GitHub topics: attack-surface

Repositories

Van-1337/AutoEASM

Tool for automated scanning of the common vulnerabilities of company subdomains

Language: Python - Size: 2.82 MB - Last synced at: about 8 hours ago - Pushed at: about 9 hours ago - Stars: 7 - Forks: 1

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.

Language: Go - Size: 38.8 MB - Last synced at: about 9 hours ago - Pushed at: 4 days ago - Stars: 23,544 - Forks: 2,740

projectdiscovery/uncover

Quickly discover exposed hosts on the internet using multiple search engines.

Language: Go - Size: 1010 KB - Last synced at: about 9 hours ago - Pushed at: 15 days ago - Stars: 2,618 - Forks: 224

microsoft/AttackSurfaceAnalyzer

Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.

Language: C# - Size: 14.6 MB - Last synced at: about 23 hours ago - Pushed at: 10 days ago - Stars: 2,836 - Forks: 287

attacksurge/awesome-attack-surface-monitoring

Curated list of open-source & paid Attack Surface Monitoring (ASM) tools.

Size: 677 KB - Last synced at: 3 days ago - Pushed at: 8 months ago - Stars: 400 - Forks: 58

1N3/Sn1per

Attack Surface Management Platform

Language: Shell - Size: 43.1 MB - Last synced at: 4 days ago - Pushed at: 9 days ago - Stars: 8,785 - Forks: 1,928

j3ssie/osmedeus

A Workflow Engine for Offensive Security

Language: Go - Size: 27.9 MB - Last synced at: 6 days ago - Pushed at: 19 days ago - Stars: 5,605 - Forks: 913

owasp-amass/amass-docker-compose

OWASP Amass Docker Compose for setting up a full instance of the infrastructure

Size: 7.15 MB - Last synced at: 8 days ago - Pushed at: 8 days ago - Stars: 44 - Forks: 9

exfil0/CVE-2024-55591-POC

A comprehensive all-in-one Python-based Proof of Concept script to discover and exploit a critical authentication bypass vulnerability (CVE-2024-55591) in certain Fortinet devices.

Language: Python - Size: 79.1 KB - Last synced at: 1 day ago - Pushed at: 11 days ago - Stars: 12 - Forks: 4

vmfunc/sif

the blazing-fast pentesting suite.

Language: Go - Size: 1.91 MB - Last synced at: 5 days ago - Pushed at: about 2 months ago - Stars: 241 - Forks: 14

superhedgy/AttackSurfaceMapper

AttackSurfaceMapper is a tool that aims to automate the reconnaissance process.

Language: Python - Size: 3.65 MB - Last synced at: 14 days ago - Pushed at: about 1 year ago - Stars: 1,360 - Forks: 195

3nock/OTE 📦

OSINT Template Engine

Language: C - Size: 13.3 MB - Last synced at: 7 days ago - Pushed at: almost 2 years ago - Stars: 545 - Forks: 62

BishopFox/smogcloud

Find cloud assets that no one wants exposed 🔎 ☁️

Language: Go - Size: 25.4 KB - Last synced at: 17 days ago - Pushed at: almost 5 years ago - Stars: 345 - Forks: 36

1N3/AttackSurfaceManagement

Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty

Language: Shell - Size: 33.3 MB - Last synced at: 2 days ago - Pushed at: over 3 years ago - Stars: 95 - Forks: 18

chiasmod0n/chiasmodon

Chiasmodon is an OSINT tool designed to assist in the process of gathering information about a target domain. Its primary functionality revolves around searching for domain-related data, including domain emails, domain credentials, CIDRs , ASNs , and subdomains, the tool also allows users to search Google Play application ID.

Language: Python - Size: 250 KB - Last synced at: 27 days ago - Pushed at: 27 days ago - Stars: 583 - Forks: 41

verdexlab/verdex

Version detection tool through feature-based analysis, fast and collaborative.

Language: Go - Size: 555 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 3 - Forks: 0

johnnyxmas/ScanCannon

External attack surface discovery, enumeration and reconnaissance for massive networks

Language: Shell - Size: 89.8 KB - Last synced at: 14 days ago - Pushed at: 3 months ago - Stars: 447 - Forks: 77

krishpranav/sniff

A Simple Golang Tool That Automates OSINT For Threat Intelligence And Mapping Your Attack Surface.

Language: Go - Size: 5.86 KB - Last synced at: about 2 months ago - Pushed at: over 3 years ago - Stars: 10 - Forks: 0

lightspin-tech/lightspin-2022-top-7-attack-paths

Based on Lightspin proprietary data, research, and our tracking of cloud security trends in the market, our research team has compiled a list of the 2022 Top 7 Cloud Attack Paths across AWS, Azure, GCP, and Kubernetes as seen on the Lightspin Cloud Native Application Protection Platform.

Size: 138 KB - Last synced at: 26 days ago - Pushed at: almost 3 years ago - Stars: 40 - Forks: 1

owasp-noir/noir-passive-rules

Passive Scan Rules for OWASP Noir

Size: 46.9 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 3 - Forks: 0

SpoofIMEI/ssb

ssb=simple subdomain bruteforcer

Language: Python - Size: 3.99 MB - Last synced at: about 6 hours ago - Pushed at: about 2 years ago - Stars: 19 - Forks: 3

exfil0/collectjuices

CollectJuices is a powerful tool designed to automate the process of fetching, analyzing, and recursively processing JavaScript files to discover URLs and secrets. Leveraging the capabilities of the JSluice tool and advanced Python libraries, CollectJuices is an essential tool for cybersecurity professionals.

Language: Python - Size: 5.86 KB - Last synced at: 3 months ago - Pushed at: 10 months ago - Stars: 2 - Forks: 0

krishealty/tunnel-ADB

Simple ADB toolkit to penetrate Android device using Android Debug Bridge with over 35 features.

Language: Shell - Size: 2.13 MB - Last synced at: 10 days ago - Pushed at: 12 months ago - Stars: 3 - Forks: 1

dreizehnutters/vide

Minimal web server enumeration & attack surface detection tool based on results of nmap.

Language: Shell - Size: 8.11 MB - Last synced at: 9 months ago - Pushed at: 9 months ago - Stars: 38 - Forks: 3

RossGeerlings/webstor

WebStor efficiently enumerates all websites across your organization’s networks and those in your DNS records - including cloud-hosted servers via zone transfer data - stores their responses, and lets you query for known web technologies, including those with zero-day vulnerabilities.

Language: Python - Size: 199 KB - Last synced at: 7 months ago - Pushed at: about 1 year ago - Stars: 151 - Forks: 19

dhammon/Attess

Language: Python - Size: 31.3 KB - Last synced at: 2 months ago - Pushed at: 10 months ago - Stars: 0 - Forks: 0

TalMaIka/Site-Scanner

Site-Scanner - Web application vulnerability assessment tool.

Language: Python - Size: 16.1 MB - Last synced at: 10 months ago - Pushed at: 10 months ago - Stars: 22 - Forks: 7

volksec/minerva

This script automates the reconnaissance and penetration testing process for a given target.

Language: Shell - Size: 92.8 KB - Last synced at: 11 months ago - Pushed at: 11 months ago - Stars: 6 - Forks: 1

magneticstain/ip-2-cloudresource

IP-2-CloudResource: a CLI tool for correlating a cloud IP address with its associated resources, with a focus on speed and ease-of-use.

Language: Go - Size: 9.84 MB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 0 - Forks: 0

chiasmod0n/chiasmodon-mobile

Chiasmodon Mobile - OSINT Tool for Domain Information Gathering on Android.

Language: Dart - Size: 579 KB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 2 - Forks: 0

Krypteria/Seekolver

Seekolver is a tool focused on attack-surface mapping. It performs searches for subdomains associated with root domains and root domains associated with organisations using open sources, additionally, it resolves these domains and subdomains in search of HTTP and HTTPS services and then filters the information obtained based on their response.

Language: Python - Size: 50.8 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 11 - Forks: 1