Category

Truffle Security provides open-source and enterprise solutions for detecting and remediating leaked keys and credentials across the SDLC.

WAFW00F identifies and fingerprints Web Application Firewall (WAF) products protecting a website using various detection methods.

WPScan is a vulnerability database and security scanner for WordPress, helping users identify and address security risks in their WP sites.

XSStrike is an advanced XSS detection suite with intelligent payload generation, fuzzing engine, and fast crawler for web security.

ffuf is a fast web fuzzer written in Go, designed for content discovery and web application security testing.

httpx is a fast and multi-purpose HTTP toolkit for reconnaissance, probing, and information gathering with retries and backoffs.

objection is a runtime mobile exploration toolkit for assessing mobile app security posture without needing a jailbreak.

reNgine is an automated web reconnaissance framework streamlining the recon process for security professionals and bug bounty hunters.

reconFTW automates reconnaissance, subdomain enumeration, and vulnerability checks, providing comprehensive target information.

shcheck is a tool to check security headers of a website, reporting which are enabled and which are not.

sqlmap is an automatic SQL injection and database takeover tool for penetration testing and vulnerability detection.