Hacking Tools

SessionProbe is a multi-threaded tool designed for pentesting and bug bounty hunting. It evaluates user privileges in web apps by taking a session token and checking access across a list of URLs, highlighting potential authorization issues.

Troll-A is a command line tool for extracting secrets such as passwords, API keys, and tokens from WARC (Web ARChive) files. Troll-A is an easy-to-use, comprehensive, and fast solution for finding secrets in web archives.

sn0int is a semi-automatic OSINT framework and package manager designed for IT security professionals, bug bounty hunters, law enforcement agencies, and individuals seeking to gather intelligence about a target or themselves.

PassDetective is a command-line tool that scans your shell command history for mistakenly written passwords, API keys, and secrets. It uses regular expressions to identify potential sensitive information and helps you avoid accidentally exposing sensitive data in your command history.

ReconSpider is one of the most advanced Open Source Intelligence (OSINT) Framework and Recon for scanning IP Addresses, Emails, Websites, and Organizations and finding out information from different sources.

ThreatMapper is a platform for runtime threat management and attack path enumeration in cloud-native environments. It actively hunts for threats in production platforms, ranking them based on their risk of exploitation. It reveals vulnerabilities, exposed secrets, and deviations from security best practices through a combination of agent-based inspection and agent-less monitoring.

The Universal Radio Hacker (URH) is a complete suite for wireless protocol investigation with native support for many common Software Defined Radios (SDRs).

subby is an uber fast and simple subdomain enumeration tool using DNS and web requests with support for detecting wildcard DNS records.

Ghauri is an advanced cross-platform tool designed to automate the detection and exploitation of SQL injection security vulnerabilities.