Penetration testing commands

NameDescriptionCodePriceTags
0d1nAutomate customized attacks against web applicationshttps://github.com/CoolerVoid/0d1nFreeweb_application_exploitation
230-OOBFTP server for OOB XXE attackshttps://github.com/lc/230-OOBFreeweb_application_exploitation
1u.mszero-configuration DNS utilities for assisting in detection and exploitation of SSRF-related vulnerabilitieshttps://github.com/neex/1u.msFreeweb_application_exploitation
AcunetixWeb application security scannerPaidweb_application_exploitation
API-fuzzerLibrary to fuzz request attributes using common pentesting techniques and lists vulnerabilitieshttps://github.com/Fuzzapi/API-fuzzerFreeweb_application_exploitation
clairvoyanceObtain GraphQL API schema even if the introspection is disabled by abusing the "did you mean" featurehttps://github.com/nikitastupin/clairvoyanceFreeweb_application_exploitation
CloudFruntScanner to identify misconfigured CloudFront domainshttps://github.com/MindPointGroup/cloudfruntFreeweb_application_exploitation
CMSeekCMS detection and exploitation suite; capable of detecting more than 180 CMShttps://github.com/Tuhinshubhra/CMSeeKFreeweb_application_exploitation
CMSScanWordpress, Drupal, Joomla, vBulletin CMS security scanner with dashboardhttps://github.com/ajinabraham/CMSScanFreeweb_application_exploitation
CrackQLGraphQL password brute-force and fuzzing utilityhttps://github.com/nicholasaleks/CrackQLFreeweb_application_exploitation
dirbusterWeb directory and file scanner (wordlist bruteforce)https://sourceforge.net/projects/dirbuster/Freeweb_application_exploitation
FockCacheTest Cache Poisoninghttps://github.com/tismayil/fockcacheFreeweb_application_exploitation
fuxploiderAutomates the process of detecting and exploiting file upload forms flawshttps://github.com/almandin/fuxploiderFreeweb_application_exploitation
ArachniWeb application security scanner frameworkhttps://github.com/Arachni/arachniFreeweb_application_exploitation
ArjunHTTP parameter discovery suitehttps://github.com/s0md3v/ArjunFreeweb_application_exploitation
AtlasTool that suggests sqlmap tampers to bypass WAF/IDS/IPS based on status codeshttps://github.com/m4ll0k/AtlasFreeweb_application_exploitation
b374kWebshell with many features: file manager, search, command execution, DB connection, SQL explorer, process listhttps://github.com/b374k/b374kFreeweb_application_exploitation
badsecretsA library for detecting known or weak cryptographic secrets across many web frameworkshttps://github.com/blacklanternsecurity/badsecretsFreeweb_application_exploitation
BFACBackup File Artifacts Checker; automated backup artifacts checkerhttps://github.com/mazen160/bfacFreeweb_application_exploitation
CaidoIntercepting proxy to replay, inject, scan and fuzz HTTP requests (a limited free version exists)Paidweb_application_exploitation
ChankroTool to bypass disable_functions and open_basedir in PHP by calling sendmail and setting LD_PRELOAD environment variablehttps://github.com/TarlogicSecurity/ChankroFreeweb_application_exploitation
ChopChopWeb application security scanner based on templateshttps://github.com/michelin/ChopChopFreeweb_application_exploitation
commixWeb-based command injection testerhttps://github.com/commixproject/commixFreeweb_application_exploitation
CSPassTest for CSP bypass payloadshttps://github.com/Ruulian/CSPassFreeweb_application_exploitation
drupwnDrupal CMS enumeration and exploitation toolhttps://github.com/immunIT/drupwnFreeweb_application_exploitation
dvcs-ripperDump web accessible (distributed) version control systems (DVCS/VCS): SVN, GIT, Mercurial/hg, Bazaar/bzr, …https://github.com/kost/dvcs-ripperFreeweb_application_exploitation
Enemies Of SymfonyLoots information from a Symfony target using profilerhttps://github.com/synacktiv/eosFreeweb_application_exploitation
EyeballerConvolutional neural network for analyzing pentest screenshots and automatically label themhttps://github.com/BishopFox/eyeballerFreeweb_application_exploitation
FavinizerFavicon fingerprintinghttps://web.archive.org/web/20230604114312/https://github.com/ARPSyndicate/favinizerFreeweb_application_exploitation
Flask Session Cookie Decoder/EncoderA script that let you encode and decode a Flask session cookiehttps://github.com/noraj/flask-session-cookie-managerFreeweb_application_exploitation
FuzzapiWeb-UI for API-fuzzerhttps://github.com/Fuzzapi/API-fuzzerFreeweb_application_exploitation
altairModular web vulnerability scannerhttps://github.com/evilsocket/altairFreeweb_application_exploitation
AquatoneDomain flyover tool; visual inspection of websites across a large amount of hosts and is convenient for quickly gaining an overview of HTTP-based attack surfacehttps://github.com/michenriksen/aquatoneFreeweb_application_exploitation
BaRMIeJava RMI enumeration and attack toolhttps://github.com/NickstaDB/BaRMIeFreeweb_application_exploitation
BlazyLogin page bruteforcer: CSRF, SQLi, Clickjacking, WAF detectionhttps://github.com/s0md3v/BlazyFreeweb_application_exploitation
Burp SuiteIntercepting proxy to replay, inject, scan and fuzz HTTP requests (a limited free version exists)Paidweb_application_exploitation
CansinaWeb directory and file scanner (wordlist bruteforce)https://github.com/deibit/cansina/Freeweb_application_exploitation
CSP EvaluatorCheck Content Security Policy (CSP) configuration and assists with the reviewing processhttps://github.com/google/csp-evaluatorFreeweb_application_exploitation
dirbWeb directory and file scanner (wordlist bruteforce)https://sourceforge.net/projects/dirb/Freeweb_application_exploitation
distributed-jwt-crackerHS256 JWT token distributed brute force crackerhttps://github.com/lmammino/distributed-jwt-crackerFreeweb_application_exploitation
docemUility to embed XXE and XSS payloads in docx, odt, pptx, etchttps://github.com/whitel1st/docemFreeweb_application_exploitation
DotDotPwnDirectory Traversal fuzzerhttps://github.com/wireghoul/dotdotpwnFreeweb_application_exploitation
DotGitWeb browser extension (Firefox and CHromium) checking if .git is exposed in visited websiteshttps://github.com/davtur19/DotGitFreeweb_application_exploitation
droopescanCMS scanner supporting SilverStripe and Wordpress, having partial support for Joomla, Moodle, Drupalhttps://github.com/droope/droopescanFreeweb_application_exploitation
dtd-finderIdentify DTDs on filesystem snapshot and build XXE payloads using those local DTDshttps://github.com/GoSecure/dtd-finderFreeweb_application_exploitation
DVCS-PillageDump web accessible (distributed) version control systems (DVCS/VCS): GIT, Mercurial/hg, Bazaar/bzr, …https://github.com/evilpacket/DVCS-PillageFreeweb_application_exploitation
Fav-upFavicon fingerprinting using Shodanhttps://github.com/pielco11/fav-upFreeweb_application_exploitation
FavFreakFavicon fingerprintinghttps://github.com/devanshbatham/FavFreakFreeweb_application_exploitation
FingerprinterCMS version detection toolhttps://github.com/erwanlr/FingerprinterFreeweb_application_exploitation
FireflyWeb directory and file scanner (wordlist bruteforce); but also a web fuzzerhttps://github.com/Brum3ns/fireflyFreeweb_application_exploitation
FuxiPenetration testing platform, automate some scan & attackhttps://github.com/jeffzh3ng/fuxiFreeweb_application_exploitation
AfuzzWeb directory and file scanner (wordlist bruteforce)https://github.com/RapidDNS/AfuzzFreeweb_application_exploitation
AssassinGoWeb pentest framework for information gathering and vulnerability scanninghttps://github.com/AmyangXYZ/AssassinGoFreeweb_application_exploitation
AstraREST API penetration testing toolhttps://github.com/flipkart-incubator/astraFreeweb_application_exploitation
BeeceptorHTTP request collector and inspectorPaidweb_application_exploitation
CharlesIntercepting proxy to replay, inject, scan and fuzz HTTP requestsPaidweb_application_exploitation
CMSmapWordPress, Joomla, Drupal, Moodle CMS security scannerhttps://github.com/Dionach/CMSmapFreeweb_application_exploitation
CSWSHCross-Site WebSocket Hijacking TesterFreeweb_application_exploitation
DalfoxXSS scanner and utility focused on automationhttps://github.com/hahwul/dalfoxFreeweb_application_exploitation
dirsearchWeb directory and file scanner (wordlist bruteforce)https://github.com/maurosoria/dirsearchFreeweb_application_exploitation
EyeWitnessTake screenshots of websites, provide some server header info, and identify default credentials if possiblehttps://github.com/FortyNorthSecurity/EyeWitnessFreeweb_application_exploitation
feroxbusterWeb directory and file scanner (wordlist bruteforce)https://github.com/epi052/feroxbusterFreeweb_application_exploitation
ffufWeb directory and file scanner (wordlist bruteforce); but also a web fuzzerhttps://github.com/ffuf/ffufFreeweb_application_exploitation
GhauriAutomatic SQL injection and database takeover; inspired by SQLmaphttps://github.com/r0oth3x49/ghauriFreeweb_application_exploitation
GitTools3 tools: Finder (find websites with .git repository exposed), Dumper (dump exposed .git), Extractor (extract commits and their content from a broken repository)https://github.com/internetwache/GitToolsFreeweb_application_exploitation
goopDump the contents of a remote git repository without directory listing enabled; focus on as-complete-as-possible dumps and handling as many edge-cases as possiblehttps://github.com/nyancrimew/goopFreeweb_application_exploitation
graphql-path-enumLists the different ways of reaching a given type in a GraphQL schemahttps://gitlab.com/dee-see/graphql-path-enumFreeweb_application_exploitation
graphql.securityRuns a dozen of security checks against a given GraphQL endpointFreeweb_application_exploitation
GraphQLmapScripting engine to interact with a graphql endpoint for pentesting purposeshttps://github.com/swisskyrepo/GraphQLmapFreeweb_application_exploitation
httpscreenshotTake screenshots of websiteshttps://github.com/breenmachine/httpscreenshotFreeweb_application_exploitation
InteractshHTTP request collector and inspector; OOB interaction gathering server and client library; DNS / HTTP / SMTP interaction supporthttps://github.com/projectdiscovery/interactshFreeweb_application_exploitation
jwt-hackA toolkit for JWT tokens security testinghttps://github.com/hahwul/jwt-hackFreeweb_application_exploitation
LFI FreakLFI scan and exploit toolhttps://github.com/OsandaMalith/LFiFreak/Freeweb_application_exploitation
LinkFinderFind URL endpoints and their parameters in JavaScript fileshttps://github.com/GerbenJavado/LinkFinderFreeweb_application_exploitation
NoSQLMapAutomated NoSQL database enumeration and web application exploitation toolhttps://github.com/codingo/NoSQLMapFreeweb_application_exploitation
OWASP JoomScanJoomla vulnerability scannerhttps://github.com/rezasp/joomscanFreeweb_application_exploitation
gowitnessTake screenshots of websiteshttps://github.com/sensepost/gowitnessFreeweb_application_exploitation
GraphCrawlerGraphQL automated security testinghttps://github.com/gsmith257-cyber/GraphCrawlerFreeweb_application_exploitation
GraphQL VoyagerRepresent any GraphQL API as an interactive graphhttps://github.com/IvanGoncharov/graphql-voyagerFreeweb_application_exploitation
GraphManScaffold a postman collection for a GraphQL API; compatible with Postman and Insomniahttps://github.com/Escape-Technologies/graphmanFreeweb_application_exploitation
Guppy ProxyGUI HTTP intercepting proxy based on Pappy Proxyhttps://github.com/roglew/guppy-proxyFreeweb_application_exploitation
headerpwnFuzzer for analyzing how servers respond to different HTTP headershttps://github.com/roglew/guppy-proxyFreeweb_application_exploitation
HettyHTTP toolkit for security research; alternative to BurpSuitehttps://github.com/dstotijn/hettyFreeweb_application_exploitation
HookbinHTTP request collector and inspectorhttps://github.com/ssteveli/hookbinFreeweb_application_exploitation
http-gardenDifferential testing and fuzzing of HTTP servers and proxieshttps://github.com/narfindustries/http-gardenFreeweb_application_exploitation
httpxMulti-purpose HTTP toolkit allows to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threadshttps://github.com/projectdiscovery/httpxFreeweb_application_exploitation
Intrigue CoreFramework for discovering attack surfacehttps://github.com/intrigueio/intrigue-coreFreeweb_application_exploitation
JASTTake screenshots of websiteshttps://github.com/mikehacksthings/jastFreeweb_application_exploitation
LiffyLFI exploitation toolhttps://github.com/mzfr/liffyFreeweb_application_exploitation
LightBulbFramework for auditing web application firewalls and filtershttps://github.com/lightbulb-framework/lightbulb-frameworkFreeweb_application_exploitation
LulzbusterWeb directory and file scanner (wordlist bruteforce)https://github.com/noptrix/lulzbusterFreeweb_application_exploitation
NetsparkerWeb application security scannerPaidweb_application_exploitation
Nosql-Exploitation-FrameworkNoSQL scanning and exploitation frameworkhttps://github.com/torque59/Nosql-Exploitation-FrameworkFreeweb_application_exploitation
NtHiMNow, the Host is Mine!; sub-domain takeover detectionhttps://github.com/TheBinitGhimire/NtHiMFreeweb_application_exploitation
oxml_xxeTool for embedding XXE/XML exploits into different filetypes (docx/xlsx, odt/ods, svg, xml, etc.)https://github.com/BuffaloWill/oxml_xxeFreeweb_application_exploitation
git-dumperDump the contents of a remote git repository without directory listing enabledhttps://github.com/arthaud/git-dumperFreeweb_application_exploitation
GobusterWeb directory, file and DNS scanner (wordlist bruteforce)https://github.com/OJ/gobusterFreeweb_application_exploitation
HUNTHUNT Suite is a collection of Burp Suite Pro/Free and OWASP ZAP extensionshttps://github.com/bugcrowd/HUNTFreeweb_application_exploitation
InQLGraphQL security audithttps://github.com/doyensec/inqlFreeweb_application_exploitation
IronWASPWeb security/vulnerability scanner (native for Windows only)https://github.com/Lavakumar/IronWASPFreeweb_application_exploitation
JaelesFramework for building your own Web Application Scannerhttps://github.com/jaeles-project/jaelesFreeweb_application_exploitation
JSONBeeJSONP endpoints/payloads to help bypass content security policy of different websiteshttps://github.com/zigoo0/JSONBeeFreeweb_application_exploitation
jwt-crackerHS256 JWT token brute force crackerhttps://github.com/lmammino/jwt-crackerFreeweb_application_exploitation
jwt_toolA toolkit for validating, forging and cracking JWT tokenshttps://github.com/ticarpi/jwt_toolFreeweb_application_exploitation
KrakenModular multi-language webshell focused on web post-exploitation and defense evasion; supports PHP, JSP and ASPXhttps://github.com/kraken-ng/KrakenFreeweb_application_exploitation
LFI SuiteAutomatic LFI scanner and exploiterhttps://github.com/D35m0nd142/LFISuiteFreeweb_application_exploitation
mitmproxyInteractive HTTPS proxyhttps://github.com/mitmproxy/mitmproxyFreeweb_application_exploitation
niktoVery light web security scannerhttps://github.com/sullo/niktoFreeweb_application_exploitation
NucleiWeb application security scanner based on templateshttps://github.com/projectdiscovery/nucleiFreeweb_application_exploitation
PanopticAutomatic LFI and Path Traversal exploitation toolhttps://github.com/lightos/PanopticFreeweb_application_exploitation
git-dumpDump the contents of a remote git repository without directory listing enabledhttps://github.com/bahamas10/node-git-dumpFreeweb_application_exploitation
gofingerprintIndentify web servers by checking their HTTP responses against a user defined list of fingerprintshttps://github.com/Static-Flow/gofingerprintFreeweb_application_exploitation
GopherusGenerates gopher link for exploiting SSRF and gaining RCE access from unprotected serviceshttps://github.com/tarunkant/GopherusFreeweb_application_exploitation
GraphicatorGraphQL enumeration and extractionhttps://github.com/cybervelia/graphicatorFreeweb_application_exploitation
GraphinderGraphQL endpoints finder using subdomain enumeration, scripts analysis and bruteforcehttps://github.com/Escape-Technologies/graphinderFreeweb_application_exploitation
GraphQL CopRun common security tests against GraphQLhttps://github.com/dolevf/graphql-copFreeweb_application_exploitation
graphw00fGraphQL server engine fingerprintinghttps://github.com/dolevf/graphw00fFreeweb_application_exploitation
JWT crackerMulti-threaded JWT brute-force crackerhttps://github.com/brendan-rius/c-jwt-crackerFreeweb_application_exploitation
jwtcatJWT brute-force crackerhttps://github.com/AresS31/jwtcatFreeweb_application_exploitation
KatanaCrawling and spidering framework, supporting headless mode, JavaScript, customizable automatic form filling and scope controlhttps://github.com/projectdiscovery/katanaFreeweb_application_exploitation
KadimusLFI, RFI, RCE scannerhttps://github.com/P0cL4bs/KadimusFreeweb_application_exploitation
MalzillaWeb oriented deobfuscating toolhttps://sourceforge.net/projects/malzilla/Freeweb_application_exploitation
MockbinHTTP request collector and inspectorhttps://github.com/Kong/mockbinFreeweb_application_exploitation
monsoonWeb directory and file scanner (wordlist bruteforce)https://github.com/RedTeamPentesting/monsoonFreeweb_application_exploitation
MyJWTA toolkit for signing, forging and cracking JWT tokenshttps://github.com/tyki6/MyJWTFreeweb_application_exploitation
otoriOn The Outside, Reaching In, exploitation toolbox for XXE attacksFreeweb_application_exploitation
OWASP ZAPOWASP Zed Attack Proxy, intercepting proxy to replay, inject, scan and fuzz HTTP requestshttps://github.com/zaproxy/zaproxyFreeweb_application_exploitation
Pappy ProxyProxy Attack Proxy ProxY, HTTP intercepting proxyhttps://github.com/roglew/pappy-proxyFreeweb_application_exploitation
ParamSpiderFinds parameters from web archives of the entered domainhttps://github.com/devanshbatham/ParamSpiderFreeweb_application_exploitation
PeepingTomTake screenshots of websiteshttps://bitbucket.org/LaNMaSteR53/peepingtom/Freeweb_application_exploitation
Portswigger Labs InspectorJavascript expression evaluator and inspectorFreeweb_application_exploitation
PowerUpSQLToolkit for attacking MS SQL Server, discovery, configuration auditing, privilege escalation, post exploitationhttps://github.com/NetSPI/PowerUpSQLFreeweb_application_exploitation
secureCodeBoxContinuous security scans based on kubernetes; orchestrate and automate a bunch of security-testing toolshttps://github.com/secureCodeBox/secureCodeBoxFreeweb_application_exploitation
ShapeShifterGraphQL schema extraction to JSON file with introspectionhttps://github.com/szski/shapeshifterFreeweb_application_exploitation
snallygasterWeb scanner that looks for files accessible on web servers that shouldn't be publichttps://github.com/hannob/snallygasterFreeweb_application_exploitation
SQLivSQL injection scanner, find vulnerable entry pointshttps://github.com/Hadesy2k/sqlivFreeweb_application_exploitation
SSRF ProxyFacilitates tunneling HTTP communications through servers vulnerable to SSRFhttps://github.com/bcoles/ssrf_proxyFreeweb_application_exploitation
SSRFmapAutomatic SSRF fuzzer and exploitation toolhttps://github.com/swisskyrepo/SSRFmapFreeweb_application_exploitation
SurfEscalate SSRF vulnerabilities on modern cloud environments, enumerate reachable hostshttps://github.com/assetnote/surfFreeweb_application_exploitation
testssl.shTLS/SSL scanner to find weak ciphers, protocols or flawshttps://github.com/drwetter/testssl.sh/Freeweb_application_exploitation
VOOKIWindows only web application and REST API vulnerability scannerFreeweb_application_exploitation
w3afWeb application attack and audit framework, web-oriented security scannerhttps://github.com/andresriancho/w3afFreeweb_application_exploitation
WAScanWeb application security scannerhttps://github.com/m4ll0k/WAScanFreeweb_application_exploitation
WfuzzWeb directory and file scanner (wordlist bruteforce); but also a web fuzzerhttps://github.com/xmendez/wfuzz/Freeweb_application_exploitation
PHPGGCPHP Generic Gadget Chains, library of unserialize() payloads along with a tool to generate them, supporting various PHP frameworkshttps://github.com/ambionics/phpggcFreeweb_application_exploitation
RequestBinHTTP request collector and inspectorhttps://github.com/Runscope/requestbinFreeweb_application_exploitation
RequestCatcherHTTP request collector and inspectorhttps://github.com/jbowens/request-catcherFreeweb_application_exploitation
ScoutWeb directory and file scanner (wordlist bruteforce)https://github.com/liamg/scoutFreeweb_application_exploitation
See-SURFSSRF scanner to find entry pointshttps://github.com/In3tinct/See-SURFFreeweb_application_exploitation
SitadelWeb application security scanner, rewrite and newer version of WAScanhttps://github.com/shenril/SitadelFreeweb_application_exploitation
TLS mapCLI & library for mapping TLS cipher algorithm names: IANA, OpenSSL, GnUTLS, NSShttps://github.com/sec-it/tls-mapFreeweb_application_exploitation
TracyTool that help to manually find XSShttps://github.com/nccgroup/tracyFreeweb_application_exploitation
tplmapSSTI and code injection detection and exploitation toolhttps://github.com/epinna/tplmapFreeweb_application_exploitation
UniscanRFI, LFi and RCE scannerhttps://sourceforge.net/projects/uniscan/Freeweb_application_exploitation
vafWeb directory and file scanner (wordlist bruteforce); but also a web fuzzerhttps://github.com/d4rckh/vafFreeweb_application_exploitation
VegaMulti-platform web scanner and intercepting proxyhttps://github.com/subgraph/VegaFreeweb_application_exploitation
WAFNinjaWAF bypassing toolhttps://github.com/khalilbijjou/WAFNinjaFreeweb_application_exploitation
webanalyzePort of Wappalyzer (uncovers technologies used on websites) to automate mass scanninghttps://github.com/rverton/webanalyzeFreeweb_application_exploitation
Webhook TesterHTTP request collector and inspectorhttps://github.com/fredsted/webhook.siteFreeweb_application_exploitation
What CMSService able to detect more than 430 CMS, find version used for some CMS, has an API for batch detectionFreeweb_application_exploitation
ppfuzzScan for client-side prototype pollutionhttps://github.com/dwisiswant0/ppfuzzFreeweb_application_exploitation
RabidCLI tool and library allowing to simply decode all kind of BigIP cookieshttps://github.com/noraj/rabidFreeweb_application_exploitation
Rogue JNDIA malicious LDAP server for JNDI injection attackshttps://github.com/veracode-research/rogue-jndiFreeweb_application_exploitation
Retire.jsScanner detecting the use of JavaScript libraries with known vulnerabilitieshttps://github.com/retirejs/retire.jsFreeweb_application_exploitation
ronin-vulnsTests URLs for Local File Inclusion (LFI), Remote File Inclusion (RFI), SQL injection (SQLi), Cross Site Scripting (XSS), Server Side Template Injection (SSTI), and Open Redirectshttps://github.com/ronin-ruby/ronin-vulnsFreeweb_application_exploitation
rustbusterWeb directory, file and DNS scanner (wordlist bruteforce); but also a web fuzzerhttps://github.com/phra/rustbusterFreeweb_application_exploitation
Session Hijacking Visual ExploitationHijack user sessions by injecting malicious JavaScript codehttps://github.com/doyensec/Session-Hijacking-Visual-Exploitation/Freeweb_application_exploitation
Simple Local File Inclusion ExploiterLFI exploit toolhttps://packetstormsecurity.com/files/download/96056/lfi_sploiter.py.txtFreeweb_application_exploitation
sjSwagger Jacker; audit API endpoints defined in exposed (Swagger/OpenAPI) definition fileshttps://github.com/BishopFox/sjFreeweb_application_exploitation
sslscan2Tests SSL/TLS enabled services to discover supported cipher suiteshttps://github.com/rbsec/sslscanFreeweb_application_exploitation
toxssinXSS exploitation command-line interface and payload generatorhttps://github.com/t3l3machus/toxssinFreeweb_application_exploitation
Typo3ScanEnumerate Typo3 version and extensionshttps://github.com/whoot/Typo3ScanFreeweb_application_exploitation
V3n0MWeb dork and vulnerability scannerhttps://github.com/v3n0m-Scanner/V3n0M-ScannerFreeweb_application_exploitation
wapitiWeb-oriented vulnerability scanner, can generates reportshttps://sourceforge.net/projects/wapiti/Freeweb_application_exploitation
WeevelyWeb shell for post-exploitation working with a PHP agenthttps://github.com/epinna/weevely3Freeweb_application_exploitation
paramethHTTP parameter discovery suitehttps://github.com/maK-/paramethFreeweb_application_exploitation
ParosIntercepting proxy to replay, inject, scan and fuzz HTTP requestshttps://sourceforge.net/projects/paros/Freeweb_application_exploitation
PinkertonCrawl JavaScript file to find secrethttps://github.com/oppsec/PinkertonFreeweb_application_exploitation
pphackClient-side prototype pollution scannerhttps://github.com/edoardottt/pphackFreeweb_application_exploitation
Request InspectorHTTP request collector and inspectorFreeweb_application_exploitation
SleuthQLTool that parses Burp history to discover potential SQL injection points and prepare SQLmap request fileshttps://github.com/RhinoSecurityLabs/SleuthQLFreeweb_application_exploitation
SmugglerHTTP request smuggling, desync testinghttps://github.com/defparam/smugglerFreeweb_application_exploitation
spidrWeb spidering library that can spider a site, multiple domains, certain links or infinitelyhttps://github.com/postmodern/spidrFreeweb_application_exploitation
sqlmapAutomatic SQL injection and database takeoverhttps://github.com/sqlmapproject/sqlmapFreeweb_application_exploitation
SqliSniperTime-based blind SQL injection fuzzer for HTTP headershttps://github.com/danialhalo/SqliSniperFreeweb_application_exploitation
ssllabs-scanCLI reference-implementation client for Qualys SSL Labs APIs, designed for automated and/or bulk testinghttps://github.com/ssllabs/ssllabs-scan/Freeweb_application_exploitation
SSLyzeSSL analysis library and a CLI toolshttps://github.com/nabla-c0d3/sslyzeFreeweb_application_exploitation
SSRF SheriffGenereate custom endpoint to test SSRF; support any HTTP method, content-specific responses, configurable secret tokenhttps://github.com/teknogeek/ssrf-sheriffFreeweb_application_exploitation
STEWSSecurity Testing and Enumeration of WebSockets; tool suite for security testing WebSockets: discover endpoints, fingerprint server, detect vulnerabilitieshttps://github.com/PalindromeLabs/STEWSFreeweb_application_exploitation
TIDoS FrameworkComprehensive web-app audit frameworkhttps://github.com/theInfectedDrake/TIDoS-FrameworkFreeweb_application_exploitation
TrashCompactorRemove URLs with duplicate funcionality based on script resources includedhttps://github.com/michael1026/trashcompactorFreeweb_application_exploitation
WappaGoWeb technologies detection; assemble different features from HTTPX, Naabu, GoWitness and Wappalyzerhttps://github.com/EasyRecon/wappaGoFreeweb_application_exploitation
WhatWebWeb scanner, recognises web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices, also identifies version numbers, email addresses, account IDs, web framework modules, SQL errors, and more; more than 1800 pluginshttps://github.com/urbanadventurer/WhatWebFreeweb_application_exploitation
wiktoNikto for Windows; web security scannerhttps://github.com/sensepost/wiktoFreeweb_application_exploitation
wrapwrapGenerates a php://filter chain that adds a prefix and a suffix to the contents of a filehttps://github.com/ambionics/wrapwrapFreeweb_application_exploitation
xnLinkFinderDiscover endpoints and potential parameters for a given targethttps://github.com/xnl-h4ck3r/xnLinkFinderFreeweb_application_exploitation
XSS'ORMulti-purpose tool for XSS or JavaScript analysishttps://github.com/evilcos/xssorFreeweb_application_exploitation
XSS'OR 2Multi-purpose tool for XSS or JavaScript analysishttps://github.com/evilcos/xssor2Freeweb_application_exploitation
xxxpwn_smartXPath injection tool, fork of xxxpwn adding further optimizations and tweaks, uses predictive text based on a dictionary of words/phrases vs frequencies of occurrencehttps://github.com/aayla-secura/xxxpwn_smartFreeweb_application_exploitation
YASUOScans for vulnerable & exploitable 3rd-party web applicationshttps://github.com/0xsauby/yasuoFreeweb_application_exploitation