Raccoon
HackVault
Raccoon | HackVault | |
---|---|---|
4 | 3 | |
2,993 | 1,876 | |
- | - | |
0.0 | 0.0 | |
over 1 year ago | over 1 year ago | |
Python | JavaScript | |
MIT License | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Raccoon
-
What paths are the most common ones to find the file system on a webserver. ?
add these in too https://github.com/evyatarmeged/Raccoon/blob/master/raccoon_src/wordlists/fuzzlist
-
I wrote a blazing fast subdomain enumerator! (100.000 domains checked under 10 minutes!)
This + Raccoon seems like it would be a great first recon scan.
- Finding “secret” directories on local servers
-
Automatic target scanning
There are also dir scanners like Raccoon, https://github.com/evyatarmeged/Raccoon
HackVault
- What are polyglots and how to use them as a pentester
- Stored XSS, without alert
-
Show HN: QuikPub – Write, Publish and Share rich text via short URLs
Definitely use a battle-tested HTML sanitization library if possible. There's a million different pitfalls and footguns with XSS. See: Some of the insane XSS polyglots out there that can be used for testing.
https://github.com/0xsobky/HackVault/wiki/Unleashing-an-Ulti...
What are some alternatives?
rapidscan - :new: The Multi-Tool Web Vulnerability Scanner.
rtnF - A web-based notetaking app. With WYSIWYG editor, support linking to other notes (wikilink), image paste support, basic formatting, autosave feature.
dirsearch - Web path scanner
object-tracking-js - Track an object as it moves in a video with no training
reconspider - 🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.
OwlMarble-Magic - D&D 5e spell parser and exporter for FoundryVTT.
recon - Enumerate a target Based off of Nmap Results
FDsploit - File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
peafl64 - Static Binary Instrumentation tool for Windows x64 executables
rengine - reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
skanuvaty - Dangerously fast DNS/network/port scanner
social-analyzer - API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites