Tag

A Postman recon/OSINT framework for automated API endpoint discovery and secret exploitation in workspaces, collections, requests, users, and teams.

ProjectDiscovery offers real-time vulnerability detection, asset discovery, and customizable exploit detection for streamlined security workflows.

RESTler is a stateful REST API fuzzing tool for automatically testing cloud services and finding security and reliability bugs.

S3Scanner finds misconfigured S3 buckets across various cloud providers, enhancing cloud security posture and data leak prevention.

SecLists is a collection of multiple types of lists used during security assessments, collected in one place for easy access.

SecurityTrails provides a massive repository of historical DNS data and IP address records to help security teams track domain changes and attack surfaces.

Sherlock is an OSINT tool for finding usernames across social networks to support digital investigations and reconnaissance.

Subfinder is a fast passive subdomain enumeration tool for websites, leveraging online sources to discover valid subdomains.

Synack offers a security testing platform combining elite researchers with technology for continuous vulnerability discovery and risk management.

Truffle Security provides open-source and enterprise solutions for detecting and remediating leaked keys and credentials across the SDLC.

Voyage is a Rust-based subdomain enumeration tool with active/passive methods, SQLite progress tracking, and a real-time terminal UI.

XSStrike is an advanced XSS detection suite with intelligent payload generation, fuzzing engine, and fast crawler for web security.