From 11e562d1c02ff19822b3410e13c42ac954686db7 Mon Sep 17 00:00:00 2001 From: "Abhiraj Roy (iconized)" <157954129+iconized@users.noreply.github.com> Date: Fri, 19 Apr 2024 05:30:08 +0530 Subject: [PATCH 1/4] Create netinstall-webapp.yaml --- .../blackbox/yaml/netinstall-webapp.yaml | 443 ++++++++++++++++++ 1 file changed, 443 insertions(+) create mode 100644 usr/share/blackbox/yaml/netinstall-webapp.yaml diff --git a/usr/share/blackbox/yaml/netinstall-webapp.yaml b/usr/share/blackbox/yaml/netinstall-webapp.yaml new file mode 100644 index 0000000..58b0242 --- /dev/null +++ b/usr/share/blackbox/yaml/netinstall-webapp.yaml @@ -0,0 +1,443 @@ +- name: "WebApp" + description: "WebApp" + critical: false + hidden: false + selected: false + expanded: true + packages: + - 0d1n + - abuse-ssl-bypass-waf + - adfind + - adminpagefinder + - albatar + - allthevhosts + - anti-xss + - apachetomcatscanner + - arachni + - archivebox + - arjun + - asp-audit + - astra + - atlas + - atscan + - aws-extender-cli + - backcookie + - badministration + - bbqsql + - bbscan + - belati + - bfac + - bing-lfi-rfi + - bitdump + - blindelephant + - blisqy + - brakeman + - brute-force + - brutemap + - brutexss + - bsqlbf + - bsqlinjector + - burpsuite + - c5scan + - cangibrina + - cansina + - cent + - chankro + - cintruder + - cjexploiter + - clairvoyance + - cloudget + - cms-explorer + - cms-few + - cmseek + - cmsfuzz + - cmsmap + - cmsscan + - cmsscanner + - comission + - commentor + - commix + - conscan + - corscanner + - corstest + - corsy + - cpfinder + - crabstick + - crackql + - crawlic + - crlf-injector + - csrftester + - cybercrowl + - d-tect + - dalfox + - darkbing + - darkd0rk3r + - darkdump + - darkjumper + - darkmysqli + - darkscrape + - davscan + - dawnscanner + - dcrawl + - detectem + - dff-scanner + - dirb + - dirble + - dirbuster + - dirbuster-ng + - directorytraversalscan + - dirhunt + - dirscanner + - dirscraper +dirsearch +dirstalk +docem +domi-owned +dontgo403 +doork +dorknet +dpscan +droopescan +drupal-module-enum +drupalscan +drupwn +dsfs +dsjs +dsss +dsstore-crawler +dsxs +dumb0 +easyfuzzer +eazy +eos +epicwebhoneypot +evine +extended-ssrf-search +eyewitness +facebot +facebrute +fbht +fdsploit +feroxbuster +ffuf +fhttp +filebuster +filegps +fingerprinter +flashscanner +flask-session-cookie-manager2 +flask-session-cookie-manager3 +flask-unsign +flunym0us +fockcache +fuxploider +gau +ghauri +ghost-py +git-dumper +gitdump +gittools +gobuster +golismero +goop-dump +gopherus +gospider +gowitness +grabber +graphinder +graphql-cop +graphql-path-enum +graphqlmap +graphw00f +gwtenum +h2buster +h2csmuggler +h2t +hakku +hakrawler +halberd +hetty +hookshot +host-extract +htcap +http2smugl +httpforge +httpgrep +httppwnly +httpx +hyperfox +identywaf +imagejs +injectus +interactsh-client +inurlbr +ipsourcebypass +isr-form +jaeles +jaidam +jast +jboss-autopwn +jdeserialize +jexboss +jira-scan +jok3r +jomplug +jooforce +joomlascan +joomlavs +joomscan +jsearch +jshell +jsonbee +jsparser +jsql-injection +jstillery +juumla +jwt-hack +kadimus +katana-pd +keye +kiterunner +kolkata +konan +kubolt +laf +laudanum +lbmap +letmefuckit-scanner +leviathan +lfi-exploiter +lfi-fuzzploit +lfi-image-helper +lfi-scanner +lfi-sploiter +lfifreak +lfimap +lfisuite +liffy +lightbulb +linkfinder +list-urls +log4j-bypass +log4j-scan +lorsrf +lulzbuster +magescan +mando.me +mantra +maryam +meg +metoscan +monsoon +mooscan +morxtraversal +mosquito +multiinjector +mwebfp +nikto +nosqli +nosqli-user-pass-enum +nosqlmap +novahot +nuclei +okadminfinder +onionsearch +opendoor +otori +owasp-bywaf +owtf +pappy-proxy +parameth +parampampam +paranoic +paros +payloadmask +pblind +peepingtom +photon +php-findsock-shell +php-malware-finder +php-vulnerability-hunter +phpggc +phpsploit +pinkerton +pixload +plecost +plown +poly +poracle +pown +ppfuzz +ppmap +proxenet +pureblood +pwndrop +pyfiscan +pythem +python-arsenic +python-jsbeautifier +python-witnessme +python2-jsbeautifier +rabid +rapidscan +ratproxy +rawr +recsech +red-hawk +remot3d +restler-fuzzer +richsploit +riwifshell +ruler +rustbuster +rww-attack +sawef +scanqli +scrapy +scrying +second-order +secretfinder +secscan +see-surf +serializationdumper +shellinabox +shortfuzzy +shuffledns +sitadel +sitediff +sjet +skipfish +smplshllctrlr +smuggler +smuggler-py +snallygaster +snare +snuck +sourcemapper +spaf +sparty +spiga +spike-proxy +spipscan +sprayingtoolkit +sqid +sqlbrute +sqldict +sqlivulscan +sqlmap +sqlninja +sqlping +sqlpowerinjector +sqlsus +ssrf-sheriff +ssrfmap +stews +striker +subjs +swarm +swftools +taipan +themole +tidos-framework +tinfoleak +tinfoleak2 +tomcatwardeployer +torcrawl +tplmap +typo3scan +uatester +ufonet +uncaptcha2 +uniscan +uppwn +urlcrazy +urldigger +urlextractor +v3n0m +vane +vanguard +vbscan +vega +visql +vsvbp +vulnerabilities-spider +vulnx +w13scan +w3af +wafninja +wafp +wafpass +wafw00f +wapiti +wascan +waybackpack +wcvs +web-soul +webacoo +webanalyze +webborer +webenum +webexploitationtool +webhandler +webhunter +webkiller +webpwn3r +webrute +webscarab +webshag +webshells +webslayer +webspa +webtech +webxploiter +weevely +weirdaal +wfuzz +whatwaf +whatweb +whichcdn +whitewidow +wig +witchxtool +wmat +wordbrutepress +wordpress-exploit-framework +wordpresscan +wpbf +wpbrute-rpc +wpbullet +wpforce +wpintel +wpscan +wpseku +ws-attacker +wsfuzzer +wssip +wuzz +x8 +xmlrpc-bruteforcer +xspear +xsrfprobe +xss-freak +xsscon +xsscrapy +xsser +xssless +xsspy +xsss +xssscan +xsssniper +xsstrike +xssya +xwaf +xxeinjector +xxexploiter +xxxpwn +xxxpwn-smart +yaaf +yasuo +yawast +ycrawler +yinjector +ysoserial +zaproxy From ab0538d9ae8e5b474a649a84aab63ddb823202e0 Mon Sep 17 00:00:00 2001 From: "Abhiraj Roy (iconized)" <157954129+iconized@users.noreply.github.com> Date: Fri, 19 Apr 2024 05:32:18 +0530 Subject: [PATCH 2/4] Update netinstall-webapp.yaml --- .../blackbox/yaml/netinstall-webapp.yaml | 705 +++++++++--------- 1 file changed, 353 insertions(+), 352 deletions(-) diff --git a/usr/share/blackbox/yaml/netinstall-webapp.yaml b/usr/share/blackbox/yaml/netinstall-webapp.yaml index 58b0242..d22ec4f 100644 --- a/usr/share/blackbox/yaml/netinstall-webapp.yaml +++ b/usr/share/blackbox/yaml/netinstall-webapp.yaml @@ -66,6 +66,7 @@ - crackql - crawlic - crlf-injector + - crlfuzz - csrftester - cybercrowl - d-tect @@ -89,355 +90,355 @@ - dirhunt - dirscanner - dirscraper -dirsearch -dirstalk -docem -domi-owned -dontgo403 -doork -dorknet -dpscan -droopescan -drupal-module-enum -drupalscan -drupwn -dsfs -dsjs -dsss -dsstore-crawler -dsxs -dumb0 -easyfuzzer -eazy -eos -epicwebhoneypot -evine -extended-ssrf-search -eyewitness -facebot -facebrute -fbht -fdsploit -feroxbuster -ffuf -fhttp -filebuster -filegps -fingerprinter -flashscanner -flask-session-cookie-manager2 -flask-session-cookie-manager3 -flask-unsign -flunym0us -fockcache -fuxploider -gau -ghauri -ghost-py -git-dumper -gitdump -gittools -gobuster -golismero -goop-dump -gopherus -gospider -gowitness -grabber -graphinder -graphql-cop -graphql-path-enum -graphqlmap -graphw00f -gwtenum -h2buster -h2csmuggler -h2t -hakku -hakrawler -halberd -hetty -hookshot -host-extract -htcap -http2smugl -httpforge -httpgrep -httppwnly -httpx -hyperfox -identywaf -imagejs -injectus -interactsh-client -inurlbr -ipsourcebypass -isr-form -jaeles -jaidam -jast -jboss-autopwn -jdeserialize -jexboss -jira-scan -jok3r -jomplug -jooforce -joomlascan -joomlavs -joomscan -jsearch -jshell -jsonbee -jsparser -jsql-injection -jstillery -juumla -jwt-hack -kadimus -katana-pd -keye -kiterunner -kolkata -konan -kubolt -laf -laudanum -lbmap -letmefuckit-scanner -leviathan -lfi-exploiter -lfi-fuzzploit -lfi-image-helper -lfi-scanner -lfi-sploiter -lfifreak -lfimap -lfisuite -liffy -lightbulb -linkfinder -list-urls -log4j-bypass -log4j-scan -lorsrf -lulzbuster -magescan -mando.me -mantra -maryam -meg -metoscan -monsoon -mooscan -morxtraversal -mosquito -multiinjector -mwebfp -nikto -nosqli -nosqli-user-pass-enum -nosqlmap -novahot -nuclei -okadminfinder -onionsearch -opendoor -otori -owasp-bywaf -owtf -pappy-proxy -parameth -parampampam -paranoic -paros -payloadmask -pblind -peepingtom -photon -php-findsock-shell -php-malware-finder -php-vulnerability-hunter -phpggc -phpsploit -pinkerton -pixload -plecost -plown -poly -poracle -pown -ppfuzz -ppmap -proxenet -pureblood -pwndrop -pyfiscan -pythem -python-arsenic -python-jsbeautifier -python-witnessme -python2-jsbeautifier -rabid -rapidscan -ratproxy -rawr -recsech -red-hawk -remot3d -restler-fuzzer -richsploit -riwifshell -ruler -rustbuster -rww-attack -sawef -scanqli -scrapy -scrying -second-order -secretfinder -secscan -see-surf -serializationdumper -shellinabox -shortfuzzy -shuffledns -sitadel -sitediff -sjet -skipfish -smplshllctrlr -smuggler -smuggler-py -snallygaster -snare -snuck -sourcemapper -spaf -sparty -spiga -spike-proxy -spipscan -sprayingtoolkit -sqid -sqlbrute -sqldict -sqlivulscan -sqlmap -sqlninja -sqlping -sqlpowerinjector -sqlsus -ssrf-sheriff -ssrfmap -stews -striker -subjs -swarm -swftools -taipan -themole -tidos-framework -tinfoleak -tinfoleak2 -tomcatwardeployer -torcrawl -tplmap -typo3scan -uatester -ufonet -uncaptcha2 -uniscan -uppwn -urlcrazy -urldigger -urlextractor -v3n0m -vane -vanguard -vbscan -vega -visql -vsvbp -vulnerabilities-spider -vulnx -w13scan -w3af -wafninja -wafp -wafpass -wafw00f -wapiti -wascan -waybackpack -wcvs -web-soul -webacoo -webanalyze -webborer -webenum -webexploitationtool -webhandler -webhunter -webkiller -webpwn3r -webrute -webscarab -webshag -webshells -webslayer -webspa -webtech -webxploiter -weevely -weirdaal -wfuzz -whatwaf -whatweb -whichcdn -whitewidow -wig -witchxtool -wmat -wordbrutepress -wordpress-exploit-framework -wordpresscan -wpbf -wpbrute-rpc -wpbullet -wpforce -wpintel -wpscan -wpseku -ws-attacker -wsfuzzer -wssip -wuzz -x8 -xmlrpc-bruteforcer -xspear -xsrfprobe -xss-freak -xsscon -xsscrapy -xsser -xssless -xsspy -xsss -xssscan -xsssniper -xsstrike -xssya -xwaf -xxeinjector -xxexploiter -xxxpwn -xxxpwn-smart -yaaf -yasuo -yawast -ycrawler -yinjector -ysoserial -zaproxy + - dirsearch + - dirstalk + - docem + - domi-owned + - dontgo403 + - doork + - dorknet + - dpscan + - droopescan + - drupal-module-enum + - drupalscan + - drupwn + - dsfs + - dsjs + - dsss + - dsstore-crawler + - dsxs + - dumb0 + - easyfuzzer + - eazy + - eos + - epicwebhoneypot + - evine + - extended-ssrf-search + - eyewitness + - facebot + - facebrute + - fbht + - fdsploit + - feroxbuster + - ffuf + - fhttp + - filebuster + - filegps + - fingerprinter + - flashscanner + - flask-session-cookie-manager2 + - flask-session-cookie-manager3 + - flask-unsign + - flunym0us + - fockcache + - fuxploider + - gau + - ghauri + - ghost-py + - git-dumper + - gitdump + - gittools + - gobuster + - golismero + - goop-dump + - gopherus + - gospider + - gowitness + - grabber + - graphinder + - graphql-cop + - graphql-path-enum + - graphqlmap + - graphw00f + - gwtenum + - h2buster + - h2csmuggler + - h2t + - hakku + - hakrawler + - halberd + - hetty + - hookshot + - host-extract + - htcap + - http2smugl + - httpforge + - httpgrep + - httppwnly + - httpx + - hyperfox + - identywaf + - imagejs + - injectus + - interactsh-client + - inurlbr + - ipsourcebypass + - isr-form + - jaeles + - jaidam + - jast + - jboss-autopwn + - jdeserialize + - jexboss + - jira-scan + - jok3r + - jomplug + - jooforce + - joomlascan + - joomlavs + - joomscan + - jsearch + - jshell + - jsonbee + - jsparser + - jsql-injection + - jstillery + - juumla + - jwt-hack + - kadimus + - katana-pd + - keye + - kiterunner + - kolkata + - konan + - kubolt + - laf + - laudanum + - lbmap + - letmefuckit-scanner + - leviathan + - lfi-exploiter + - lfi-fuzzploit + - lfi-image-helper + - lfi-scanner + - lfi-sploiter + - lfifreak + - lfimap + - lfisuite + - liffy + - lightbulb + - linkfinder + - list-urls + - log4j-bypass + - log4j-scan + - lorsrf + - lulzbuster + - magescan + - mando.me + - mantra + - maryam + - meg + - metoscan + - monsoon + - mooscan + - morxtraversal + - mosquito + - multiinjector + - mwebfp + - nikto + - nosqli + - nosqli-user-pass-enum + - nosqlmap + - novahot + - nuclei + - okadminfinder + - onionsearch + - opendoor + - otori + - owasp-bywaf + - owtf + - pappy-proxy + - parameth + - parampampam + - paranoic + - paros + - payloadmask + - pblind + - peepingtom + - photon + - php-findsock-shell + - php-malware-finder + - php-vulnerability-hunter + - phpggc + - phpsploit + - pinkerton + - pixload + - plecost + - plown + - poly + - poracle + - pown + - ppfuzz + - ppmap + - proxenet + - pureblood + - pwndrop + - pyfiscan + - pythem + - python-arsenic + - python-jsbeautifier + - python-witnessme + - python2-jsbeautifier + - rabid + - rapidscan + - ratproxy + - rawr + - recsech + - red-hawk + - remot3d + - restler-fuzzer + - richsploit + - riwifshell + - ruler + - rustbuster + - rww-attack + - sawef + - scanqli + - scrapy + - scrying + - second-order + - secretfinder + - secscan + - see-surf + - serializationdumper + - shellinabox + - shortfuzzy + - shuffledns + - sitadel + - sitediff + - sjet + - skipfish + - smplshllctrlr + - smuggler + - smuggler-py + - snallygaster + - snare + - snuck + - sourcemapper + - spaf + - sparty + - spiga + - spike-proxy + - spipscan + - sprayingtoolkit + - sqid + - sqlbrute + - sqldict + - sqlivulscan + - sqlmap + - sqlninja + - sqlping + - sqlpowerinjector + - sqlsus + - ssrf-sheriff + - ssrfmap + - stews + - striker + - subjs + - swarm + - swftools + - taipan + - themole + - tidos-framework + - tinfoleak + - tinfoleak2 + - tomcatwardeployer + - torcrawl + - tplmap + - typo3scan + - uatester + - ufonet + - uncaptcha2 + - uniscan + - uppwn + - urlcrazy + - urldigger + - urlextractor + - v3n0m + - vane + - vanguard + - vbscan + - vega + - visql + - vsvbp + - vulnerabilities-spider + - vulnx + - w13scan + - w3af + - wafninja + - wafp + - wafpass + - wafw00f + - wapiti + - wascan + - waybackpack + - wcvs + - web-soul + - webacoo + - webanalyze + - webborer + - webenum + - webexploitationtool + - webhandler + - webhunter + - webkiller + - webpwn3r + - webrute + - webscarab + - webshag + - webshells + - webslayer + - webspa + - webtech + - webxploiter + - weevely + - weirdaal + - wfuzz + - whatwaf + - whatweb + - whichcdn + - whitewidow + - wig + - witchxtool + - wmat + - wordbrutepress + - wordpress-exploit-framework + - wordpresscan + - wpbf + - wpbrute-rpc + - wpbullet + - wpforce + - wpintel + - wpscan + - wpseku + - ws-attacker + - wsfuzzer + - wssip + - wuzz + - x8 + - xmlrpc-bruteforcer + - xspear + - xsrfprobe + - xss-freak + - xsscon + - xsscrapy + - xsser + - xssless + - xsspy + - xsss + - xssscan + - xsssniper + - xsstrike + - xssya + - xwaf + - xxeinjector + - xxexploiter + - xxxpwn + - xxxpwn-smart + - yaaf + - yasuo + - yawast + - ycrawler + - yinjector + - ysoserial + - zaproxy From d9d7e7470406bc8b64db54d04d5d5dbecea51c23 Mon Sep 17 00:00:00 2001 From: "Abhiraj Roy (iconized)" <157954129+iconized@users.noreply.github.com> Date: Fri, 19 Apr 2024 05:35:25 +0530 Subject: [PATCH 3/4] Create netinstall-fuzzer.yaml --- .../blackbox/yaml/netinstall-fuzzer.yaml | 227 ++++++++++++++++++ 1 file changed, 227 insertions(+) create mode 100644 usr/share/blackbox/yaml/netinstall-fuzzer.yaml diff --git a/usr/share/blackbox/yaml/netinstall-fuzzer.yaml b/usr/share/blackbox/yaml/netinstall-fuzzer.yaml new file mode 100644 index 0000000..0051487 --- /dev/null +++ b/usr/share/blackbox/yaml/netinstall-fuzzer.yaml @@ -0,0 +1,227 @@ +- name: "Fuzzer" + description: "Fuzzer" + critical: false + hidden: false + selected: false + expanded: true + packages: + - 0d1n + - abuse-ssl-bypass-waf + - aflplusplus + - aggroargs + - ajpfuzzer + - astra + - atlas + - atscan + - backfuzz + - bbscan + - bfuzz + - bing-lfi-rfi + - birp + - bluebox-ng + - boofuzz + - browser-fuzzer + - brutexss + - bss + - bt_audit + - bunny + - burpsuite + - cantoolz + - capfuzz + - cecster + - chipsec + - choronzon + - cirt-fuzzer + - cisco-auditing-tool + - cmsfuzz + - conscan + - cookie-cadger + - crackql + - crlf-injector + - dalfox + - darkbing + - dharma + - dhcpig + - dizzy + - domato + - doona + - dotdotpwn + - dpscan + - dr-checker + - drozer + - easyfuzzer + - faradaysec + - fdsploit + - feroxbuster + - ffuf + - fhttp + - filebuster + - filefuzz + - fimap + - firewalk + - flyr + - fockcache + - frisbeelite + - ftester + - ftp-fuzz + - fuddly + - fusil + - fuzzball2 + - fuzzdb + - fuzzdiff + - fuzzowski + - fuzztalk + - gloom + - goofuzz + - grammarinator + - graphql-path-enum + - graphqlmap + - grr + - hexorbase + - hodor + - homepwn + - honggfuzz + - http-fuzz + - httpforge + - hwk + - ifuzz + - ikeprober + - inguma + - injectus + - isip + - jbrofuzz + - jok3r + - joomlavs + - jsql-injection + - kitty-framework + - krbrelayx + - leviathan + - lfi-autopwn + - lfi-fuzzploit + - lfi-scanner + - lfi-sploiter + - lfimap + - liffy + - littleblackbox + - log4j-bypass + - log4j-scan + - logmepwn + - lorsrf + - maligno + - malybuzz + - manul + - mdk3 + - mdk4 + - melkor + - metasploit + - mitm6 + - mongoaudit + - network-app-stress-tester + - netzob + - nikto + - nili + - nimbostratus + - notspikefile + - nsoq + - nullscan + - oat + - ohrwurm + - openvas-scanner + - oscanner + - owtf + - pappy-proxy + - parampampam + - peach + - peach-fuzz + - pentbox + - pmcma + - portmanteau + - powerfuzzer + - pret + - profuzz + - pulsar + - pureblood + - pyersinia + - pyjfuzz + - pytbull + - qark + - radamsa + - rapidscan + - ratproxy + - responder + - restler-fuzzer + - s3-fuzzer + - samesame + - sandsifter + - sb0x + - scout2 + - sfuzz + - shortfuzzy + - skipfish + - sloth-fuzzer + - smartphone-pentest-framework + - smbexec + - smod + - smtp-fuzz + - smtptx + - sn00p + - snmp-fuzzer + - soapui + - socketfuzz + - spaf + - spartan + - spiderpig-pdffuzzer + - spike-fuzzer + - sploitego + - sps + - sqlbrute + - sqlmap + - sqlninja + - sshfuzz + - ssrfmap + - stews + - sulley + - taof + - tcpcontrol-fuzzer + - tcpjunk + - termineter + - tftp-fuzz + - thefuzz + - tlsfuzzer + - trinity + - udp-hunter + - udsim + - umap + - unifuzzer + - uniofuzz + - uniscan + - upnp-pentest-toolkit + - uppwn + - vane + - vbscan + - viproy-voipkit + - vsaudit + - vulscan + - w13scan + - w3af + - wafninja + - wafpass + - wapiti + - webscarab + - webshag + - websploit + - webxploiter + - weirdaal + - wfuzz + - witchxtool + - wpscan + - wsfuzzer + - xspear + - xss-freak + - xsser + - xsss + - xssscan + - xsssniper + - yawast + - zaproxy + - zzuf From 96766d968b63234edb78e3f281f7bc17e72c6f59 Mon Sep 17 00:00:00 2001 From: "Abhiraj Roy (iconized)" <157954129+iconized@users.noreply.github.com> Date: Fri, 19 Apr 2024 05:38:09 +0530 Subject: [PATCH 4/4] Create netinstall-scanner.yaml --- .../blackbox/yaml/netinstall-scanner.yaml | 664 ++++++++++++++++++ 1 file changed, 664 insertions(+) create mode 100644 usr/share/blackbox/yaml/netinstall-scanner.yaml diff --git a/usr/share/blackbox/yaml/netinstall-scanner.yaml b/usr/share/blackbox/yaml/netinstall-scanner.yaml new file mode 100644 index 0000000..6a38c96 --- /dev/null +++ b/usr/share/blackbox/yaml/netinstall-scanner.yaml @@ -0,0 +1,664 @@ +- name: "WebApp" + description: "WebApp" + critical: false + hidden: false + selected: false + expanded: true + packages: + - 0d1n + - 0trace + - a2sv + - adenum + - adminpagefinder + - admsnmp + - allthevhosts + - amass + - androidsniffer + - anti-xss + - anubis + - apache-users + - apachetomcatscanner + - apnbf + - appmon + - arjun + - arp-scan + - asp-audit + - assetfinder + - atear + - athena-ssl-scanner + - atscan + - atstaketools + - attk + - autorecon + - aws-extender-cli + - aws-iam-privesc + - awsbucketdump + - badkarma + - badministration + - barmie + - basedomainname + - bashscan + - bbscan + - belati + - billcipher + - bing-lfi-rfi + - bingoo + - birp + - blackbox-scanner + - bleah + - blindy + - blue-hydra + - bluebox-ng + - bluelog + - bluescan + - bluto + - botb + - braa + - brakeman + - bss + - btscanner + - burpsuite + - c5scan + - cameradar + - camscan + - canari + - cangibrina + - cansina + - cantoolz + - cariddi + - casefile + - cecster + - cent + - cero + - changeme + - chaosmap + - check-weak-dh-ssh + - checksec + - chipsec + - chiron + - cipherscan + - cisco-auditing-tool + - cisco-scanner + - cisco-torch + - ciscos + - clair + - clairvoyance + - climber + - cloudflare-enum + - cloudmare + - cloudsploit + - cloudunflare + - cms-few + - cmsfuzz + - cmsmap + - cmsscan + - cmsscanner + - comission + - complemento + - configpush + - conscan + - cookie-cadger + - corscanner + - corstest + - corsy + - cpfinder + - crackmapexec + - creepy + - crlfuzz + - ct-exposer + - cvechecker + - cybercrowl + - cyberscan + - d-tect + - dark-dork-searcher + - darkbing + - darkdump + - darkscrape + - datasploit + - davscan + - davtest + - dawnscanner + - dbusmap + - dcrawl + - deblaze + - delldrac + - dependency-check + - dhcpig + - dirb + - dirble + - dirbuster + - dirbuster-ng + - dirhunt + - dirscanner + - dirscraper + - dirsearch + - dirstalk + - dive + - dmitry + - dnmap + - dns2geoip + - dnsa + - dnsbf + - dnsbrute + - dnscan + - dnsenum + - dnsgoblin + - dnspredict + - dnsspider + - dnstwist + - dnswalk + - dockerscan + - dontgo403 + - dorkbot + - dorkme + - dpscan + - driftnet + - dripper + - droopescan + - drozer + - drupal-module-enum + - drupalscan + - drupwn + - dsfs + - dsjs + - dsss + - dsxs + - dvcs-ripper + - easyda + - eazy + - eigrp-tools + - enteletaor + - enum-shares + - enum4linux + - enum4linux-ng + - enumerate-iam + - enumiax + - eos + - eternal-scanner + - evine + - extended-ssrf-search + - faradaysec + - fernmelder + - feroxbuster + - fgscanner + - fhttp + - fi6s + - fierce + - find-dns + - firewalk + - flashscanner + - flunym0us + - forkingportscanner + - fortiscan + - fping + - fs-nyarl + - fscan + - fsnoop + - ftp-scanner + - ftp-spider + - ftpmap + - ftpscout + - gatecrasher + - gcpbucketbrute + - gethsploit + - gggooglescan + - ghost-phisher + - git-dump + - git-dumper + - gitdorker + - gitrob + - gittools + - gloom + - gobuster + - goofuzz + - goohak + - goop-dump + - gospider + - gpredict + - grabbb + - graphinder + - graphql-cop + - grepforrfi + - grype + - gtp-scan + - gwcheck + - h2buster + - h2t + - habu + - hackredis + - hakku + - hakrawler + - halberd + - hasere + - hbad + - heartleech + - hellraiser + - hexorbase + - hikpwn + - homepwn + - hookshot + - hoppy + - host-extract + - hostbox-ssh + - hsecscan + - htcap + - http-enum + - http2smugl + - httpforge + - httpgrep + - httprobe + - httpsscanner + - httpx + - hwk + - iaxscan + - icmpquery + - idswakeup + - iis-shortname-scanner + - ike-scan + - ikeprobe + - ilo4-toolbox + - infip + - inguma + - injectus + - inurlbr + - ipscan + - iptv + - ipv6toolkit + - ircsnapshot + - isme + - jaadas + - jaeles + - jira-scan + - jok3r + - joomlascan + - joomlavs + - juumla + - kadimus + - kalibrate-rtl + - katana-framework + - katana-pd + - kiterunner + - knock + - knxmap + - konan + - krbrelayx + - kube-hunter + - kubesploit + - kubestriker + - kubolt + - laf + - ldapdomaindump + - ldapenum + - leaklooker + - letmefuckit-scanner + - leviathan + - lfi-scanner + - lfisuite + - lightbulb + - linenum + - linikatz + - linux-smart-enumeration + - list-urls + - littleblackbox + - locasploit + - log4j-bypass + - log4j-scan + - logmepwn + - loki-scanner + - lorsrf + - lotophagi + - lte-cell-scanner + - lulzbuster + - lunar + - lynis + - magescan + - maligno + - maltego + - manspider + - mantra + - maryam + - massbleed + - masscan + - meg + - metasploit + - mingsweeper + - miranda-upnp + - mitm6 + - modscan + - mongoaudit + - mooscan + - morxtraversal + - mptcp-abuse + - mqtt-pwn + - msmailprobe + - mssqlscan + - multiscanner + - mwebfp + - naabu + - nbname + - nbtenum + - nbtool + - nbtscan + - netbios-share-scanner + - netexec + - netreconn + - netscan + - netscan2 + - nettacker + - netz + - nextnet + - nikto + - nili + - nmap + - nmbscan + - nosqlattack + - nosqli + - nray + - nsdtool + - nsec3map + - nsoq + - ntlm-challenger + - ntlm-scanner + - ntlmrecon + - nuclei + - nuclei-templates + - nullinux + - nullscan + - o-saft + - ocs + - okadminfinder + - onesixtyone + - onetwopunch + - onionscan + - onionsearch + - opendoor + - openscap + - openvas-scanner + - owasp-bywaf + - owtf + - pagodo + - paketto + - panhunt + - pappy-proxy + - parameth + - paranoic + - passhunt + - pbscan + - pcredz + - peass + - pentbox + - pentestly + - phonia + - php-malware-finder + - pinkerton + - plcscan + - pmap + - pnscan + - poison + - postenum + - pown + - ppfuzz + - ppmap + - ppscan + - prads + - praeda + - pret + - propecia + - prowler + - proxmark + - proxmark3 + - proxybroker2 + - proxycheck + - proxyp + - proxyscan + - ptf + - pureblood + - puredns + - pwncat + - pwndora + - pyersinia + - pyfiscan + - pyssltest + - pytbull + - pythem + - python-api-dnsdumpster + - python-shodan + - python2-api-dnsdumpster + - python2-ldapdomaindump + - python2-shodan + - qark + - quickrecon + - raccoon + - ranger-scanner + - rapidscan + - ratproxy + - rawr + - rbac-lookup + - rdp-cipher-checker + - rdp-sec-check + - reconscan + - recsech + - red-hawk + - redfang + - relay-scanner + - responder + - retire + - revipd + - rext + - ripdc + - rlogin-scanner + - routerhunter + - rpctools + - rpdscan + - rtlizer + - rtlsdr-scanner + - rustbuster + - rustscan + - s3scanner + - sambascan + - sandcastle + - sandmap + - sandy + - sb0x + - scamper + - scanless + - scanqli + - scanssh + - scap-security-guide + - scap-workbench + - scout2 + - scoutsuite + - scrape-dns + - scrapy + - sctpscan + - sdn-toolkit + - sdnpwn + - seat + - second-order + - secscan + - see-surf + - shareenum + - sharesniffer + - shocker + - shortfuzzy + - shuffledns + - silk + - simple-lan-scan + - sipscan + - sipshock + - sitadel + - skipfish + - slurp-scanner + - smap-scanner + - smartphone-pentest-framework + - smbcrunch + - smbexec + - smbmap + - smbspider + - smbsr + - smod + - smtp-test + - smtp-user-enum + - smtp-vrfy + - smtptx + - smuggler + - smuggler-py + - sn00p + - sn1per + - snallygaster + - snmpattack + - snmpenum + - snmpscan + - snoopbrute + - snscan + - snyk + - spade + - sparta + - spiga + - spipscan + - sploitego + - sprayhound + - sprayingtoolkit + - sqlivulscan + - ssdp-scanner + - ssh-audit + - ssh-user-enum + - sshprank + - sshscan + - ssl-hostname-resolver + - sslcaudit + - ssllabs-scan + - sslmap + - sslscan + - sslscan2 + - sslyze + - ssrfmap + - stacs + - stews + - sticky-keys-hunter + - stig-viewer + - storm-ring + - striker + - strutscan + - subbrute + - subdomainer + - subjack + - sublist3r + - subover + - subscraper + - superscan + - svn-extractor + - swarm + - synscan + - sysdig + - tachyon-scanner + - tactical-exploitation + - taipan + - takeover + - testssl.sh + - tfsec + - thc-ipv6 + - thc-smartbrute + - thcrut + - tiger + - tlsenum + - tlspretense + - tlssled + - tlsx + - topera + - torcrawl + - traxss + - trivy + - typo3scan + - ubiquiti-probing + - udork + - udp-hunter + - udsim + - umap + - unicornscan + - uniscan + - unix-privesc-check + - upnp-pentest-toolkit + - upnpscan + - uptux + - urldigger + - uw-loveimap + - uw-udpscan + - uw-zone + - v3n0m + - vais + - vane + - vanguard + - vault-scanner + - vbrute + - vbscan + - vcsmap + - vhostscan + - videosnarf + - viproy-voipkit + - visql + - vsaudit + - vscan + - vsvbp + - vulmap + - vulnerabilities-spider + - vulnx + - vuls + - vulscan + - w13scan + - w3af + - wafw00f + - waldo + - wapiti + - wascan + - wcvs + - webanalyze + - webborer + - webenum + - webhunter + - webpwn3r + - webrute + - webscarab + - webshag + - websploit + - webtech + - webxploiter + - weirdaal + - whatwaf + - whitewidow + - wifiscanmap + - wig + - winfo + - witchxtool + - wnmap + - wolpertinger + - wordpresscan + - wpintel + - wpscan + - wpseku + - wpsik + - wups + - x-scan + - x8 + - xcname + - xpire-crossdomain-scanner + - xsrfprobe + - xss-freak + - xsscon + - xsspy + - xsss + - xssscan + - xsstracer + - xsstrike + - xssya + - xwaf + - yaaf + - yasat + - yasuo + - yawast + - ycrawler + - yersinia + - zackattack + - zeus + - zmap + - paranoic