GraphCrawler
spiderfoot
GraphCrawler | spiderfoot | |
---|---|---|
7 | 19 | |
288 | 11,842 | |
- | - | |
3.4 | 4.8 | |
3 months ago | 24 days ago | |
Python | Python | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
GraphCrawler
- GraphCrawler: GraphQL automated security testing toolkit
-
BIG update out for GraphCrawler - GraphQL automated security testing.
You all loved it before but it just got better. Now in version 1.2 just point GraphCrawler at a domain and it will search for subdomains and then GraphQL endpoints on those subdomains for you! After that it will run just like before and do a security assessment on each one. It literally does it all for you now. Check it out! GraphCrawler
-
Automated toolkit for testing GraphQL endpoints.
Hey everyone, for y’all interested in GraphQL security I’ve released a big update to my tool GraphCrawler. It will do literally everything for you when checking out an endpoint for misconfigurations and exposures. Hope y’all like it! And if you do plz star it! GraphCrawler
-
Best GraphQL pentesting tool
Just released my biggest update yet for GraphCrawler! It is now the most powerful GraphQL endpoint security tool out there and I’m working on making it better. Please give it a star if you like it. I hope it makes y’all’s lives easier GraphCrawler
-
New GraphQL pentest tool
Hey, I just released a new version of GraphCrawler and this new version combines it with Clairvoyance and GraphQL-path-enum, to make it the most powerful GraphQL endpoint security tool. If there is anything for a foothold it will find it and help you exploit it by giving you attack paths. Give it a look here: GraphCrawler
-
Pentesting and bug bounty tool for GraphQL
Hey again, I posted about this tool before but there’s been a pretty big update to it and now it includes Clairvoyance and graphql-path-enum built into it. It is the all in one GraphQL pentesting tool. Hope y’all enjoy! GraphCrawler
- GraphQL Automated Vulnerability Scanner
spiderfoot
-
piece of software to find /crawl information about yourself?
I’d suggest Spiderfoot.
- Hey. How does one find out everything related to a certain e-mail adress? on which sites it has an account registered and stuff like that? im totally new to this. thanks!!!
- Whats that website employers can use to find all the sites your email address was used?
-
What are your preferred OSINT tools?
the most complete and best at present https://www.spiderfoot.net
-
Social media
Spiderfoot is good https://github.com/smicallef/spiderfoot
-
About OSINT Search Engine
Have you tried SpiderFoot. Let it run for a day and you will be amazed at the findings! https://www.spiderfoot.net/
- SpiderFoot 4.0 release - introducing YAML correlation rules
-
Serach engines for hackers - updated
https://www.spiderfoot.net/ - open-source reconnaissance tool available for Linux and Windows
-
A new free, open source, cross platform OSINT Tool
Mostly by researching the OSINT sources that other open source project pulls data from e.g amass, spiderfoot, the Harvetser etc
-
OSINT Tools
try this tool https://www.spiderfoot.net/
What are some alternatives?
theHarvester - E-mails, subdomains and names Harvester - OSINT
amass - In-depth attack surface mapping and asset discovery
Sublist3r - Fast subdomains enumeration tool for penetration testers
Go-MISPFeedGenerator - Golang implementation of PyMISP-feedgenerator
deepdarkCTI - Collection of Cyber Threat Intelligence sources from the deep and dark web
OSINT-Framework - OSINT Framework
rengine - reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
wappalyzer - Identify technology on websites.
Sudomy - Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Wazuh - Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
lynis - Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
SQLMap - Automatic SQL injection and database takeover tool