gau
nuclei
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
gau
-
Pentesting Tools I Use Everyday
Learn more about gau here: https://github.com/lc/gau
- Please Help
- 2 open source tools to find subdomains (ft. HakLuke)
-
What should I look for when checking wayback urls when performing recon and analysis?
I see people use tools like gau and waybackurls when doing recon and analysis before a web app pentest, I am a complete beginner and most tutorials just explain how to install these tools but not why we want to use them or where we want to get using them.
-
How to search URLs exposed by Shortener services
Great :) Would be a great addition to tools like gau or waybackurls for people with an API key!
- Google pics and videos of hot ebony wife
nuclei
-
The 36 tools that SaaS can use to keep their product and data safe from criminal hackers (manual research)
Nuclei
- Show HN: Oneleet β Penetration Testing for SoC 2 and beyond
-
Looking for short-term, resource intensive tasks to throw at a cloud server
If you own any web properties, you can use https://github.com/projectdiscovery/nuclei running in a beefy VM to scan them for vulnerabilities. It will scale to use all available resources if you give it a big box.
-
Pentesting Tools I Use Everyday
Learn more about nuclei here: https://nuclei.projectdiscovery.io/
-
How I found 130+ Sub-domain Takeover vulnerabilities using Nuclei
Read about how I was able to find 136 Sub-domain Takeover vulnerabilities on a Single Target using the Nuclei tool πππClick Here - How I found 130+ Sub-domain Takeover vulnerabilities using Nuclei
-
How to develope a Network Vuln Scanner
Iβd look at flan and nmap and nuclei for inspiration.
-
Thoughts on Vuln scanning public facing websites/hosts during an incident?
Had an idea to leverage the community vuln scanner Nuclei (https://nuclei.projectdiscovery.io/) to just run a quick scan against the public facing hostname/IP. The job isn't supposed to be "hey you're vulnerable to xyz, but to aid in the discovering initial access. I believe this would be considered "good faith" and you're not technically be doing anything nefarious, but wanted to get the communities thoughts on this.
- Nuclei β Community Powered Vulnerability Scanner
-
Log4J Network Scanning/Detection on a 100k+ Node Network
Check out Nuclei (https://github.com/projectdiscovery/nuclei)
What are some alternatives?
waybackurls - Fetch all the URLs that the Wayback Machine knows about for a domain
jaeles - The Swiss Army knife for automated Web Application Testing
hakrawler - Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application
ZAP - The ZAP core project
goo.gl_abuse
SQLMap - Automatic SQL injection and database takeover tool
xurlfind3r - A command-line interface (CLI) based passive URLs discovery utility. It is designed to efficiently identify known URLs of given domains by tapping into a multitude of curated online passive sources.
ffuf - Fast web fuzzer written in Go
trivy - Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
RustScan - π€ The Modern Port Scanner π€
john - John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs
osmedeus - A Workflow Engine for Offensive Security