The step of search tools for Bug Bounties and Pentest can be very time-consuming. Thinking about it, I decided to create this repo with all the tools I use most in my day.
A collection of tools for hackers, pentesters & security researchers.
Your contributions are always welcome !
| Repository | Description |
|---|---|
| Nmap | Nmap ("Network Mapper") is a free and open source (license) utility for network discovery and security auditing. |
| assetfinder | Find domains and subdomains potentially related to a given domain. |
| Subfinder | Subfinder is a subdomain discovery tool that discovers valid subdomains for websites by using passive online sources. It has a simple modular architecture and is optimized for speed. subfinder is built for doing one thing only - passive subdomain enumeration, and it does that very well. |
| Findomain | The complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, subdomain monitoring, alerts via Discord, Slack and Telegram, multiple API Keys for sources and much more. |
| Amass | The OWASP Amass Project performs network mapping of attack surfaces and external asset discovery using open source information gathering and active reconnaissance techniques. |
| shuffleDNS | MassDNS wrapper written in go that allows you to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard handling and easy input-output support. |
| Gobuster | Gobuster is a tool used to brute-force URIs, DNS, Virtual Host names on target web servers, Open Amazon S3 buckets. |
| ParamSpider | Mining parameters from dark corners of Web Archives. |
| gau | Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl. |
| Repository | Description |
|---|---|
| Shodan.io | Shodan is the world's first search engine for Internet-connected devices. Discover how Internet intelligence can help you make better decisions. |
| SecurityTrails | Robust APIs & Data Services for Security Teams. |
| Chaos. | We actively collect and maintain internet-wide assets' data, this project is meant to enhance research and analyse changes around DNS for better insights. |
| Repository | Description |
|---|---|
| ReconNess | ReconNess helps you to run and keep all your #recon in the same place allowing you to focus only on the potentially vulnerable targets without distraction and without required a lot of bash skill or programing skill in general. |
| Repository | Description |
|---|---|
| Storm-Breaker | Tool social engineering [Access Webcam & Microphone & Os Password Grabber & Location Finder] With Ngrok |
| BlackPhish | 🔱 [ Phishing Made Easy ] 🔱 (In Beta) |
| Repository | Description |
|---|---|
| caicai.py | This is a simple Port Flooder written in Python 3. Use this tool to quickly stress test your network devices and measure your router's or server's load. |
Hacking-Tools was entirely coded with ❤ by @juliocarneiro and it is released under the MIT license.
If you liked my job and want to support me in some way, buy me a coffee 😁
