dnstwist is a tool designed to identify potentially malicious domains that adversaries might use to target your organization. It generates an extensive list of domain permutations based on a provided domain name and verifies their activity. This tool can detect typosquatting, phishing attacks, fraud, and brand impersonation.
pphack is a tool designed for detecting prototype pollution vulnerabilities in client-side JavaScript code.
Certina is an OSINT tool for red teamers, bug bounty hunters and pentesters to discover subdomains from web certificate data.
403jump is a tool designed for penetration testers and bug bounty hunters to audit the security of web applications and identify potential vulnerabilities. It aims to bypass HTTP 403 (Forbidden) pages using various techniques.
NetScout is an OSINT tool that finds domains, subdomains, directories, endpoints and files for a given seed URL.
WAF bypass is an open source tool to analyze the security of any WAF for False Positives and False Negatives using predefined and customizable payloads. Check your WAF before an attacker does.
