Open Source tool list :-
1 min readOct 4, 2021
I hope this tool-list will help you :)
- Google Hacking https://pentest-tools.com/information-gathering/google-hacking
- Goohak https://github.com/1N3/Goohak/
- Goog D0rker https://github.com/ZephrFish/GoogD0rker/
- Dnsscan https://github.com/rbsec/dnscan
- Sn1per https://github.com/1N3/Sn1per (for web)
- Gitrob https://github.com/michenriksen/gitrob (for github)
- Trufflehog https://github.com/dxa4481/truffleHog
- RepoSessed https://github.com/IOActive/RepoSsessed
- Git All Secrets https://github.com/anshumanbh/git-all-secrets
- Knockpy https://github.com/guelfoweb/knock
- Sublist3r https://github.com/aboul3la/Sublist3r
- massdns https://github.com/blechschmidt/massdns
- nmap https://nmap.org
- masscan https://github.com/robertdavidgraham/masscan
- EyeWitness https://github.com/ChrisTruncer/EyeWitness
- DirBuster https://sourceforge.net/projects/dirbuster/
- dirsearch https://github.com/maurosoria/dirsearch
- Gitrob https://github.com/michenriksen/gitrob
- git-secrets https://github.com/awslabs/git-secrets
- sandcastle https://github.com/yasinS/sandcastle
- bucket_finder https://digi.ninja/projects/bucket_finder.php
- GoogD0rker https://github.com/ZephrFish/GoogD0rker/
- Wayback Machine https://web.archive.org
- waybackurls https://gist.github.com/mhmdiaa/adf6bff70142e5091792841d4b372050Sn1per https://github.com/1N3/Sn1per/
- XRay https://github.com/evilsocket/xray
- wfuzz https://github.com/xmendez/wfuzz/
- patator https://github.com/lanjelot/patator
- datasploit https://github.com/DataSploit/datasploit
- hydra https://github.com/vanhauser-thc/thc-hydra
- changeme https://github.com/ztgrace/changeme
- MobSF https://github.com/MobSF/Mobile-Security-Framework-MobSF/ Apktool https://github.com/iBotPeaches/Apktool
- dex2jar https://sourceforge.net/projects/dex2jar/
- sqlmap http://sqlmap.org/
- oxml_xxe https://github.com/BuffaloWill/oxml_xxe/
- Bug Bounty Forum Tool list
- Bug crowd Tool list
- XXE Injector https://github.com/enjoiz/XXEinjector
- The JSON Web Token Toolkit https://github.com/ticarpi/jwt_tool
- ground-control https://github.com/jobertabma/ground-control
- ssrfDetector https://github.com/JacobReynolds/ssrfDetector
- LFISuit https://github.com/D35m0nd142/LFISuite
- GitTools https://github.com/internetwache/GitTools
- dvcs-ripper https://github.com/kost/dvcs-ripper
- tko-subs https://github.com/anshumanbh/tko-subs
- HostileSubBruteforcer https://github.com/nahamsec/HostileSubBruteforcer Race the Web https://github.com/insp3ctre/race-the-web
- ysoserial https://github.com/GoSecure/ysoserial
- PHPGGC https://github.com/ambionics/phpggc
- CORStest https://github.com/RUB-NDS/CORStest
- retire-js https://github.com/RetireJS/retire.js
- getsploit https://github.com/vulnersCom/getsploit
- Findsploit https://github.com/1N3/Findsploit
- bfac https://github.com/mazen160/bfac
- WPScan https://wpscan.org/
- CMSMap https://github.com/Dionach/CMSmap
- Amass https://github.com/OWASP/Amass
