Hacking Tools

CHOMTE.SH is a powerful shell script designed to automate recon tasks. It utilizes various Go-based tools to gather information and identify the attack surface, making it a valuable asset for bug bounty hunters and penetration testers.

o365sprayer is a tool used to enumerate and spray passwords for Office 365 accounts on both Managed and Federated AD services. It has the ability to distinguish managed O365 and Federated Microsoft Office 365 accounts for a target domain.

fetchmeurls is a Recon tool designed for Bug Bounty Hunters to quickly fetch URLs for multiple domains, either for small or large scopes, actively and passively.

Noir is an attack surface detector for source code and it is designed for identifying API endpoints and potential security issues within web applications by analyzing their source code.

Mantra it’s a recon tool with the main objective of searching for API keys in JavaScript files and HTML pages.

Goblyn is a versatile tool designed for the enumeration and extraction of metadata from files hosted on websites.

Headerpwn is a fuzzing tool for finding anomalies and analyzing how servers respond to different HTTP headers. It can provide valuable insights into potential security risks and misconfigurations.

Photon is an advanced web crawler and osint tool for thorough website analysis. It’s capable of scanning websites comprehensively to uncover valuable information.

Dirhunt is a web crawler optimize for search and analyze directories. It detects directories with false 404 errors, directories where an empty index file has been created to hide things and much more.