Attack Surface Management Platform

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

快速搭建各种漏洞环境(Various vulnerability environment)

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.

Nmap on steroids. Simple CLI with the ability to run pure Nmap engine, 31 modules with 459 scan profiles.

A script to set up a quick Ubuntu 17.10 x64 box with tools I use.

Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.

Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]

🗑️ GitHub Action to purge a website's cache via the Cloudflare API

A bash script that fetches and maintains thousands of DNS resolvers

Mapping from bug bounty and vulnerability disclosure programs to respective GitHub organizations

AWS,AZURE,GOOGLE CLOUD IP CIDRS

A tool for fetching archived URLs (to be rewritten in Go).