Agent Steal's Projects
Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application
Extract domains/subdomains from URLs en masse
Automatic tool for DNS rebinding-based SSRF attacks
Take a list of domains and probe for working HTTP and HTTPS servers
httpx is a fast and multi-purpose HTTP toolkit allow to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads.
A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.
The Swiss Army knife for automated Web Application Testing
JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool
A wrapper around jq, to help you parse jq output!
Automation for javascript recon in bug bounty.
Knock Subdomain Scan
Konan - Advanced Web Application Dir Scanner
A python script that finds endpoints in JavaScript files
Fetch many paths for many hosts - without killing the hosts
Notify is a helper utility written in Go that allows you to post the output from any tool to Slack, Discord, and Telegram.
Nuclei is a fast tool for configurable targeted scanning based on templates offering massive extensibility and ease of use.
Fetch the details of assets hosted on AWS.
OneForAll是一款功能强大的子域收集工具
Use tracked VR devices from one company with any other.
Parallel SSH commands executioner and file synchronization tool
:orange_book: OSCP Exam Report Template in Markdown
OSRFramework, the Open Sources Research Framework is a AGPLv3+ project by i3visio focused on providing API and tools to perform more accurate online researches.
pagodo (Passive Google Dork) - Automate Google Hacking Database scraping and searching
Continuous recon and vulnerability assessment using Github Actions.
Work in progress...
Abuse of Google Colab for cracking hashes. 🐧
A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀
Curated list of public penetration test reports released by several consulting firms and academic security groups
Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.
qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.