Recently Updated Pages
Nikto
https://github.com/sullo/nikto Nikto is an Open Source (GPL) web server scanner which performs c...
File Upload via CSRF, XSS, SSRF, RCE, LFI, XXE
HTB https://whitehatlab.eu/en/blog/writeup/hackthebox/machine/linux/doctor/
Cross-origin resource sharing (CORS)
Cross-origin resource sharing (CORS) Cross-origin resource sharing (CORS) is a browser mechan...
Active Scanning
Lepus
Subdomain Takeover Lepus has a list of signatures in order to identify if a domain can be taken ...
Rengine
reNgine is a web application reconnaissance suite with focus on a highly configurable streamlined...
Nuclei (in Regine)
https://github.com/projectdiscovery/nuclei Nuclei is used to send requests across targets based ...
AMASS (in Rengine?)
https://github.com/owasp-amass/amass The OWASP Amass Project performs network mapping of attack ...
GoSpider
https://github.com/jaeles-project/gospider GoSpider GoSpider - Fast web spider written in Go
gau (get all urls)
https://github.com/lc/gau which replaces Rengine's https://github.com/bp0lr/gauplus getallu...
Clickjacking via IFRAME
Clickjacking is an attack that tricks a user into clicking a webpage element which is invisible o...
SNMP and HOST Header Injection
How to Test Initial testing is as simple as supplying another domain (i.e. attacker.com) i...
Password Reset Vulnerability
Password reset poisoning is a technique whereby an attacker manipulates a vulnerable website into...
theFuzz (formerly known as fuzzywuzzy)
https://github.com/seatgeek/thefuzz TheFuzz Fuzzy string matching like a boss. It uses Levensht...
tomnomnom tools in Rengine
https://github.com/tomnomnom/gf The examples are GREAT!!!!!! gf A wrapper around grep to avo...
Naabu (in Rengine)
Naabu is a port scanning tool written in Go that allows you to enumerate valid ports for hosts in...
Lepus Tool
Lepus is a tool for enumerating subdomains, checking for subdomain takeovers and perform port sca...
FFUF Tool
https://github.com/ffuf/ffuf ffuf - Fuzz Faster U Fool A fast web fuzzer written in Go. I...
NMAP
Nmap is short for “Network Mapper” and was originally released in September 1997 by Gordon Lyon...