Data

Tools

Indexes

Applications

Experiments

Repos

An open API service providing repository metadata for many open source software ecosystems.

Topic: "attack-surface"

projectdiscovery/nuclei

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.

Language: Go - Size: 38.4 MB - Last synced at: 9 days ago - Pushed at: 9 days ago - Stars: 23,431 - Forks: 2,731

1N3/Sn1per

Attack Surface Management Platform

Language: Shell - Size: 43.1 MB - Last synced at: 4 days ago - Pushed at: 9 days ago - Stars: 8,785 - Forks: 1,928

j3ssie/osmedeus

A Workflow Engine for Offensive Security

Language: Go - Size: 27.9 MB - Last synced at: 6 days ago - Pushed at: 18 days ago - Stars: 5,605 - Forks: 913

microsoft/AttackSurfaceAnalyzer

Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.

Language: C# - Size: 14.6 MB - Last synced at: about 13 hours ago - Pushed at: 9 days ago - Stars: 2,836 - Forks: 287

projectdiscovery/uncover

Quickly discover exposed hosts on the internet using multiple search engines.

Language: Go - Size: 1.04 MB - Last synced at: 17 days ago - Pushed at: about 1 month ago - Stars: 2,597 - Forks: 222

superhedgy/AttackSurfaceMapper

AttackSurfaceMapper is a tool that aims to automate the reconnaissance process.

Language: Python - Size: 3.65 MB - Last synced at: 14 days ago - Pushed at: about 1 year ago - Stars: 1,360 - Forks: 195

chiasmod0n/chiasmodon

Chiasmodon is an OSINT tool designed to assist in the process of gathering information about a target domain. Its primary functionality revolves around searching for domain-related data, including domain emails, domain credentials, CIDRs , ASNs , and subdomains, the tool also allows users to search Google Play application ID.

Language: Python - Size: 250 KB - Last synced at: 27 days ago - Pushed at: 27 days ago - Stars: 583 - Forks: 41

3nock/OTE 📦

OSINT Template Engine

Language: C - Size: 13.3 MB - Last synced at: 6 days ago - Pushed at: almost 2 years ago - Stars: 545 - Forks: 62

johnnyxmas/ScanCannon

External attack surface discovery, enumeration and reconnaissance for massive networks

Language: Shell - Size: 89.8 KB - Last synced at: 14 days ago - Pushed at: 3 months ago - Stars: 447 - Forks: 77

attacksurge/awesome-attack-surface-monitoring

Curated list of open-source & paid Attack Surface Monitoring (ASM) tools.

Size: 677 KB - Last synced at: 2 days ago - Pushed at: 8 months ago - Stars: 400 - Forks: 58

BishopFox/smogcloud

Find cloud assets that no one wants exposed 🔎 ☁️

Language: Go - Size: 25.4 KB - Last synced at: 17 days ago - Pushed at: almost 5 years ago - Stars: 345 - Forks: 36

vmfunc/sif

the blazing-fast pentesting suite.

Language: Go - Size: 1.91 MB - Last synced at: 4 days ago - Pushed at: about 2 months ago - Stars: 241 - Forks: 14

RossGeerlings/webstor

WebStor efficiently enumerates all websites across your organization’s networks and those in your DNS records - including cloud-hosted servers via zone transfer data - stores their responses, and lets you query for known web technologies, including those with zero-day vulnerabilities.

Language: Python - Size: 199 KB - Last synced at: 7 months ago - Pushed at: about 1 year ago - Stars: 151 - Forks: 19

1N3/AttackSurfaceManagement

Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty

Language: Shell - Size: 33.3 MB - Last synced at: 2 days ago - Pushed at: over 3 years ago - Stars: 95 - Forks: 18

owasp-amass/amass-docker-compose

OWASP Amass Docker Compose for setting up a full instance of the infrastructure

Size: 7.15 MB - Last synced at: 8 days ago - Pushed at: 8 days ago - Stars: 44 - Forks: 9

lightspin-tech/lightspin-2022-top-7-attack-paths

Based on Lightspin proprietary data, research, and our tracking of cloud security trends in the market, our research team has compiled a list of the 2022 Top 7 Cloud Attack Paths across AWS, Azure, GCP, and Kubernetes as seen on the Lightspin Cloud Native Application Protection Platform.

Size: 138 KB - Last synced at: 25 days ago - Pushed at: almost 3 years ago - Stars: 40 - Forks: 1

dreizehnutters/vide

Minimal web server enumeration & attack surface detection tool based on results of nmap.

Language: Shell - Size: 8.11 MB - Last synced at: 9 months ago - Pushed at: 9 months ago - Stars: 38 - Forks: 3

TalMaIka/Site-Scanner

Site-Scanner - Web application vulnerability assessment tool.

Language: Python - Size: 16.1 MB - Last synced at: 10 months ago - Pushed at: 10 months ago - Stars: 22 - Forks: 7

SpoofIMEI/ssb

ssb=simple subdomain bruteforcer

Language: Python - Size: 3.99 MB - Last synced at: 7 days ago - Pushed at: about 2 years ago - Stars: 19 - Forks: 3

exfil0/CVE-2024-55591-POC

A comprehensive all-in-one Python-based Proof of Concept script to discover and exploit a critical authentication bypass vulnerability (CVE-2024-55591) in certain Fortinet devices.

Language: Python - Size: 79.1 KB - Last synced at: about 17 hours ago - Pushed at: 11 days ago - Stars: 12 - Forks: 4

melihi/Exodus-ReverseIpLookup

Reverse ip lookup tool written with go . Bing , Spyse , HackerTarget , ViewDns

Language: Go - Size: 7.84 MB - Last synced at: about 1 year ago - Pushed at: about 3 years ago - Stars: 12 - Forks: 1

Krypteria/Seekolver

Seekolver is a tool focused on attack-surface mapping. It performs searches for subdomains associated with root domains and root domains associated with organisations using open sources, additionally, it resolves these domains and subdomains in search of HTTP and HTTPS services and then filters the information obtained based on their response.

Language: Python - Size: 50.8 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 11 - Forks: 1

krishpranav/sniff

A Simple Golang Tool That Automates OSINT For Threat Intelligence And Mapping Your Attack Surface.

Language: Go - Size: 5.86 KB - Last synced at: about 2 months ago - Pushed at: over 3 years ago - Stars: 10 - Forks: 0

Van-1337/AutoEASM

Tool for automated scanning of the common vulnerabilities of company subdomains

Language: Python - Size: 2.82 MB - Last synced at: 7 days ago - Pushed at: 7 days ago - Stars: 7 - Forks: 1

volksec/minerva

This script automates the reconnaissance and penetration testing process for a given target.

Language: Shell - Size: 92.8 KB - Last synced at: 11 months ago - Pushed at: 11 months ago - Stars: 6 - Forks: 1

reverseroom/vulecc-core

VULECC is the pioneer in Next-Generation Web Application Vulnerability Scanning technology, enabling businesses to proactively probe their web assets to identify and combat the most intricate vulnerabilities.

Size: 21.5 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 5 - Forks: 0

w3security/Bruttrack

A list of useful payloads and bypasses for Web Application Security. Feel free to improve with your payloads and techniques ! I :heart: pull requests :)

Language: PHP - Size: 15.5 MB - Last synced at: about 2 years ago - Pushed at: about 2 years ago - Stars: 5 - Forks: 2

frite/cf-enum

Yet another CF Enumeration tool

Language: Python - Size: 4.88 KB - Last synced at: almost 2 years ago - Pushed at: about 5 years ago - Stars: 5 - Forks: 0

decal/cgiaudit

:package: general-purpose, "black box" CGI auditing tool (ARCHIVE)

Language: C - Size: 77.1 KB - Last synced at: almost 2 years ago - Pushed at: over 6 years ago - Stars: 4 - Forks: 0

verdexlab/verdex

Version detection tool through feature-based analysis, fast and collaborative.

Language: Go - Size: 555 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 3 - Forks: 0

owasp-noir/noir-passive-rules

Passive Scan Rules for OWASP Noir

Size: 46.9 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 3 - Forks: 0

krishealty/tunnel-ADB

Simple ADB toolkit to penetrate Android device using Android Debug Bridge with over 35 features.

Language: Shell - Size: 2.13 MB - Last synced at: 10 days ago - Pushed at: 12 months ago - Stars: 3 - Forks: 1

tmcybers/gmailHack 📦

Brute force attack script for penetration testing on gmail accounts based on python.

Language: Python - Size: 629 KB - Last synced at: about 1 year ago - Pushed at: about 2 years ago - Stars: 3 - Forks: 0

fnord123/CoboSyncVerifier

Independent verification that the QR Codes displayed by the Cobo Vault to the Cobo App during pairing do not leak secrets.

Language: Python - Size: 68.4 KB - Last synced at: 3 months ago - Pushed at: about 4 years ago - Stars: 3 - Forks: 9

exfil0/collectjuices

CollectJuices is a powerful tool designed to automate the process of fetching, analyzing, and recursively processing JavaScript files to discover URLs and secrets. Leveraging the capabilities of the JSluice tool and advanced Python libraries, CollectJuices is an essential tool for cybersecurity professionals.

Language: Python - Size: 5.86 KB - Last synced at: 3 months ago - Pushed at: 10 months ago - Stars: 2 - Forks: 0

chiasmod0n/chiasmodon-mobile

Chiasmodon Mobile - OSINT Tool for Domain Information Gathering on Android.

Language: Dart - Size: 579 KB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 2 - Forks: 0

TubbyCat/droid_debloat_and_note

Android security notes, debloat guides, scripts. Rolling.

Language: Shell - Size: 120 KB - Last synced at: over 2 years ago - Pushed at: over 2 years ago - Stars: 2 - Forks: 0

open-crs/attack_surface_approximation

Module for discovering the attack surface of a vulnerable program 🤺

Language: Python - Size: 210 KB - Last synced at: 5 months ago - Pushed at: 5 months ago - Stars: 1 - Forks: 2

dhammon/Attess

Language: Python - Size: 31.3 KB - Last synced at: 2 months ago - Pushed at: 10 months ago - Stars: 0 - Forks: 0

magneticstain/ip-2-cloudresource

IP-2-CloudResource: a CLI tool for correlating a cloud IP address with its associated resources, with a focus on speed and ease-of-use.

Language: Go - Size: 9.84 MB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 0 - Forks: 0

otoriocyber/Util-EnumListeningProcesses

Identify and provide details on listening services in a Windows system

Language: PowerShell - Size: 22.5 KB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 0 - Forks: 0

Related Topics
security 12 security-tools 12 penetration-testing 10 pentesting 10 osint 10 reconnaissance 10 bugbounty 9 information-gathering 9 cybersecurity 8 pentest-tool 7 vulnerability-detection 7 recon 7 hacking-tools 6 hacking 6 pentest-scripts 6 hacking-tool 6 infosec 5 enumeration 5 bugbounty-tool 5 pentesting-tools 4 pentest-tools 4 security-scanner 3 aws 3 attack 3 subdomain-scanner 3 python 3 attack-surface-management 3 vulnerability-assessment 3 intelligence 3 vulnerability-scanner 3 cve-scanner 3 subdomains 3 subdomain-takeover 2 dast 2 hacktoberfest 2 asm 2 footprinting 2 cloud-security 2 vulnerability-scanners 2 penetration-testing-tools 2 bugbounty-platform 2 automated 2 osint-framework 2 dns 2 cloud 2 discovery 2 go 2 golang 2 attacksurface 2 asn 2 android 2 adb 2 security-audit 2 chiasmodon 2 cidr 2 credentials 2 email-enumeration 2 emails 2 intelligence-analysis 2 reconnaissance-framework 2 osint-tool 2 azuresecurity 1 cloudsecurity 1 gcp-security 1 azure-security 1 mitre-attack 1 ttps 1 security-hardening 1 cli 1 security-automation 1 sn1per 1 sn1per-professional 1 cve-scanning 1 directory-enumeration 1 dirlist 1 dns-enumeration 1 pentest 1 android-debug-bridge 1 minerva 1 pairing 1 amazonaws 1 api-documentation 1 blueteam 1 cobo-vault 1 security-engineer 1 subdomain-brute 1 cplusplus 1 gui 1 intelligence-gathering 1 qt 1 qt5 1 subdomain 1 subdomain-enumeration 1 attack-paths 1 aws-security 1 awssecurity 1 android-debug-tools 1 android-development 1 bash 1 vulnerability 1