WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via contact@wpscan.com

Next generation web scanner

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

CeWL is a Custom Word List Generator

Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.

🔱 Powerfull XSS Scanning and Parameter analysis tool&gem

Rotating TOR proxy with Docker

A tool for embedding XXE/XML exploits into different filetypes

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

A small tool that extracts relative URLs from a file.

Ronin is a Free and Open Source Ruby Toolkit for Security Research and Development. Ronin also allows for the rapid development and distribution of code, exploits, payloads, etc, via 3rd-party git …

This project crawls bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) hourly and dumps them into the bounty-targets-data repo

A script to enumerate virtual hosts on a server.

API Fuzzer which allows to fuzz request attributes using common pentesting techniques and lists vulnerabilities

A ruby gem for defending against Server Side Request Forgery (SSRF) attacks

Tests URLs for Local File Inclusion (LFI), Remote File Inclusion (RFI), SQL injection (SQLi), and Cross Site Scripting (XSS), Server Side Template Injection (SSTI), and Open Redirects.

A simple joomla vulnerability scanner built in ruby