DIMOOON's starred repositories
BlackWidow
A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
BurpBounty
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
WebHackersWeapons
⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
malicious-pdf
💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
VhostFinder
Identify virtual hosts by similarity comparison
Web-Cache-Vulnerability-Scanner
Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).
breach-parse
A tool for parsing breached passwords
cookiemonster
🍪 CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.
rayder-workflows
Repo for hosting rayder workflows
ChromeAudit
Nuclei plugins to audit Chrome extensions
cent-nuclei-templates
Cent Nuclei Templates generated through the cent tool. Maintained by HackerWhite.
jaeles-signatures
Default signature for Jaeles Scanner
HEDnsExtractor
A suite for hunting suspicious targets, expose domains and phishing discovery
Masscan2Httpx2Nuclei-Xray
masscan全端口扫描==>httpx探测WEB服务==>nuclei&xray漏洞扫描
bucket-finder
Reads in a list of domains or subdomains and crawls them for references to S3 buckets
frida-interception-and-unpinning
Frida scripts to directly MitM all HTTPS traffic from a target mobile application