nplatform: [linux, macos, windows, burpsuite]\nlang: Kotlin\ntags: []\n"
  },
  {
    "path": "weapons/burp-retire-js.yaml",
    "content": "---\nname: burp-retire-js\ndescription:\nurl: https://github.com/h3xstream/burp-retire-js\ncategory: tool-addon\ntype: Recon\nplatform: [linux, macos, windows, burpsuite]\nlang: JavaScript\ntags: [js-analysis]\n"
  },
  {
    "path": "weapons/burp-send-to.yaml",
    "content": "---\nname: burp-send-to\ndescription:\nurl: https://github.com/bytebutcher/burp-send-to\ncategory: tool-addon\ntype: Utils\nplatform: [linux, macos, windows, burpsuite]\nlang: Java\ntags: []\n"
  },
  {
    "path": "weapons/c-jwt-cracker.yaml",
    "content": "---\nname: c-jwt-cracker\ndescription: 'JWT brute force cracker written in C '\nurl: https://github.com/brendan-rius/c-jwt-cracker\ncategory: tool\ntype: Fuzzer\nplatform: [linux, macos, windows]\nlang: C\ntags: [jwt]\n"
  },
  {
    "path": "weapons/caido.yaml",
    "content": "---\nname: Caido\ndescription: A lightweight web security auditing toolkit\nurl: https://caido.io\ncategory: tool\ntype: Proxy\nplatform: [linux, macos, windows, caido]\nlang: Rust\ntags: [mitmproxy]\n"
  },
  {
    "path": "weapons/caidope.yaml",
    "content": "---\nname: caidope\ndescription: caidope - caido plugin\nurl: https://github.com/skitttles-berry/caidope\ncategory: tool-addon\ntype: Utils\nplatform: [linux, macos, windows, caido]\nlang: TypeScript\ntags: []\n"
  },
  {
    "path": "weapons/can-i-take-over-xyz.yaml",
    "content": "---\nname: can-i-take-over-xyz\ndescription: '\"Can I take over XYZ?\" — a list of services and how to claim (sub)domains\n  with dangling DNS records.'\nurl: https://github.com/EdOverflow/can-i-take-over-xyz\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang:\ntags: []\n"
  },
  {
    "path": "weapons/cariddi.yaml",
    "content": "---\nname: cariddi\ndescription: Take a list of domains, crawl urls and scan for endpoints, secrets, api\n  keys, file extensions, tokens and more\nurl: https://github.com/edoardottt/cariddi\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [crawl]\n"
  },
  {
    "path": "weapons/cc.py.yaml",
    "content": "---\nname: cc.py\ndescription: 'Extracting URLs of a specific target based on the results of \"commoncrawl.org\" '\nurl: https://github.com/si9int/cc.py\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Python\ntags: [url]\n"
  },
  {
    "path": "weapons/cent.yaml",
    "content": "---\nname: cent\ndescription: Community edition nuclei templates, a simple tool that allows you to\n  organize all the Nuclei templates offered by the community in one place.\nurl: https://github.com/xm1k3/cent\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Go\ntags: [nuclei-templates]\n"
  },
  {
    "path": "weapons/cf-check.yaml",
    "content": "---\nname: cf-check\ndescription: 'Cloudflare Checker written in Go '\nurl: https://github.com/dwisiswant0/cf-check\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Go\ntags: []\n"
  },
  {
    "path": "weapons/chaos-client.yaml",
    "content": "---\nname: chaos-client\ndescription: 'Go client to communicate with Chaos DNS API. '\nurl: https://github.com/projectdiscovery/chaos-client\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: []\n"
  },
  {
    "path": "weapons/clairvoyance.yaml",
    "content": "---\nname: Clairvoyance\ndescription: Obtain GraphQL API schema even if the introspection is disabled\nurl: https://github.com/nikitastupin/clairvoyance\ncategory: tool\ntype: Fuzzer\nplatform: [linux, macos, windows]\nlang: Python\ntags: [graphql]\n"
  },
  {
    "path": "weapons/clear-cache.yaml",
    "content": "---\nname: clear-cache\ndescription: Add-on to clear browser cache with a single click or via the F9 key.\nurl: https://github.com/TenSoja/clear-cache\ncategory: browser-addon\ntype: Utils\nplatform: [linux, macos, windows, firefox, chrome]\nlang: JavaScript\ntags: []\n"
  },
  {
    "path": "weapons/cloud-audit.yaml",
    "content": "---\nname: cloud-audit\ndescription: Fast, opinionated AWS security scanner with Terraform remediation and attack chain detection\nurl: https://github.com/gebalamariusz/cloud-audit\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: [aws, cloud, security, terraform]\n"
  },
  {
    "path": "weapons/cloudlist.yaml",
    "content": "---\nname: cloudlist\ndescription: Cloudlist is a tool for listing Assets from multiple Cloud Providers\nurl: https://github.com/projectdiscovery/cloudlist\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [cloud, asset-discovery]\n"
  },
  {
    "path": "weapons/collaborator-everywhere.yaml",
    "content": "---\nname: collaborator-everywhere\ndescription:\nurl: https://github.com/PortSwigger/collaborator-everywhere\ncategory: tool-addon\ntype: Scanner\nplatform: [linux, macos, windows, burpsuite]\nlang: Java\ntags: [oast]\n"
  },
  {
    "path": "weapons/commix.yaml",
    "content": "---\nname: commix\ndescription: Automated All-in-One OS Command Injection Exploitation Tool.\nurl: https://github.com/commixproject/commix\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: [exploit]\n"
  },
  {
    "path": "weapons/community-scripts.yaml",
    "content": "---\nname: community-scripts\ndescription:\nurl: https://github.com/zaproxy/community-scripts\ncategory: tool-addon\ntype: Utils\nplatform: [linux, macos, windows, zap]\nlang: JavaScript\ntags: []\n"
  },
  {
    "path": "weapons/confused.yaml",
    "content": "---\nname: confused\ndescription: Tool to check for dependency confusion vulnerabilities in multiple package\n  management systems\nurl: https://github.com/visma-prodsec/confused\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Go\ntags: [dependency-confusion]\n"
  },
  {
    "path": "weapons/cookie-quick-manager.yaml",
    "content": "---\nname: cookie-quick-manager\ndescription: An addon to manage (view, search, create, edit, remove, backup, restore)\n  cookies on Firefox.\nurl: https://github.com/ysard/cookie-quick-manager\ncategory: browser-addon\ntype: Utils\nplatform: [linux, macos, windows, firefox]\nlang: JavaScript\ntags: [cookie]\n"
  },
  {
    "path": "weapons/corsair_scan.yaml",
    "content": "---\nname: corsair_scan\ndescription: Corsair_scan is a security tool to test Cross-Origin Resource Sharing\n  (CORS).\nurl: https://github.com/Santandersecurityresearch/corsair_scan\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: [cors]\n"
  },
  {
    "path": "weapons/crawlergo.yaml",
    "content": "---\nname: crawlergo\ndescription: A powerful browser crawler for web vulnerability scanners\nurl: https://github.com/Qianlitp/crawlergo\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [crawl]\n"
  },
  {
    "path": "weapons/crimson.yaml",
    "content": "---\nname: Crimson\ndescription: Web Application Security Testing automation.\nurl: https://github.com/Karmaz95/crimson\ncategory: tool\ntype: Env\nplatform: [linux, macos, windows]\nlang: Python\ntags: []\n"
  },
  {
    "path": "weapons/crlfuzz.yaml",
    "content": "---\nname: crlfuzz\ndescription: 'A fast tool to scan CRLF vulnerability written in Go '\nurl: https://github.com/dwisiswant0/crlfuzz\ncategory: tool\ntype: Fuzzer\nplatform: [linux, macos, windows]\nlang: Shell\ntags: [crlf]\n"
  },
  {
    "path": "weapons/csp-auditor.yaml",
    "content": "---\nname: csp-auditor\ndescription:\nurl: https://github.com/GoSecure/csp-auditor\ncategory: tool-addon\ntype: Scanner\nplatform: [linux, macos, windows, zap, burpsuite]\nlang: Java\ntags: [csp]\n"
  },
  {
    "path": "weapons/csprecon.yaml",
    "content": "---\nname: csprecon\ndescription: Discover new target domains using Content Security Policy\nurl: https://github.com/edoardottt/csprecon\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [csp]\n"
  },
  {
    "path": "weapons/curl.yaml",
    "content": "---\nname: curl\ndescription: A command line tool and library for transferring data with URL syntax,\n  supporting HTTP, HTTPS, FTP, FTPS, GOPHER, TFTP, SCP, SFTP, SMB, TELNET, DICT, LDAP,\n  LDAPS, MQTT, FILE, IMAP, SMTP, POP3, RTSP and RTMP. libcurl offers a myriad of powerful\n  features\nurl: https://github.com/curl/curl\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: C\ntags: []\n"
  },
  {
    "path": "weapons/dalfox.yaml",
    "content": "---\nname: dalfox\ndescription: 🌘🦊 Dalfox is a powerful open-source XSS scanner and utility focused on\n  automation.\nurl: https://github.com/hahwul/dalfox\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Go\ntags: [xss]\n"
  },
  {
    "path": "weapons/deadfinder.yaml",
    "content": "---\nname: DeadFinder\ndescription: Find dead-links (broken links)\nurl: https://github.com/hahwul/deadfinder\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Ruby\ntags: [broken-link]\n"
  },
  {
    "path": "weapons/deadlinks.yaml",
    "content": "---\nname: deadlinks\ndescription: Health checks for your documentation links.\nurl: https://github.com/butuzov/deadlinks\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: [broken-link]\n"
  },
  {
    "path": "weapons/deadsniper.yaml",
    "content": "---\nname: Deadsniper\ndescription: A fast, specialized dead-link checker\nurl: https://github.com/port19x/deadsniper\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Go\ntags: [broken-link]\n"
  },
  {
    "path": "weapons/dependency-confusion-scanner.yaml",
    "content": "---\nname: dependency-confusion-scanner\ndescription: This small repo is meant to scan Github's repositories for potential Dependency confusion vulnerabilities.\nurl: https://github.com/Yaniv-git/dependency-confusion-scanner\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: [dependency-confusion]\n"
  },
  {
    "path": "weapons/depenfusion.yaml",
    "content": "---\nname: depenfusion\ndescription: A powerful pentesting tool for detecting and exploiting dependency confusion vulnerabilities in Node.js projects\nurl: https://github.com/benjamin-mauss/depenfusion\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: [dependency-confusion]\n"
  },
  {
    "path": "weapons/difftastic.yaml",
    "content": "---\nname: difftastic\ndescription: a structural diff that understands syntax\nurl: https://github.com/Wilfred/difftastic\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Rust\ntags: [diff]\n"
  },
  {
    "path": "weapons/dirsearch.yaml",
    "content": "---\nname: dirsearch\ndescription: 'Web path scanner '\nurl: https://github.com/maurosoria/dirsearch\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Python\ntags: []\n"
  },
  {
    "path": "weapons/ditto.yaml",
    "content": "---\nname: ditto\ndescription: A tool for IDN homograph attacks and detection.\nurl: https://github.com/evilsocket/ditto\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Go\ntags: []\n"
  },
  {
    "path": "weapons/dmut.yaml",
    "content": "---\nname: dmut\ndescription: A tool to perform permutations, mutations and alteration of subdomains\n  in golang.\nurl: https://github.com/bp0lr/dmut\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [subdomains]\n"
  },
  {
    "path": "weapons/dnsobserver.yaml",
    "content": "---\nname: dnsobserver\ndescription: \"A handy DNS service written in Go to aid in the detection of several\\\n  \\ types of blind vulnerabilities. It monitors a pentester's server for out-of-band\\\n  \\ DNS interactions and sends lookup notifications via Slack. \"\nurl: https://github.com/allyomalley/dnsobserver\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Go\ntags: [oast, dns]\n"
  },
  {
    "path": "weapons/dnsprobe.yaml",
    "content": "---\nname: dnsprobe\ndescription: 'DNSProb (beta) is a tool built on top of retryabledns that allows you\n  to perform multiple dns queries of your choice with a list of user supplied resolvers. '\nurl: https://github.com/projectdiscovery/dnsprobe\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [dns]\n"
  },
  {
    "path": "weapons/dnsvalidator.yaml",
    "content": "---\nname: dnsvalidator\ndescription: Maintains a list of IPv4 DNS servers by verifying them against baseline\n  servers, and ensuring accurate responses.\nurl: https://github.com/vortexau/dnsvalidator\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Python\ntags: [dns]\n"
  },
  {
    "path": "weapons/dnsx.yaml",
    "content": "---\nname: dnsx\ndescription: dnsx is a fast and multi-purpose DNS toolkit allow to run multiple DNS\n  queries of your choice with a list of user-supplied resolvers.\nurl: https://github.com/projectdiscovery/dnsx\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [dns]\n"
  },
  {
    "path": "weapons/docem.yaml",
    "content": "---\nname: docem\ndescription: Uility to embed XXE and XSS payloads in docx,odt,pptx,etc (OXML_XEE on\n  steroids)\nurl: https://github.com/whitel1st/docem\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Python\ntags: [xxe, xss]\n"
  },
  {
    "path": "weapons/domdig.yaml",
    "content": "---\nname: domdig\ndescription: 'DOM XSS scanner for Single Page Applications '\nurl: https://github.com/fcavallarin/domdig\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: JavaScript\ntags: [xss]\n"
  },
  {
    "path": "weapons/domloggerpp.yaml",
    "content": "---\nname: DOMLogger++\ndescription: A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.\nurl: https://github.com/kevin-mizu/domloggerpp\ncategory: browser-addon\ntype: Utils\nplatform: [linux, macos, windows, firefox, chrome]\nlang: JavaScript\ntags: [dom, xss]\n"
  },
  {
    "path": "weapons/dontgo403.yaml",
    "content": "---\nname: dontgo403\ndescription: Tool to bypass 40X response codes.\nurl: https://github.com/devploit/dontgo403\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Go\ntags: [403]\n"
  },
  {
    "path": "weapons/dotdotpwn.yaml",
    "content": "---\nname: dotdotpwn\ndescription: 'DotDotPwn - The Directory Traversal Fuzzer '\nurl: https://github.com/wireghoul/dotdotpwn\ncategory: tool\ntype: Fuzzer\nplatform: [linux, macos, windows]\nlang: Perl\ntags: [path-traversal]\n"
  },
  {
    "path": "weapons/dsieve.yaml",
    "content": "---\nname: dsieve\ndescription: Filter and enrich a list of subdomains by level\nurl: https://github.com/trickest/dsieve\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Go\ntags: [subdomains]\n"
  },
  {
    "path": "weapons/eoyc.yaml",
    "content": "---\nname: eoyc\ndescription: Encoding Only Your Choices\nurl: https://github.com/hahwul/eoyc\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Crystal\ntags: [encode]\n"
  },
  {
    "path": "weapons/eval_villain.yaml",
    "content": "---\nname: eval_villain\ndescription: A Firefox Web Extension to improve the discovery of DOM XSS.\nurl: https://github.com/swoops/eval_villain\ncategory: browser-addon\ntype: Utils\nplatform: [linux, macos, windows, firefox, zap]\nlang: JavaScript\ntags: [xss]\n"
  },
  {
    "path": "weapons/evil-proxy.yaml",
    "content": "---\nname: EvilProxy\ndescription: A ruby http/https proxy to do EVIL things.\nurl: https://github.com/bbtfr/evil-proxy\ncategory: tool\ntype: Proxy\nplatform: [linux, macos, windows]\nlang: Ruby\ntags: [mitmproxy]\n"
  },
  {
    "path": "weapons/ezXSS.yaml",
    "content": "---\nname: ezXSS\ndescription: 'ezXSS is an easy way for penetration testers and bug bounty hunters\n  to test (blind) Cross Site Scripting. '\nurl: https://github.com/ssl/ezXSS\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: PHP\ntags: [xss, blind-xss]\n"
  },
  {
    "path": "weapons/favirecon.yaml",
    "content": "---\nname: favirecon\ndescription: Use favicon.ico to improve your target recon phase. Quickly detect technologies, WAF, exposed panels, known services.\nurl: https://github.com/edoardottt/favirecon\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [favicon]\n"
  },
  {
    "path": "weapons/femida.yaml",
    "content": "---\nname: femida\ndescription:\nurl: https://github.com/wish-i-was/femida\ncategory: tool-addon\ntype: Utils\nplatform: [linux, macos, windows, burpsuite]\nlang: Python\ntags: []\n"
  },
  {
    "path": "weapons/feroxbuster.yaml",
    "content": "---\nname: feroxbuster\ndescription: A fast, simple, recursive content discovery tool written in Rust.\nurl: https://github.com/epi052/feroxbuster\ncategory: tool\ntype: Fuzzer\nplatform: [linux, macos, windows]\nlang: Rust\ntags: []\n"
  },
  {
    "path": "weapons/fff.yaml",
    "content": "---\nname: fff\ndescription: The Fairly Fast Fetcher. Requests a bunch of URLs provided on stdin fairly\n  quickly.\nurl: https://github.com/tomnomnom/fff\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Go\ntags: [url]\n"
  },
  {
    "path": "weapons/ffuf.yaml",
    "content": "---\nname: ffuf\ndescription: 'Fast web fuzzer written in Go '\nurl: https://github.com/ffuf/ffuf\ncategory: tool\ntype: Fuzzer\nplatform: [linux, macos, windows]\nlang: Go\ntags: []\n"
  },
  {
    "path": "weapons/fhc.yaml",
    "content": "---\nname: fhc\ndescription: Fast HTTP Checker.\nurl: https://github.com/Edu4rdSHL/fhc\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Rust\ntags: []\n"
  },
  {
    "path": "weapons/findom-xss.yaml",
    "content": "---\nname: findom-xss\ndescription: 'A fast DOM based XSS vulnerability scanner with simplicity. '\nurl: https://github.com/dwisiswant0/findom-xss\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Shell\ntags: [xss]\n"
  },
  {
    "path": "weapons/findomain.yaml",
    "content": "---\nname: findomain\ndescription: 'The fastest and cross-platform subdomain enumerator, do not waste your\n  time. '\nurl: https://github.com/Edu4rdSHL/findomain\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Rust\ntags: [subdomains]\n"
  },
  {
    "path": "weapons/firefox-container-proxy.yaml",
    "content": "---\nname: firefox-container-proxy\ndescription: Assign a proxy to a Firefox container\nurl: https://github.com/bekh6ex/firefox-container-proxy\ncategory: browser-addon\ntype: Utils\nplatform: [linux, macos, windows, firefox]\nlang: JavaScript\ntags: []\n"
  },
  {
    "path": "weapons/fuzzparam.yaml",
    "content": "---\nname: fuzzparam\ndescription: A fast go based param miner to fuzz possible parameters a URL can have.\nurl: https://github.com/0xsapra/fuzzparam\ncategory: tool\ntype: Fuzzer\nplatform: [linux, macos, windows]\nlang: Go\ntags: [param]\n"
  },
  {
    "path": "weapons/fzf.yaml",
    "content": "---\nname: fzf\ndescription: A command-line fuzzy finder\nurl: https://github.com/junegunn/fzf\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Go\ntags: []\n"
  },
  {
    "path": "weapons/gRPC-Pentest-Suite.yaml",
    "content": "---\nname: gRPC-Web Pentest Suite\ndescription: gRPC-Pentest-Suite is set of tools for pentesting / hacking gRPC Web (gRPC-Web) applications.\nurl: https://github.com/nxenon/grpc-pentest-suite\ncategory: tool-addon\ntype: Utils\nplatform: [burpsuite, linux, macos, windows]\nlang: Python\ntags: [gRPC-Web]\n"
  },
  {
    "path": "weapons/gau.yaml",
    "content": "---\nname: gau\ndescription: Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback\n  Machine, and Common Crawl.\nurl: https://github.com/lc/gau\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [url]\n"
  },
  {
    "path": "weapons/gauplus.yaml",
    "content": "---\nname: gauplus\ndescription: A modified version of gau for personal usage. Support workers, proxies\n  and some extra things.\nurl: https://github.com/bp0lr/gauplus\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [url]\n"
  },
  {
    "path": "weapons/gee.yaml",
    "content": "---\nname: gee\ndescription: 🏵 Gee is tool of stdin to each files and stdout. It is similar to the\n  tee command, but there are more functions for convenience. In addition, it was written\n  as go\nurl: https://github.com/hahwul/gee\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Go\ntags: []\n"
  },
  {
    "path": "weapons/getJS.yaml",
    "content": "---\nname: getJS\ndescription: A tool to fastly get all javascript sources/files\nurl: https://github.com/003random/getJS\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [js-analysis]\n"
  },
  {
    "path": "weapons/gf.yaml",
    "content": "---\nname: gf\ndescription: 'A wrapper around grep, to help you grep for things '\nurl: https://github.com/tomnomnom/gf\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Go\ntags: []\n"
  },
  {
    "path": "weapons/ghauri.yaml",
    "content": "---\nname: ghauri\ndescription: An advanced cross-platform tool that automates the process of detecting\n  and exploiting SQL injection security flaws\nurl: https://github.com/r0oth3x49/ghauri\ncategory: tool\ntype: Exploit\nplatform: [linux, macos, windows]\nlang: Python\ntags: [sqli]\n"
  },
  {
    "path": "weapons/gitGraber.yaml",
    "content": "---\nname: gitGraber\ndescription: 'gitGraber '\nurl: https://github.com/hisxo/gitGraber\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: []\n"
  },
  {
    "path": "weapons/github-endpoints.yaml",
    "content": "---\nname: github-endpoints\ndescription: Find endpoints on GitHub.\nurl: https://github.com/gwen001/github-endpoints\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: []\n"
  },
  {
    "path": "weapons/github-regexp.yaml",
    "content": "---\nname: github-regexp\ndescription: Basically a regexp over a GitHub search.\nurl: https://github.com/gwen001/github-regexp\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Go\ntags: []\n"
  },
  {
    "path": "weapons/github-search.yaml",
    "content": "---\nname: github-search\ndescription: 'Tools to perform basic search on GitHub. '\nurl: https://github.com/gwen001/github-search\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: JavaScript\ntags: []\n"
  },
  {
    "path": "weapons/github-subdomains.yaml",
    "content": "---\nname: github-subdomains\ndescription: Find subdomains on GitHub\nurl: https://github.com/gwen001/github-subdomains\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [subdomains]\n"
  },
  {
    "path": "weapons/gitleaks.yaml",
    "content": "---\nname: gitleaks\ndescription: Scan git repos (or files) for secrets using regex and entropy 🔑\nurl: https://github.com/zricethezav/gitleaks\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Go\ntags: []\n"
  },
  {
    "path": "weapons/gitls.yaml",
    "content": "---\nname: gitls\ndescription: Listing git repository from URL/User/Org\nurl: https://github.com/hahwul/gitls\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Go\ntags: []\n"
  },
  {
    "path": "weapons/gitrob.yaml",
    "content": "---\nname: gitrob\ndescription: 'Reconnaissance tool for GitHub organizations '\nurl: https://github.com/michenriksen/gitrob\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: []\n"
  },
  {
    "path": "weapons/go-dork.yaml",
    "content": "---\nname: go-dork\ndescription: 'The fastest dork scanner written in Go. '\nurl: https://github.com/dwisiswant0/go-dork\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: []\n"
  },
  {
    "path": "weapons/gobuster.yaml",
    "content": "---\nname: gobuster\ndescription: 'Directory/File, DNS and VHost busting tool written in Go '\nurl: https://github.com/OJ/gobuster\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [subdomains]\n"
  },
  {
    "path": "weapons/godeclutter.yaml",
    "content": "---\nname: godeclutter\ndescription: Declutters URLs in a fast and flexible way, for improving input for web\n  hacking automations such as crawlers and vulnerability scans.\nurl: https://github.com/c3l3si4n/godeclutter\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Go\ntags: [url]\n"
  },
  {
    "path": "weapons/gospider.yaml",
    "content": "---\nname: gospider\ndescription: 'Gospider - Fast web spider written in Go '\nurl: https://github.com/jaeles-project/gospider\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [crawl]\n"
  },
  {
    "path": "weapons/gotator.yaml",
    "content": "---\nname: gotator\ndescription: Gotator is a tool to generate DNS wordlists through permutations.\nurl: https://github.com/Josue87/gotator\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Go\ntags: []\n"
  },
  {
    "path": "weapons/gotestwaf.yaml",
    "content": "---\nname: gotestwaf\ndescription: An open-source project in Golang to test different web application firewalls\n  (WAF) for detection logic and bypasses\nurl: https://github.com/wallarm/gotestwaf\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Go\ntags: []\n"
  },
  {
    "path": "weapons/goverview.yaml",
    "content": "---\nname: goverview\ndescription: goverview - Get an overview of the list of URLs\nurl: https://github.com/j3ssie/goverview\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [url]\n"
  },
  {
    "path": "weapons/gowitness.yaml",
    "content": "---\nname: gowitness\ndescription: '🔍 gowitness - a golang, web screenshot utility using Chrome Headless '\nurl: https://github.com/sensepost/gowitness\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: []\n"
  },
  {
    "path": "weapons/graphql-voyager.yaml",
    "content": "---\nname: graphql-voyager\ndescription: '🛰️ Represent any GraphQL API as an interactive graph '\nurl: https://github.com/APIs-guru/graphql-voyager\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: TypeScript\ntags: [graphql]\n"
  },
  {
    "path": "weapons/graphw00f.yaml",
    "content": "---\nname: graphw00f\ndescription: GraphQL Server Engine Fingerprinting utility\nurl: https://github.com/dolevf/graphw00f\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Python\ntags: [graphql]\n"
  },
  {
    "path": "weapons/grc.yaml",
    "content": "---\nname: grc\ndescription: generic colouriser\nurl: https://github.com/garabik/grc\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Python\ntags: []\n"
  },
  {
    "path": "weapons/grex.yaml",
    "content": "---\nname: grex\ndescription: A command-line tool and library for generating regular expressions from\n  user-provided test cases\nurl: https://github.com/pemistahl/grex\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Rust\ntags: []\n"
  },
  {
    "path": "weapons/gron.yaml",
    "content": "---\nname: gron\ndescription: Make JSON greppable!\nurl: https://github.com/tomnomnom/gron\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Go\ntags: [json]\n"
  },
  {
    "path": "weapons/gxss.yaml",
    "content": "---\nname: gxss\ndescription: Blind XSS service alerting over slack or email\nurl: https://github.com/rverton/gxss\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Go\ntags: [xss, blind-xss]\n"
  },
  {
    "path": "weapons/h2csmuggler.yaml",
    "content": "---\nname: h2csmuggler\ndescription: HTTP Request Smuggling Detection Tool\nurl: https://github.com/assetnote/h2csmuggler\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Go\ntags: [smuggle]\n"
  },
  {
    "path": "weapons/h2spacex.yaml",
    "content": "---\nname: h2spacex\ndescription: HTTP/2 Single Packet Attack low level library based on Scapy\nurl: https://github.com/nxenon/h2spacex\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Python\ntags: [race-condition]\n"
  },
  {
    "path": "weapons/hacks.yaml",
    "content": "---\nname: hacks\ndescription: 'A collection of hacks and one-off scripts '\nurl: https://github.com/tomnomnom/hacks\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Go\ntags: []\n"
  },
  {
    "path": "weapons/hakcheckurl.yaml",
    "content": "---\nname: hakcheckurl\ndescription: Takes a list of URLs and returns their HTTP response codes\nurl: https://github.com/hakluke/hakcheckurl\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Go\ntags: []\n"
  },
  {
    "path": "weapons/hakrawler.yaml",
    "content": "---\nname: hakrawler\ndescription: 'Simple, fast web crawler designed for easy, quick discovery of endpoints\n  and assets within a web application '\nurl: https://github.com/hakluke/hakrawler\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [crawl]\n"
  },
  {
    "path": "weapons/hakrevdns.yaml",
    "content": "---\nname: hakrevdns\ndescription: 'Small, fast tool for performing reverse DNS lookups en masse. '\nurl: https://github.com/hakluke/hakrevdns\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: []\n"
  },
  {
    "path": "weapons/haktrails.yaml",
    "content": "---\nname: haktrails\ndescription: Golang client for querying SecurityTrails API data\nurl: https://github.com/hakluke/haktrails\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: []\n"
  },
  {
    "path": "weapons/hashcat.yaml",
    "content": "---\nname: hashcat\ndescription: \"World's fastest and most advanced password recovery utility \"\nurl: https://github.com/hashcat/hashcat/\ncategory: tool\ntype: Fuzzer\nplatform: [linux, macos, windows]\nlang: C\ntags: []\n"
  },
  {
    "path": "weapons/hbxss.yaml",
    "content": "---\nname: hbxss\ndescription: Security test tool for Blind XSS\nurl: https://github.com/hahwul/hbxss\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Ruby\ntags: [xss, blind-xss]\n"
  },
  {
    "path": "weapons/headerpwn.yaml",
    "content": "---\nname: headerpwn\ndescription: A fuzzer for finding anomalies and analyzing how servers respond to different HTTP headers\nurl: https://github.com/devanshbatham/headerpwn\ncategory: tool\ntype: Fuzzer\nplatform: [linux, macos, windows]\nlang: Go\ntags: [header]\n"
  },
  {
    "path": "weapons/headi.yaml",
    "content": "---\nname: headi\ndescription: Customisable  and automated HTTP header injection\nurl: https://github.com/mlcsec/headi\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Go\ntags: [header]\n"
  },
  {
    "path": "weapons/hetty.yaml",
    "content": "---\nname: hetty\ndescription: Hetty is an HTTP toolkit for security research. It aims to become an\n  open source alternative to commercial software like Burp Suite Pro, with powerful\n  features tailored to the needs of the infosec and bug bounty community.\nurl: https://github.com/dstotijn/hetty\ncategory: tool\ntype: Proxy\nplatform: [linux, macos, windows]\nlang: Go\ntags: [mitmproxy]\n"
  },
  {
    "path": "weapons/hinject.yaml",
    "content": "---\nname: hinject\ndescription: 'Host Header Injection Checker '\nurl: https://github.com/dwisiswant0/hinject\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Go\ntags: [header]\n"
  },
  {
    "path": "weapons/hoppscotch.yaml",
    "content": "---\nname: hoppscotch\ndescription: Open source API development ecosystem\nurl: https://github.com/hoppscotch/hoppscotch\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: TypeScript\ntags: [http]\n"
  },
  {
    "path": "weapons/htcat.yaml",
    "content": "---\nname: htcat\ndescription: 'Parallel and Pipelined HTTP GET Utility '\nurl: https://github.com/htcat/htcat\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: []\n"
  },
  {
    "path": "weapons/http-request-smuggler.yaml",
    "content": "---\nname: http-request-smuggler\ndescription:\nurl: https://github.com/PortSwigger/http-request-smuggler\ncategory: tool-addon\ntype: Scanner\nplatform: [linux, macos, windows, burpsuite]\nlang: Java\ntags: [smuggle]\n"
  },
  {
    "path": "weapons/http-request-smuggling.yaml",
    "content": "---\nname: http-request-smuggling\ndescription: HTTP Request Smuggling Detection Tool\nurl: https://github.com/anshumanpattnaik/http-request-smuggling\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: []\n"
  },
  {
    "path": "weapons/http-script-generator.yaml",
    "content": "---\nname: http-script-generator\ndescription:\nurl: https://github.com/h3xstream/http-script-generator\ncategory: tool-addon\ntype: Utils\nplatform: [linux, macos, windows, zap, burpsuite]\nlang: Java\ntags: []\n"
  },
  {
    "path": "weapons/http2smugl.yaml",
    "content": "---\nname: http2smugl\ndescription: This tool helps to detect and exploit HTTP request smuggling in cases\n  it can be achieved via HTTP/2 -> HTTP/1.1 conversion by the frontend server.\nurl: https://github.com/neex/http2smugl\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Go\ntags: []\n"
  },
  {
    "path": "weapons/httpie.yaml",
    "content": "---\nname: httpie\ndescription: modern, user-friendly command-line HTTP client for the API era\nurl: https://github.com/httpie/httpie\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Python\ntags: [http]\n"
  },
  {
    "path": "weapons/httprobe.yaml",
    "content": "---\nname: httprobe\ndescription: 'Take a list of domains and probe for working HTTP and HTTPS servers '\nurl: https://github.com/tomnomnom/httprobe\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Go\ntags: []\n"
  },
  {
    "path": "weapons/httptoolkit.yaml",
    "content": "---\nname: httptoolkit\ndescription: HTTP Toolkit is a beautiful & open-source tool for debugging, testing\n  and building with HTTP(S) on Windows, Linux & Mac\nurl: https://github.com/httptoolkit/httptoolkit\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang:\ntags: []\n"
  },
  {
    "path": "weapons/httpx.yaml",
    "content": "---\nname: httpx\ndescription: 'httpx is a fast and multi-purpose HTTP toolkit allow to run multiple\n  probers using retryablehttp library, it is designed to maintain the result reliability\n  with increased threads. '\nurl: https://github.com/projectdiscovery/httpx\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [url]\n"
  },
  {
    "path": "weapons/hurl.yaml",
    "content": "---\nname: hurl\ndescription: Hurl, run and test HTTP requests.\nurl: https://github.com/Orange-OpenSource/hurl\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Rust\ntags: []\n"
  },
  {
    "path": "weapons/inql.yaml",
    "content": "---\nname: inql\ndescription:\nurl: https://github.com/doyensec/inql\ncategory: tool-addon\ntype: Utils\nplatform: [linux, macos, windows, burpsuite]\nlang: Python\ntags: []\n"
  },
  {
    "path": "weapons/interactsh.yaml",
    "content": "---\nname: interactsh\ndescription: An OOB interaction gathering server and client library\nurl: https://github.com/projectdiscovery/interactsh\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Go\ntags: [oast]\n"
  },
  {
    "path": "weapons/intrigue-core.yaml",
    "content": "---\nname: intrigue-core\ndescription: 'Discover Your Attack Surface '\nurl: https://github.com/intrigueio/intrigue-core\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Ruby\ntags: []\n"
  },
  {
    "path": "weapons/jaeles.yaml",
    "content": "---\nname: jaeles\ndescription: 'The Swiss Army knife for automated Web Application Testing '\nurl: https://github.com/jaeles-project/jaeles\ncategory: tool\ntype: Army-Knife\nplatform: [linux, macos, windows]\nlang: Go\ntags: [live-audit]\n"
  },
  {
    "path": "weapons/jsfuck.yaml",
    "content": "---\nname: jsfuck\ndescription: Write any JavaScript with 6 Characters\nurl: https://github.com/aemkei/jsfuck\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: JavaScript\ntags: [xss]\n"
  },
  {
    "path": "weapons/jsluice.yaml",
    "content": "---\nname: jsluice\ndescription: Extract URLs, paths, secrets, and other interesting bits from JavaScript\nurl: https://github.com/BishopFox/jsluice\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [js-analysis]\n"
  },
  {
    "path": "weapons/jsonwebtoken.github.io.yaml",
    "content": "---\nname: jsonwebtoken.github.io\ndescription: JWT En/Decode and Verify\nurl: https://github.com/jsonwebtoken/jsonwebtoken.github.io\ncategory: browser-addon\ntype: Utils\nplatform: [linux, macos, windows]\nlang: JavaScript\ntags: [jwt]\n"
  },
  {
    "path": "weapons/jsprime.yaml",
    "content": "---\nname: jsprime\ndescription: a javascript static security analysis tool\nurl: https://github.com/dpnishant/jsprime\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: JavaScript\ntags: [js-analysis]\n"
  },
  {
    "path": "weapons/jwt-cracker.yaml",
    "content": "---\nname: jwt-cracker\ndescription: 'Simple HS256 JWT token brute force cracker '\nurl: https://github.com/lmammino/jwt-cracker\ncategory: tool\ntype: Fuzzer\nplatform: [linux, macos, windows]\nlang: JavaScript\ntags: [jwt]\n"
  },
  {
    "path": "weapons/jwt-hack.yaml",
    "content": "---\nname: jwt-hack\ndescription: 🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for\n  En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)\nurl: https://github.com/hahwul/jwt-hack\ncategory: tool\ntype: Fuzzer\nplatform: [linux, macos, windows]\nlang: Go\ntags: [jwt]\n"
  },
  {
    "path": "weapons/jwt_tool.yaml",
    "content": "---\nname: jwt_tool\ndescription: A toolkit for testing, tweaking and cracking JSON Web Tokens\nurl: https://github.com/ticarpi/jwt_tool\ncategory: tool\ntype: Exploit\nplatform: [linux, macos, windows]\nlang: Python\ntags: [jwt, authentication]\n"
  },
  {
    "path": "weapons/katana.yaml",
    "content": "---\nname: katana\ndescription: A next-generation crawling and spidering framework.\nurl: https://github.com/projectdiscovery/katana\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [crawl]\n"
  },
  {
    "path": "weapons/kiterunner.yaml",
    "content": "---\nname: kiterunner\ndescription: Contextual Content Discovery Tool\nurl: https://github.com/assetnote/kiterunner\ncategory: tool\ntype: Fuzzer\nplatform: [linux, macos, windows]\nlang: Go\ntags: []\n"
  },
  {
    "path": "weapons/knife.yaml",
    "content": "---\nname: knife\ndescription: A burp extension that add some useful function to  Context Menu 添加一些右键菜单让burp用起来更顺畅\nurl: https://github.com/bit4woo/knife\ncategory: tool-addon\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Java\ntags: []\n"
  },
  {
    "path": "weapons/knock.yaml",
    "content": "---\nname: knock\ndescription: 'Knock Subdomain Scan '\nurl: https://github.com/guelfoweb/knock\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Python\ntags: [subdomains]\n"
  },
  {
    "path": "weapons/lazyrecon.yaml",
    "content": "---\nname: lazyrecon\ndescription: 'This script is intended to automate your reconnaissance process in an\n  organized fashion '\nurl: https://github.com/nahamsec/lazyrecon\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Shell\ntags: []\n"
  },
  {
    "path": "weapons/liffy.yaml",
    "content": "---\nname: Liffy\ndescription: Local file inclusion exploitation tool\nurl: https://github.com/mzfr/liffy\ncategory: tool\ntype: Exploit\nplatform: [linux, macos, windows]\nlang: Python\ntags: [lfi]\n"
  },
  {
    "path": "weapons/longtongue.yaml",
    "content": "---\nname: longtongue\ndescription: Customized Password/Passphrase List inputting Target Info\nurl: https://github.com/edoardottt/longtongue\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Python\ntags: []\n"
  },
  {
    "path": "weapons/mapcidr.yaml",
    "content": "---\nname: mapcidr\ndescription: Utility program to perform multiple operations for a given subnet/CIDR ranges\nurl: https://github.com/projectdiscovery/mapcidr\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Go\ntags: [cidr, network, ip-manipulation]\n"
  },
  {
    "path": "weapons/masscan.yaml",
    "content": "---\nname: masscan\ndescription: 'TCP port scanner, spews SYN packets asynchronously, scanning entire\n  Internet in under 5 minutes. '\nurl: https://github.com/robertdavidgraham/masscan\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: C\ntags: [portscan]\n"
  },
  {
    "path": "weapons/medusa.yaml",
    "content": "---\nname: medusa\ndescription: 'Fastest recursive HTTP fuzzer, like a Ferrari. '\nurl: https://github.com/riza/medusa\ncategory: tool\ntype: Fuzzer\nplatform: [linux, macos, windows]\nlang: Go\ntags: []\n"
  },
  {
    "path": "weapons/meg.yaml",
    "content": "---\nname: meg\ndescription: 'Fetch many paths for many hosts - without killing the hosts '\nurl: https://github.com/tomnomnom/meg\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: []\n"
  },
  {
    "path": "weapons/megplus.yaml",
    "content": "---\nname: megplus\ndescription: \"Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED] \"\nurl: https://github.com/EdOverflow/megplus\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Shell\ntags: []\n"
  },
  {
    "path": "weapons/metasploit.yaml",
    "content": "---\nname: Metasploit\ndescription: The world’s most used penetration testing framework\nurl: https://github.com/rapid7/metasploit-framework\ncategory: tool\ntype: Army-Knife\nplatform: [linux, macos, windows]\nlang: Ruby\ntags: [pentest]\n"
  },
  {
    "path": "weapons/missing-cve-nuclei-templates.yaml",
    "content": "---\nname: missing-cve-nuclei-templates\ndescription: Weekly updated list of missing CVEs in nuclei templates official repository\nurl: https://github.com/edoardottt/missing-cve-nuclei-templates\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Txt\ntags: [nuclei-templates]\n"
  },
  {
    "path": "weapons/mitmproxy.yaml",
    "content": "---\nname: mitmproxy\ndescription: An interactive TLS-capable intercepting HTTP proxy for penetration testers\n  and software developers.\nurl: https://github.com/mitmproxy/mitmproxy\ncategory: tool\ntype: Proxy\nplatform: [linux, macos, windows]\nlang: Python\ntags: [mitmproxy]\n"
  },
  {
    "path": "weapons/mubeng.yaml",
    "content": "---\nname: mubeng\ndescription: An incredibly fast proxy checker & IP rotator with ease.\nurl: https://github.com/kitabisa/mubeng\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Go\ntags:\n"
  },
  {
    "path": "weapons/naabu.yaml",
    "content": "---\nname: naabu\ndescription: 'A fast port scanner written in go with focus on reliability and simplicity.\n  Designed to be used in combination with other tools for attack surface discovery\n  in bug bounties and pentests '\nurl: https://github.com/projectdiscovery/naabu\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [portscan]\n"
  },
  {
    "path": "weapons/neonmarker.yaml",
    "content": "---\nname: Neonmarker\ndescription:\nurl: https://github.com/kingthorin/neonmarker\ncategory: tool-addon\ntype: utils\nplatform: [linux, macos, windows, zap]\nlang: Java\ntags: []\n"
  },
  {
    "path": "weapons/nikto.yaml",
    "content": "---\nname: nikto\ndescription: 'Nikto web server scanner '\nurl: https://github.com/sullo/nikto\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Perl\ntags: []\n"
  },
  {
    "path": "weapons/nmap.yaml",
    "content": "---\nname: nmap\ndescription: 'Nmap - the Network Mapper. Github mirror of official SVN repository. '\nurl: https://github.com/nmap/nmap\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: C\ntags: [portscan]\n"
  },
  {
    "path": "weapons/noir.yaml",
    "content": "---\nname: noir\ndescription: Attack surface detector that identifies endpoints by static analysis\nurl: https://github.com/noir-cr/noir\ncategory: tool\ntype: Recon\nplatform: [linux, macos]\nlang: Crystal\ntags: [endpoint, url, attack-surface]\n"
  },
  {
    "path": "weapons/nosqli.yaml",
    "content": "---\nname: nosqli\ndescription: NoSql Injection CLI tool\nurl: https://github.com/Charlie-belmer/nosqli\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Go\ntags: [nosqli]\n"
  },
  {
    "path": "weapons/notebook.yaml",
    "content": "---\nname: notebook\ndescription: Notebook Caido Plugin\nurl: https://github.com/caido-community/notebook\ncategory: tool-addon\ntype: Utils\nplatform: [linux, macos, windows, caido]\nlang: TypeScript\ntags: [note]\n"
  },
  {
    "path": "weapons/nuclei-templates.yaml",
    "content": "---\nname: nuclei-templates\ndescription: Community curated list of templates for the nuclei engine to find security\n  vulnerabilities.\nurl: https://github.com/projectdiscovery/nuclei-templates\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Go\ntags: [nuclei-templates]\n"
  },
  {
    "path": "weapons/nuclei-wordfence-cve.yaml",
    "content": "---\nname: nuclei-wordfence-cve\ndescription: Every single day new templates are added to this repo based on updates\n  on Wordfence.com\nurl: https://github.com/topscoder/nuclei-wordfence-cve\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Python\ntags: [nuclei-templates]\n"
  },
  {
    "path": "weapons/nuclei.yaml",
    "content": "---\nname: nuclei\ndescription: 'Nuclei is a fast tool for configurable targeted scanning based on templates\n  offering massive extensibility and ease of use. '\nurl: https://github.com/projectdiscovery/nuclei\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Go\ntags:\n"
  },
  {
    "path": "weapons/ob_hacky_slack.yaml",
    "content": "---\nname: ob_hacky_slack\ndescription: Hacky Slack - a bash script that sends beautiful messages to Slack\nurl: https://github.com/openbridge/ob_hacky_slack\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Shell\ntags: [notify]\n"
  },
  {
    "path": "weapons/of-CORS.yaml",
    "content": "---\nname: of-CORS\ndescription: Identifying and exploiting CORS misconfigurations on the internal networks\nurl: https://github.com/trufflesecurity/of-CORS\ncategory: tool\ntype: Exploit\nplatform: [linux, macos, windows]\nlang: Python\ntags: [cors]\n"
  },
  {
    "path": "weapons/osv-scanner.yaml",
    "content": "---\nname: osv-scanner\ndescription: Vulnerability scanner which uses the OSV database to find vulnerabilities in open source projects\nurl: https://github.com/google/osv-scanner\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Go\ntags: [vulnerability-scanner, dependency-scanning]\n"
  },
  {
    "path": "weapons/owasp-zap-jwt-addon.yaml",
    "content": "---\nname: owasp-zap-jwt-addon\ndescription:\nurl: https://github.com/SasanLabs/owasp-zap-jwt-addon\ncategory: tool-addon\ntype: utils\nplatform: [linux, macos, windows, zap]\nlang: Java\ntags: [jwt]\n"
  },
  {
    "path": "weapons/owasp-zap-maplocal-addon.yaml",
    "content": "---\nname: Map Local\ndescription: ZAP add-on which allows mapping of responses to content of a chosen local\n  file.\nurl: https://github.com/Keindel/owasp-zap-maplocal-addon\ncategory: tool-addon\ntype: Utils\nplatform: [linux, macos, windows, zap]\nlang: Java\ntags: []\n"
  },
  {
    "path": "weapons/oxml_xxe.yaml",
    "content": "---\nname: oxml_xxe\ndescription: 'A tool for embedding XXE/XML exploits into different filetypes '\nurl: https://github.com/BuffaloWill/oxml_xxe\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Ruby\ntags: []\n"
  },
  {
    "path": "weapons/pagodo.yaml",
    "content": "---\nname: pagodo\ndescription: pagodo (Passive Google Dork) - Automate Google Hacking Database scraping\n  and searching\nurl: https://github.com/opsdisk/pagodo\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Python\ntags: []\n"
  },
  {
    "path": "weapons/param-miner.yaml",
    "content": "---\nname: param-miner\ndescription: Param Miner\nurl: https://github.com/PortSwigger/param-miner\ncategory: tool-addon\ntype: Fuzzer\nplatform: [linux, macos, windows, burpsuite]\nlang: Java\ntags: [param, cache-vuln]\n"
  },
  {
    "path": "weapons/parameth.yaml",
    "content": "---\nname: parameth\ndescription: This tool can be used to brute discover GET and POST parameters\nurl: https://github.com/maK-/parameth\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Python\ntags: []\n"
  },
  {
    "path": "weapons/pcap-burp.yaml",
    "content": "---\nname: pcap-burp\ndescription: Pcap importer for Burp\nurl: https://github.com/nccgroup/pcap-burp\ncategory: tool-addon\ntype: Utils\nplatform: [linux, macos, windows, burpsuite]\nlang: Java\ntags: []\n"
  },
  {
    "path": "weapons/pdtm.yaml",
    "content": "---\nname: pdtm\ndescription: ProjectDiscovery's Open Source Tool Manager\nurl: https://github.com/projectdiscovery/pdtm\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Go\ntags: [package-manager, tools-management]\n"
  },
  {
    "path": "weapons/pentest-env.yaml",
    "content": "---\nname: pentest-env\ndescription: Pentest environment deployer (kali linux + targets) using vagrant and\n  chef.\nurl: https://github.com/Sliim/pentest-env\ncategory: tool\ntype: Env\nplatform: [linux, macos, windows]\nlang: Ruby\ntags: [pentest]\n"
  },
  {
    "path": "weapons/pentest-tools.yaml",
    "content": "---\nname: pentest-tools\ndescription: 'Custom pentesting tools '\nurl: https://github.com/gwen001/pentest-tools\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Python\ntags: []\n"
  },
  {
    "path": "weapons/pet.yaml",
    "content": "---\nname: pet\ndescription: Simple command-line snippet manager, written in Go.\nurl: https://github.com/knqyf263/pet\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Go\ntags: []\n"
  },
  {
    "path": "weapons/plution.yaml",
    "content": "---\nname: plution\ndescription: Prototype pollution scanner using headless chrome\nurl: https://github.com/raverrr/plution\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Go\ntags: [prototypepollution, prototype-pollution]\n"
  },
  {
    "path": "weapons/postMessage-tracker.yaml",
    "content": "---\nname: postMessage-tracker\ndescription: A Chrome Extension to track postMessage usage (url, domain and stack)\n  both by logging using CORS and also visually as an extension-icon\nurl: https://github.com/fransr/postMessage-tracker\ncategory: browser-addon\ntype: Utils\nplatform: [linux, macos, windows, chrome]\nlang: JavaScript\ntags: [js-analysis]\n"
  },
  {
    "path": "weapons/ppfuzz.yaml",
    "content": "---\nname: ppfuzz\ndescription: A fast tool to scan client-side prototype pollution vulnerability written\n  in Rust. 🦀\nurl: https://github.com/dwisiswant0/ppfuzz\ncategory: tool\ntype: Fuzzer\nplatform: [linux, macos, windows]\nlang: Rust\ntags: [prototypepollution, prototype-pollution]\n"
  },
  {
    "path": "weapons/pphack.yaml",
    "content": "---\nname: pphack\ndescription: The Most Advanced Client-Side Prototype Pollution Scanner\nurl: https://github.com/edoardottt/pphack\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Go\ntags: [prototypepollution, prototype-pollution]\n"
  },
  {
    "path": "weapons/ppmap.yaml",
    "content": "---\nname: ppmap\ndescription: A scanner/exploitation tool written in GO, which leverages client-side\n  Prototype Pollution to XSS by exploiting known gadgets.\nurl: https://github.com/kleiton0x00/ppmap\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Go\ntags: [prototypepollution, prototype-pollution]\n"
  },
  {
    "path": "weapons/proxify.yaml",
    "content": "---\nname: proxify\ndescription: Swiss Army knife Proxy tool for HTTP/HTTPS traffic capture, manipulation\n  and replay\nurl: https://github.com/projectdiscovery/proxify\ncategory: tool\ntype: Proxy\nplatform: [linux, macos, windows]\nlang: Go\ntags: [mitmproxy]\n"
  },
  {
    "path": "weapons/puredns.yaml",
    "content": "---\nname: puredns\ndescription: Puredns is a fast domain resolver and subdomain bruteforcing tool that\n  can accurately filter out wildcard subdomains and DNS poisoned entries.\nurl: https://github.com/d3mondev/puredns\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [subdomains, dns]\n"
  },
  {
    "path": "weapons/pwncat.yaml",
    "content": "---\nname: pwncat\ndescription: 'pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and\n  reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable\n  with Python (PSE) '\nurl: https://github.com/cytopia/pwncat\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Shell\ntags: []\n"
  },
  {
    "path": "weapons/qsreplace.yaml",
    "content": "---\nname: qsreplace\ndescription: 'Accept URLs on stdin, replace all query string values with a user-supplied\n  value '\nurl: https://github.com/tomnomnom/qsreplace\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Go\ntags: []\n"
  },
  {
    "path": "weapons/quickjack.yaml",
    "content": "---\nname: quickjack\ndescription: Quickjack is a point-and-click tool for intuitively producing advanced\n  clickjacking and frame slicing attacks.\nurl: https://github.com/samyk/quickjack\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: JavaScript\ntags: []\n"
  },
  {
    "path": "weapons/race-the-web.yaml",
    "content": "---\nname: race-the-web\ndescription: Tests for race conditions in web applications by sending out a user-specified number of requests to a target URL (or URLs) simultaneously, and then compares the responses from the server for uniqueness.\nurl: https://github.com/TheHackerDev/race-the-web\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Go\ntags: [race-condition]\n"
  },
  {
    "path": "weapons/rapidscan.yaml",
    "content": "---\nname: rapidscan\ndescription: 'The Multi-Tool Web Vulnerability Scanner. '\nurl: https://github.com/skavngr/rapidscan\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: []\n"
  },
  {
    "path": "weapons/recon_profile.yaml",
    "content": "---\nname: recon_profile\ndescription: 'Recon profile (bash profile) for bugbounty '\nurl: https://github.com/nahamsec/recon_profile\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Shell\ntags: []\n"
  },
  {
    "path": "weapons/reconftw.yaml",
    "content": "---\nname: reconftw\ndescription: reconFTW is a tool designed to perform automated recon on a target domain\n  by running the best set of tools to perform scanning and finding out vulnerabilities\nurl: https://github.com/six2dez/reconftw\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Shell\ntags: []\n"
  },
  {
    "path": "weapons/reflect.yaml",
    "content": "---\nname: reflect\ndescription:\nurl: https://github.com/cak/reflect\ncategory: tool-addon\ntype: Utils\nplatform: [linux, macos, windows, zap]\nlang: Kotlin\ntags: []\n"
  },
  {
    "path": "weapons/reflected-parameters.yaml",
    "content": "---\nname: reflected-parameters\ndescription:\nurl: https://github.com/PortSwigger/reflected-parameters\ncategory: tool-addon\ntype: Recon\nplatform: [linux, macos, windows, burpsuite]\nlang: Java\ntags: [param]\n"
  },
  {
    "path": "weapons/rengine.yaml",
    "content": "---\nname: rengine\ndescription: 'reNgine is an automated reconnaissance framework meant for gathering\n  information during penetration testing of web applications. reNgine has customizable\n  scan engines, which can be used to scan the websites, endpoints, and gather information. '\nurl: https://github.com/yogeshojha/rengine\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: JavaScript\ntags: []\n"
  },
  {
    "path": "weapons/rep.yaml",
    "content": "---\nname: rep\ndescription: Chrome DevTools extension for capturing, modifying, and replaying HTTP requests with AI-powered security analysis\nurl: https://github.com/repplus/rep\ncategory: browser-addon\ntype: Proxy\nplatform: [chrome]\nlang: JavaScript\ntags: [http, repeater]\n"
  },
  {
    "path": "weapons/reverse-shell-generator.yaml",
    "content": "---\nname: reverse-shell-generator\ndescription: Hosted Reverse Shell generator with a ton of functionality. -- (Great\n  for CTFs)\nurl: https://github.com/0dayCTF/reverse-shell-generator\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: JavaScript\ntags: [payload]\n"
  },
  {
    "path": "weapons/ronin.yaml",
    "content": "---\nname: Ronin\ndescription: Free and Open Source Ruby Toolkit for Security Research and Development\nurl: https://ronin-rb.dev\ncategory: tool\ntype: Army-knife\nplatform: [linux, macos, windows]\nlang: Ruby\ntags: [pentest, crawl, recon, exploit]\n"
  },
  {
    "path": "weapons/ropr.yaml",
    "content": "---\nname: ropr\ndescription: A blazing fast™ multithreaded ROP Gadget finder. ropper\nurl: https://github.com/Ben-Lichtman/ropr\ncategory: tool\ntype: Exploit\nplatform: [linux, macos, windows]\nlang: Rust\ntags: [rop]\n"
  },
  {
    "path": "weapons/rusolver.yaml",
    "content": "---\nname: rusolver\ndescription: Fast and accurate DNS resolver.\nurl: https://github.com/Edu4rdSHL/rusolver\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Rust\ntags: [dns]\n"
  },
  {
    "path": "weapons/s3reverse.yaml",
    "content": "---\nname: s3reverse\ndescription: 'The format of various s3 buckets is convert in one format. for bugbounty\n  and security testing. '\nurl: https://github.com/hahwul/s3reverse\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Go\ntags: [s3]\n"
  },
  {
    "path": "weapons/safecopy.yaml",
    "content": "---\nname: safecopy\ndescription:\nurl: https://github.com/yashrs/safecopy\ncategory: tool-addon\ntype: Utils\nplatform: [linux, macos, windows, burpsuite]\nlang: Java\ntags: []\n"
  },
  {
    "path": "weapons/scan4all.yaml",
    "content": "---\nname: scan4all\ndescription: Official repository vuls Scan\nurl: https://github.com/hktalent/scan4all\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Go\ntags: []\n"
  },
  {
    "path": "weapons/scilla.yaml",
    "content": "---\nname: scilla\ndescription: 🏴‍☠️ Information Gathering tool 🏴‍☠️ dns/subdomain/port enumeration\nurl: https://github.com/edoardottt/scilla\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [subdomains, dns, port]\n"
  },
  {
    "path": "weapons/security-crawl-maze.yaml",
    "content": "---\nname: security-crawl-maze\ndescription: Security Crawl Maze is a comprehensive testbed for web security crawlers.\n  It contains pages representing many ways in which one can link resources from a\n  valid HTML document.\nurl: https://github.com/google/security-crawl-maze\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: HTML\ntags: [crawl]\n"
  },
  {
    "path": "weapons/security-research-pocs.yaml",
    "content": "---\nname: security-research-pocs\ndescription: Proof-of-concept codes created as part of security research done by Google\n  Security Team.\nurl: https://github.com/google/security-research-pocs\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: C++\ntags: []\n"
  },
  {
    "path": "weapons/semgrep.yaml",
    "content": "---\nname: semgrep\ndescription: Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.\nurl: https://github.com/semgrep/semgrep\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: [sast, code-analysis]\n"
  },
  {
    "path": "weapons/shosubgo.yaml",
    "content": "---\nname: shosubgo\ndescription: Small tool to Grab subdomains using Shodan api.\nurl: https://github.com/incogbyte/shosubgo\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [subdomains]\n"
  },
  {
    "path": "weapons/shuffledns.yaml",
    "content": "---\nname: shuffledns\ndescription: 'shuffleDNS is a wrapper around massdns written in go that allows you\n  to enumerate valid subdomains using active bruteforce as well as resolve subdomains\n  with wildcard handling and easy input-output support. '\nurl: https://github.com/projectdiscovery/shuffledns\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [dns]\n"
  },
  {
    "path": "weapons/singularity.yaml",
    "content": "---\nname: singularity\ndescription: A DNS rebinding attack framework.\nurl: https://github.com/nccgroup/singularity\ncategory: tool\ntype: Exploit\nplatform: [linux, macos, windows]\nlang: JavaScript\ntags: []\n"
  },
  {
    "path": "weapons/slackcat.yaml",
    "content": "---\nname: slackcat\ndescription: CLI utility to post files and command output to slack\nurl: https://github.com/bcicen/slackcat\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Go\ntags: [notify]\n"
  },
  {
    "path": "weapons/smap.yaml",
    "content": "---\nname: Smap\ndescription: a drop-in replacement for Nmap powered by shodan.io\nurl: https://github.com/s0md3v/smap/\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [port]\n"
  },
  {
    "path": "weapons/smugglefuzz.yaml",
    "content": "---\nname: SmuggleFuzz\ndescription: A rapid HTTP downgrade smuggling scanner written in Go.\nurl: https://github.com/Moopinger/smugglefuzz/\ncategory: tool\ntype: Fuzzer\nplatform: [linux, macos, windows]\nlang: Go\ntags: [smuggle, fuzz]\n"
  },
  {
    "path": "weapons/smuggler.yaml",
    "content": "---\nname: smuggler\ndescription: 'Smuggler - An HTTP Request Smuggling / Desync testing tool written in\n  Python 3 '\nurl: https://github.com/defparam/smuggler\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: [smuggle]\n"
  },
  {
    "path": "weapons/smugglex.yaml",
    "content": "---\nname: smugglex\ndescription: Rust-powered HTTP Request Smuggling Scanner\nurl: https://github.com/hahwul/smugglex\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Rust\ntags: [smuggle]\n"
  },
  {
    "path": "weapons/sn0int.yaml",
    "content": "---\nname: sn0int\ndescription: Semi-automatic OSINT framework and package manager\nurl: https://github.com/kpcyrd/sn0int\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Rust\ntags: [osint]\n"
  },
  {
    "path": "weapons/spiderfoot.yaml",
    "content": "---\nname: spiderfoot\ndescription: SpiderFoot automates OSINT collection so that you can focus on analysis.\nurl: https://github.com/smicallef/spiderfoot\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Python\ntags: [osint]\n"
  },
  {
    "path": "weapons/sqliv.yaml",
    "content": "---\nname: sqliv\ndescription: massive SQL injection vulnerability scanner\nurl: https://github.com/the-robot/sqliv\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: [sqli]\n"
  },
  {
    "path": "weapons/sqlmap.yaml",
    "content": "---\nname: sqlmap\ndescription: Automatic SQL injection and database takeover tool\nurl: https://github.com/sqlmapproject/sqlmap\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: [sqli]\n"
  },
  {
    "path": "weapons/ssrf-sheriff.yaml",
    "content": "---\nname: ssrf-sheriff\ndescription: 'A simple SSRF-testing sheriff written in Go '\nurl: https://github.com/teknogeek/ssrf-sheriff\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Go\ntags: [ssrf]\n"
  },
  {
    "path": "weapons/sub404.yaml",
    "content": "---\nname: Sub404\ndescription: A python tool to check subdomain takeover vulnerability\nurl: https://github.com/r3curs1v3-pr0xy/sub404\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [subdomains, takeover]\n"
  },
  {
    "path": "weapons/subbrute.yaml",
    "content": "---\nname: SubBrute\ndescription: https://github.com/TheRook/subbrute\nurl: https://github.com/aboul3la/Sublist3r\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Python\ntags: [subdomains]\n"
  },
  {
    "path": "weapons/subfinder.yaml",
    "content": "---\nname: subfinder\ndescription: 'Subfinder is a subdomain discovery tool that discovers valid subdomains\n  for websites. Designed as a passive framework to be useful for bug bounties and\n  safe for penetration testing. '\nurl: https://github.com/projectdiscovery/subfinder\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [subdomains]\n"
  },
  {
    "path": "weapons/subgen.yaml",
    "content": "---\nname: subgen\ndescription: A really simple utility to concate wordlists to a domain name - to pipe\n  into your favourite resolver!\nurl: https://github.com/pry0cc/subgen\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [subdomains]\n"
  },
  {
    "path": "weapons/subjack.yaml",
    "content": "---\nname: subjack\ndescription: 'Subdomain Takeover tool written in Go '\nurl: https://github.com/haccer/subjack\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [subdomains, takeover]\n"
  },
  {
    "path": "weapons/subjs.yaml",
    "content": "---\nname: subjs\ndescription: Fetches javascript file from a list of URLS or subdomains.\nurl: https://github.com/lc/subjs\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [url, subdomains]\n"
  },
  {
    "path": "weapons/subs_all.yaml",
    "content": "---\nname: subs_all\ndescription: 'Subdomain Enumeration Wordlist. 8956437 unique words. Updated. '\nurl: https://github.com/emadshanab/subs_all\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang:\ntags: [subdomains]\n"
  },
  {
    "path": "weapons/subzy.yaml",
    "content": "---\nname: subzy\ndescription: Subdomain takeover vulnerability checker\nurl: https://github.com/LukaSikic/subzy\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [subdomains, takeover]\n"
  },
  {
    "path": "weapons/sudomy.yaml",
    "content": "---\nname: Sudomy\ndescription: subdomain enumeration tool to collect subdomains and analyzing domains\nurl: https://github.com/screetsec/Sudomy\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Shell\ntags: [subdomains]\n"
  },
  {
    "path": "weapons/taborator.yaml",
    "content": "---\nname: taborator\ndescription:\nurl: https://github.com/hackvertor/taborator\ncategory: tool-addon\ntype: Utils\nplatform: [linux, macos, windows, burpsuite]\nlang: Java\ntags: [oast]\n"
  },
  {
    "path": "weapons/template-generator.yaml",
    "content": "---\nname: template-generator\ndescription: 'A simple variable based template editor using handlebarjs+strapdownjs.\n  The idea is to use variables in markdown based files to easily replace the variables\n  with content. Data is saved temporarily in local storage. PHP is only needed to\n  generate the list of files in the dropdown of templates. '\nurl: https://github.com/fransr/template-generator\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: JavaScript\ntags: []\n"
  },
  {
    "path": "weapons/testssl.sh.yaml",
    "content": "---\nname: testssl.sh\ndescription: 'Testing TLS/SSL encryption anywhere on any port '\nurl: https://github.com/drwetter/testssl.sh\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Shell\ntags: [ssl]\n"
  },
  {
    "path": "weapons/thc-hydra.yaml",
    "content": "---\nname: thc-hydra\ndescription: 'hydra '\nurl: https://github.com/vanhauser-thc/thc-hydra\ncategory: tool\ntype: Fuzzer\nplatform: [linux, macos, windows]\nlang: C\ntags: []\n"
  },
  {
    "path": "weapons/tiscripts.yaml",
    "content": "---\nname: tiscripts\ndescription: Turbo Intruder Scripts\nurl: https://github.com/defparam/tiscripts\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Python\ntags: []\n"
  },
  {
    "path": "weapons/tlsx.yaml",
    "content": "---\nname: tlsx\ndescription: Fast and configurable TLS grabber focused on TLS based data collection\nurl: https://github.com/projectdiscovery/tlsx\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [ssl, tls, certificates]\n"
  },
  {
    "path": "weapons/toxssin.yaml",
    "content": "---\nname: toxssin\ndescription: An XSS exploitation command-line interface and payload generator.\nurl: https://github.com/t3l3machus/toxssin\ncategory: tool\ntype: Exploit\nplatform: [linux, macos, windows]\nlang: Python\ntags: [xss]\n"
  },
  {
    "path": "weapons/tplmap.yaml",
    "content": "---\nname: tplmap\ndescription: Server-Side Template Injection and Code Injection Detection and Exploitation\n  Tool\nurl: https://github.com/epinna/tplmap\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: []\n"
  },
  {
    "path": "weapons/trivy.yaml",
    "content": "---\nname: trivy\ndescription: Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more\nurl: https://github.com/aquasecurity/trivy\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Go\ntags: [vulnerability-scanner, container-security, sbom]\n"
  },
  {
    "path": "weapons/trufflehog.yaml",
    "content": "---\nname: trufflehog\ndescription: Find and verify credentials in git repositories, filesystems, and S3 buckets\nurl: https://github.com/trufflesecurity/trufflehog\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Go\ntags: [secret-scanning, credentials]\n"
  },
  {
    "path": "weapons/turbo-intruder.yaml",
    "content": "---\nname: turbo-intruder\ndescription:\nurl: https://github.com/PortSwigger/turbo-intruder\ncategory: tool-addon\ntype: Utils\nplatform: [linux, macos, windows, burpsuite]\nlang: Kotlin\ntags: []\n"
  },
  {
    "path": "weapons/uncover.yaml",
    "content": "---\nname: uncover\ndescription: Quickly discover exposed hosts on the internet using multiple search\n  engine.\nurl: https://github.com/projectdiscovery/uncover\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: []\n"
  },
  {
    "path": "weapons/unfurl.yaml",
    "content": "---\nname: unfurl\ndescription: 'Pull out bits of URLs provided on stdin '\nurl: https://github.com/tomnomnom/unfurl\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Go\ntags: [url]\n"
  },
  {
    "path": "weapons/urlgrab.yaml",
    "content": "---\nname: urlgrab\ndescription: 'A golang utility to spider through a website searching for additional\n  links. '\nurl: https://github.com/IAmStoxe/urlgrab\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Go\ntags: [url]\n"
  },
  {
    "path": "weapons/urlhunter.yaml",
    "content": "---\nname: urlhunter\ndescription: a recon tool that allows searching on URLs that are exposed via shortener\n  services\nurl: https://github.com/utkusen/urlhunter\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [url]\n"
  },
  {
    "path": "weapons/urlprobe.yaml",
    "content": "---\nname: urlprobe\ndescription: 'Urls status code & content length checker '\nurl: https://github.com/1ndianl33t/urlprobe\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Go\ntags: [url]\n"
  },
  {
    "path": "weapons/uro.yaml",
    "content": "---\nname: uro\ndescription: declutters url lists for crawling/pentesting\nurl: https://github.com/s0md3v/uro\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Python\ntags: [url]\n"
  },
  {
    "path": "weapons/urx.yaml",
    "content": "---\nname: urx\ndescription: Extracts URLs from OSINT Archives for Security Insights\nurl: https://github.com/hahwul/urx\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Rust\ntags: [url]\n"
  },
  {
    "path": "weapons/wapiti.yaml",
    "content": "---\nname: wapiti\ndescription: Web application vulnerability scanner. Wapiti allows you to audit the security of your websites or web applications.\nurl: https://github.com/wapiti-scanner/wapiti\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: [vulnerability-scanner, web-scanner]\n"
  },
  {
    "path": "weapons/waybackurls.yaml",
    "content": "---\nname: waybackurls\ndescription: 'Fetch all the URLs that the Wayback Machine knows about for a domain '\nurl: https://github.com/tomnomnom/waybackurls\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [url]\n"
  },
  {
    "path": "weapons/waymore.yaml",
    "content": "---\nname: waymore\ndescription: Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan, VirusTotal & Intelligence X!\nurl: https://github.com/xnl-h4ck3r/waymore\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Python\ntags: [url]\n"
  },
  {
    "path": "weapons/weaponised-XSS-payloads.yaml",
    "content": "---\nname: weaponised-XSS-payloads\ndescription: XSS payloads designed to turn alert(1) into P1\nurl: https://github.com/hakluke/weaponised-XSS-payloads\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: JavaScript\ntags: [xss, documents]\n"
  },
  {
    "path": "weapons/web_cache_poison.yaml",
    "content": "---\nname: web_cache_poison\ndescription: web cache poison - Top 1 web hacking technique of 2019\nurl: https://github.com/fngoo/web_cache_poison\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Shell\ntags: [cache-vuln]\n"
  },
  {
    "path": "weapons/websocket-connection-smuggler.yaml",
    "content": "---\nname: websocket-connection-smuggler\ndescription: websocket-connection-smuggler\nurl: https://github.com/hahwul/websocket-connection-smuggler\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Go\ntags: [smuggle]\n"
  },
  {
    "path": "weapons/wfuzz.yaml",
    "content": "---\nname: wfuzz\ndescription: 'Web application fuzzer '\nurl: https://github.com/xmendez/wfuzz\ncategory: tool\ntype: Fuzzer\nplatform: [linux, macos, windows]\nlang: Python\ntags: []\n"
  },
  {
    "path": "weapons/wprecon.yaml",
    "content": "---\nname: wprecon\ndescription: Hello! Welcome. Wprecon (Wordpress Recon), is a vulnerability recognition\n  tool in CMS Wordpress, 100% developed in Go.\nurl: https://github.com/blackcrw/wprecon\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Go\ntags: []\n"
  },
  {
    "path": "weapons/wpscan.yaml",
    "content": "---\nname: wpscan\ndescription: 'WPScan is a free, for non-commercial use, black box WordPress Vulnerability\n  Scanner written for security professionals and blog maintainers to test the security\n  of their WordPress websites. '\nurl: https://github.com/wpscanteam/wpscan\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Ruby\ntags: []\n"
  },
  {
    "path": "weapons/ws-smuggler.yaml",
    "content": "---\nname: ws-smuggler\ndescription: WebSocket Connection Smuggler\nurl: https://github.com/hahwul/ws-smuggler\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Go\ntags: [smuggle]\n"
  },
  {
    "path": "weapons/wssip.yaml",
    "content": "---\nname: wssip\ndescription: Application for capturing, modifying and sending custom WebSocket data\n  from client to server and vice versa.\nurl: https://github.com/nccgroup/wssip\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: JavaScript\ntags: []\n"
  },
  {
    "path": "weapons/wuzz.yaml",
    "content": "---\nname: wuzz\ndescription: 'Interactive cli tool for HTTP inspection '\nurl: https://github.com/asciimoo/wuzz\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Go\ntags: [http]\n"
  },
  {
    "path": "weapons/x8.yaml",
    "content": "---\nname: x8\ndescription: Hidden parameters discovery suite\nurl: https://github.com/Sh1Yo/x8\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Rust\ntags: []\n"
  },
  {
    "path": "weapons/xless.yaml",
    "content": "---\nname: xless\ndescription: The Serverless Blind XSS App\nurl: https://github.com/mazen160/xless\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: JavaScript\ntags: [xss, blind-xss]\n"
  },
  {
    "path": "weapons/xnLinkFinder.yaml",
    "content": "---\nname: xnLinkFinder\ndescription: A python tool used to discover endpoints (and potential parameters) for\n  a given target\nurl: https://github.com/xnl-h4ck3r/xnLinkFinder\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Python\ntags: [js-analysis]\n"
  },
  {
    "path": "weapons/xsinator.com.yaml",
    "content": "---\nname: xsinator.com\ndescription: XS-Leak Browser Test Suite\nurl: https://github.com/RUB-NDS/xsinator.com\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: JavaScript\ntags: []\n"
  },
  {
    "path": "weapons/xss-cheatsheet-data.yaml",
    "content": "---\nname: xss-cheatsheet-data\ndescription: 'This repository contains all the XSS cheatsheet data to allow contributions\n  from the community. '\nurl: https://github.com/PortSwigger/xss-cheatsheet-data\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang:\ntags: [xss]\n"
  },
  {
    "path": "weapons/xsscrapy.yaml",
    "content": "---\nname: xsscrapy\ndescription: \"XSS/SQLi spider. Give it a URL and it'll test every link it finds for\\\n  \\ XSS and some SQLi. \"\nurl: https://github.com/DanMcInerney/xsscrapy\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: [xss]\n"
  },
  {
    "path": "weapons/xsser.yaml",
    "content": "---\nname: xsser\ndescription: 'Cross Site \"Scripter\" (aka XSSer) is an automatic -framework- to detect,\n  exploit and report XSS vulnerabilities in web-based applications. '\nurl: https://github.com/epsylon/xsser\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: [xss]\n"
  },
  {
    "path": "weapons/xssor2.yaml",
    "content": "---\nname: xssor2\ndescription: XSS'OR - Hack with JavaScript.\nurl: https://github.com/evilcos/xssor2\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: JavaScript\ntags: [xss]\n"
  },
  {
    "path": "weapons/xsssniper.yaml",
    "content": "---\nname: xsssniper\ndescription: An automatic XSS discovery tool\nurl: https://github.com/gbrindisi/xsssniper\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows]\nlang: Python\ntags: [xss]\n"
  },
  {
    "path": "weapons/xurlfind3r.yaml",
    "content": "---\nname: xurlfind3r\ndescription: A command-line utility designed to discover URLs for a given domain in a simple, efficient way.\nurl: https://github.com/hueristiq/xurlfind3r\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [url]\n"
  },
  {
    "path": "weapons/xxeserv.yaml",
    "content": "---\nname: xxeserv\ndescription: A mini webserver with FTP support for XXE payloads\nurl: https://github.com/staaldraad/xxeserv\ncategory: tool\ntype: Exploit\nplatform: [linux, macos, windows]\nlang: Go\ntags: []\n"
  },
  {
    "path": "weapons/ysoserial.net.yaml",
    "content": "---\nname: ysoserial.net\ndescription: 'Deserialization payload generator for a variety of .NET formatters '\nurl: https://github.com/pwntester/ysoserial.net\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: C#\ntags: [deserialize]\n"
  },
  {
    "path": "weapons/ysoserial.yaml",
    "content": "---\nname: ysoserial\ndescription: 'A proof-of-concept tool for generating payloads that exploit unsafe\n  Java object deserialization. '\nurl: https://github.com/frohoff/ysoserial\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Java\ntags: [deserialize]\n"
  },
  {
    "path": "weapons/zap-browser-extension.yaml",
    "content": "---\nname: ZAP Browser Extension\ndescription: A browser extension which allows ZAP to interact directly with the browser.\nurl: https://github.com/zaproxy/browser-extension/\ncategory: browser-addon\ntype: Utils\nplatform: [linux, macos, windows, firefox, chrome, zap]\nlang: TypeScript\ntags: [browser-record]\n"
  },
  {
    "path": "weapons/zap-cli.yaml",
    "content": "---\nname: zap-cli\ndescription: 'A simple tool for interacting with OWASP ZAP from the commandline. '\nurl: https://github.com/Grunny/zap-cli\ncategory: tool\ntype: Scanner\nplatform: [linux, macos, windows, zap]\nlang: Python\ntags: []\n"
  },
  {
    "path": "weapons/zap-hud.yaml",
    "content": "---\nname: zap-hud\ndescription:\nurl: https://github.com/zaproxy/zap-hud\ncategory: tool-addon\ntype: Utils\nplatform: [linux, macos, windows, zap]\nlang: Java\ntags: []\n"
  },
  {
    "path": "weapons/zaproxy.yaml",
    "content": "---\nname: ZAP\ndescription: The ZAP core project\nurl: https://github.com/zaproxy/zaproxy\ncategory: tool\ntype: Army-Knife\nplatform: [linux, macos, windows, zap]\nlang: Java\ntags: [mitmproxy, live-audit, crawl]\n"
  },
  {
    "path": "weapons/zdns.yaml",
    "content": "---\nname: zdns\ndescription: Fast CLI DNS Lookup Tool\nurl: https://github.com/zmap/zdns\ncategory: tool\ntype: Recon\nplatform: [linux, macos, windows]\nlang: Go\ntags: [dns]\n"
  },
  {
    "path": "weapons/zip-bomb.yaml",
    "content": "---\nname: zip-bomb\ndescription: Create a ZIPBomb for a given uncompressed size (flat and nested modes).\nurl: https://github.com/damianrusinek/zip-bomb\ncategory: tool\ntype: Utils\nplatform: [linux, macos, windows]\nlang: Python\ntags: [zipbomb]\n"
  }
]