#Attack-surface
Showing 21 of 21 repositories tagged #attack-surface, ranked by stars
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
Automated penetration testing & attack surface management platform. Recon, scan, exploit, report β 600+ exploits, 90+ integrations, 10K+ detections.
Quickly discover exposed hosts on the internet using multiple search engines.
OWASP Web Recon & Directory Discovery Platform
the blazing-fast pentesting suite.
OSINT Template Engine
jshunter is a command-line tool designed for analyzing JavaScript files and extracting endpoints. This tool specializes in identifying sensitive data, such as API endpoints and potential security vulnerabilities, making it an essential resource for and bug bounty hunters and security researchers.
Find cloud assets that no one wants exposed π βοΈ
Scan 30+ AWS services. Find cost waste. Detect security gaps. Map your attack surface. One command.
WebStor efficiently enumerates all websites across your organizationβs networks and those in your DNS records - including cloud-hosted servers via zone transfer data - stores their responses, and lets you query for known web technologies, including those with zero-day vulnerabilities.
βοΈ Curated Cloud OSINT resources β dorks, tools, and techniques for AWS, Azure, GCP, Oracle Cloud, and other major providers reconnaissance
API discovery tool that maps attack surfaces from captured traffic and generates specs for REST, GraphQL, SOAP, and WebSocket APIs
Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty
Site-Scanner - Web application vulnerability assessment tool.
Find and govern AI attack surfaces in application code at PR time. Free, OSS, runs offline.
Minimal web server enumeration & attack surface detection tool based on results of nmap.
Passive recon & attack surface mapper β zero requests sent
OSINT intelligence MCP server for AI agents β 37 tools, 12 sources. Shodan, VirusTotal, Censys, SecurityTrails, DNS reconnaissance, WHOIS, certificate transparency, BGP routing, Wayback Machine, GeoIP. Automated open source intelligence and attack surface mapping via Model Context Protocol.
Pen Hunter is a comprehensive vulnerability scanning tool designed for penetration testers, security researchers and bug bounties. it automates the process of collecting subdomains and URLs and tests them for various vulnerabilities including XSS, SQL Injection, Local File Inclusion, Open Redirect, Server-Side Request Forgery, CSRF, and RCE.
Simple ADB toolkit to penetrate Android device using Android Debug Bridge with over 35 features.
This script automates the reconnaissance and penetration testing process for a given target.