Browsing tag
Tachyon is a fast web application security reconnaissance tool. It is specifically meant to crawl web application and look for left over or non-indexed files with the addition of reporting pages or scripts leaking internal data. User Requirements Linux Python 3.5.2 User Installation Install: $ mkdir tachyon $ python3 -m venv tachyon/ $ cd […]
Features Multi-threading 3 modes of detection Regex powered heuristic scanning Huge list of 3370 parameter names Usage Note: Arjun doesn’t work with python < 3.4 Discover parameters To find GET parameters, you can simply do: python3 arjun.py -u https://api.example.com/endpoint –get Similarly, use –post to find POST parameters. Multi-threading Arjun uses 2 threads by default but […]
SubFinder is a subdomain discovery tool that discovers valid subdomains for websites by using passive online sources. It has a simple modular architecture and has been aimed as a successor to sublist3r project. SubFinder uses Passive Sources, Search Engines, Pastebins, Internet Archives, etc to find subdomains and then it uses a permutation module inspired by […]
GetAltName it’s a little script that can extract Subject Alt Names for SSL Certificates directly from HTTPS web sites which can provide you with DNS names or virtual servers. It’s useful in a discovery phase of a pen-testing assessment, this tool can provide you with more information about your target and scope. This code is […]
ACLight is a tool for discovering privileged accounts through advanced ACLs (Access Lists) analysis. It includes the discovery of Shadow Admins in the scanned network. The tool queries the Active Directory (AD) for its objects’ ACLs and then filters and analyzes the sensitive permissions of each one. The result is a list of domain privileged […]