faraday
dnstwist
Our great sponsors
| faraday | dnstwist | |
|---|---|---|
| 8 | 23 | |
| 4,600 | 4,535 | |
| 2.2% | - | |
| 5.0 | 7.8 | |
| 20 days ago | 22 days ago | |
| Python | Python | |
| GNU General Public License v3.0 only | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
faraday
-
Penetration Testing Report
or you can also use our open source version: https://github.com/infobyte/faraday
-
Vulnerability Scanner
you can try www.faradaysec.com to manage and automate scans of different tools
-
How does the periodic cyber security report should look like?
maybe you could try Faraday (www.faradaysec.com), you can import your tools and generate reports
-
Merge vulnerability discoveries with manual vulnerability assessment
We produce a platform to do basically all of this, we even have an Open Source tier that might cover most of your needs. Check faraday if it fits your bill. Reporting capabilities, integration with ticketing systems such as JIRA, ServiceNow and Gitlab are in our paid tier.
-
What vulnerability management tool for modern DevSecOps?
We just released the new community version of faraday, I think we cover most of your workflow needs. We are also releasing a number of new plugins, like prowler and trivy in the next few days.
-
Recommendation for Vulnerability Management Solution
Faraday: https://github.com/infobyte/faraday
-
django-DefectDojo VS faraday - a user suggested alternative
2 projects | 5 Apr 2022
Similar product
-
Awesome Penetration Testing
Faraday - Multiuser integrated pentesting environment for red teams performing cooperative penetration tests, security audits, and risk assessments.
dnstwist
- Have I Been Squatted?
-
Domain Permutation - HaveIBeenSquatted & dnstwist
I recently stumbled upon 2 cool domain permutation tools: HIBS & dnstwist
-
Accounting got phished. Paid out big bucks
https://dnstwist.it/ - check your domain now
-
Phishing campaign defence advice
You can hunt down evil twin domains with https://dnstwist.it/
- adjacent domain names
- Alternative To Domain Tools
-
Typosquatting list
I periodically run dnstwist and add whatever it finds to our block list.
- List of 26 services for OSINT | BLUE TEAMS | RED TEAMS
-
God damn. In situations like this how can I detect the fake one? This is truly scary.
Pi-hole (with every reasonable blocklist I can find) protects me from many of these domains. NextDNS would be another option for DNS-based blocking for people who don't want to administer it themselves. I also plan to use DNSTwist to generate additional blocklists for typo-based phishing that I can plug into the Pi-hole for important sites.
- Google Search Ads showing fake bitwarden web vault site as top result.
What are some alternatives?
django-DefectDojo - DevSecOps, ASPM, Vulnerability Management. All on one platform.
dnschef - DNSChef - DNS proxy for Penetration Testers and Malware Analysts
opencve - CVE Alerting Platform
opensquat - The openSquat is an open-source tool for detecting domain look-alikes by searching for newly registered domains that might be impersonating legit domains.
Metasploit - Metasploit Framework
urlcrazy - Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.
cervantes - Cervantes is an open-source, collaborative platform designed specifically for pentesters and red teams. It serves as a comprehensive management tool, streamlining the organization of projects, clients, vulnerabilities, and reports in a single, centralized location.
octoDNS - Tools for managing DNS across multiple providers
evilgrade - Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates.
amass - In-depth attack surface mapping and asset discovery
WebMap - WebMap-Nmap Web Dashboard and Reporting
WhatBreach - OSINT tool to find breached emails, databases, pastes, and relevant information