#directories

FinalRecon
FinalRecon

All In One Web Recon.

jsluice
jsluice

Extract URLs, paths, secrets, and other interesting bits from JavaScript.

wordlistgen
wordlistgen

Quickly generate context-specific wordlists for content discovery from lists of URLs or paths.

nmapAutomater
nmapAutomater

Automate the process of enumeration & recon that is run every time.

wikto
wikto

Nikto for Windows with some extra features.

Rock-ON
Rock-ON

All in one recon tool that just get a single domain name and do all of the work alone.

RedTeam_toolkit
RedTeam_toolkit

Open source Django offensive webapp which is keeping the best tools used in the redteaming.

smbmap
smbmap

A handy SMB enumeration tool.

Oculus
Oculus

OSINT tool used to discover environments, directories, and subdomains of a particular domain.

DirBuster
DirBuster

Multi threaded application to brute force directories and files names on web/application servers.

Legion
Legion

Aids in discovery, reconnaissance and exploitation of information systems.

gitscraper
gitscraper

Scrapes public GitHub repositories for common naming conventions in variables, folders and files.

Hamburglar
Hamburglar

Collect useful information from urls, directories, and files.

dirhunt
dirhunt

Find web directories without bruteforce.

ChopChop
ChopChop

Scan endpoints and identify exposition of sensitive services/files/folders.

Scout
Scout

Discover a web server's undisclosed files, directories and VHOSTs.

BurpSmartBuster
BurpSmartBuster

A Burp Suite content discovery plugin that add the smart into the Buster.

DirSearch
DirSearch

A Go implementation of dirsearch.

crawley
crawley

The unix-way web crawler.

Dirstalk
Dirstalk

Multi threaded application designed to brute force paths on web servers.

Filebuster
Filebuster

An extremely fast and flexible web fuzzer.

RecurseBuster
RecurseBuster

Rapid content discovery tool for recursively querying webservers.

Scilla
Scilla

Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration.

skipfish
skipfish

Active web application security reconnaissance tool.

fuzzagotchi
fuzzagotchi

A fuzzing tool written in Go. It helps your pentesting journey.

gospider
gospider

Fast web spider written in Go.

crithit
crithit

Takes a single wordlist item and tests it one by one over a large collection of websites.

Gobuster
Gobuster

Directory/File, DNS and VHost busting tool written in Go.

Feroxbuster
Feroxbuster

A fast, simple, recursive content discovery tool written in Rust.

Nikto
Nikto

Nikto web server scanner.

Dirb
Dirb

Web Fuzzer.

Wfuzz
Wfuzz

Web application fuzzer.

GRecon
GRecon

Run a Google based passive recon against your scope.

dirsearch
dirsearch

Web path scanner.

ffuf
ffuf

Fast web fuzzer written in Go.