#Enumeration
Showing 60 of 143 repositories tagged #enumeration, ranked by stars
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
In-depth attack surface mapping and asset discovery
Web path scanner
Tools and Techniques for Red Team / Penetration Testing
A fast, simple, recursive content discovery tool written in Rust.
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Monitor linux processes without root permissions
A high performance offensive security tool for reconnaissance and vulnerability scanning
Automated NoSQL database enumeration and web application exploitation tool.
A collection of custom security tools for quick needs.
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
๐ต๏ธโโ๏ธ (2-in-1) Email & Username OSINT suite for deep data extraction. Analyzes 290+ scan vectors (105+ email / 185+ username) for security research, investigations, and digital footprinting.
A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
linWinPwn is a bash script that streamlines the use of a number of Active Directory tools
:new: The Multi-Tool Web Vulnerability Scanner.
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.
LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping
Security Tool to Look For Interesting Files in S3 Buckets
Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Red Team Cheatsheet in constant expansion.
Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration
๐ป Certified ethical hacker summary in bullet points
Port of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.
Username enumeration and password spraying tool aimed at Microsoft O365.
Subdomain and target enumeration tool built for offensive security testing
A fast WordPress plugin enumeration tool
graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.
Work in progress...
Everything needed for doing CTFs
Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
Multi Tool Subdomain Enumeration
kernel privilege escalation enumeration and exploitation framework
Python 3.5+ DNS asynchronous brute force utility
A rapid API for the Project Sonar dataset
Collection of PowerShell functions a Red Teamer may use in an engagement
Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports.
Enumerate information from NTLM authentication enabled web endpoints ๐
Quietly enumerate an Active Directory Domain via LDAP parsing users, admins, groups, etc.
Active Directory pentesting tool for Linux. Automated Kerberoasting, AS-REP Roasting, ADCS/ESC exploitation, DCSync, BloodHound integration, and 40+ AD attack paths. ENS Alto / NIS2 / ISO 27001 compliance reports. No Windows required.
Python code snippets from Discrete Mathematics for Computer Science specialization at Coursera
Modern alternative to dirbuster/dirb
Spray365 makes spraying Microsoft accounts (Office 365 / Azure AD) easy through its customizable two-step password spraying approach. The built-in execution plan features options that attempt to bypass Azure Smart Lockout and insecure conditional access policies.
A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life
Generate tens of thousands of subdomain combinations in a matter of seconds
File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Intelligence and Reconnaissance Package/Bundle installer.
an asynchronous target enumeration tool
Perform automated network reconnaissance scans
Automatic Service Enumeration Script
Information Gatherer & Webapps Exploiter
Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Filter and enrich a list of subdomains by level
Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
SMTP user enumeration via VRFY, EXPN and RCPT with clever timeout, retry and reconnect functionality.
Make URL path combinations using a wordlist
Using this script, you can enumerate Usernames and passwords of Nosql(mongodb) injecion vulnerable web applications.
An in-depth guide to help people who are new to penetration testing or red teaming and are looking to gain an overview of the penetration testing process. This guide will focus on both the penetration testing and red team process and contain detailed information.
A Tool that Finds, Enumerates, and Exploits Reolink Cameras.
This repository contains writeups for various CTFs I've participated in (Including Hack The Box).