A vast collection of security tools for bug bounty, pentest and red teaming
#subdomains






DNSProbe
Allows you to perform multiple dns queries of your choice with a list of user supplied resolvers.













Vajra
UI-based tool with multiple techniques for attacking and enumerating Azure and AWS environment.







Oculus
OSINT tool used to discover environments, directories, and subdomains of a particular domain.




















Domain Analyzer
Analyze the security of any domain by finding all the information possible. Made in python.



AutoRecon
Multi-threaded network reconnaissance tool which performs automated enumeration of services.







BlackWidow
Web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.












Burp-AnonymousCloud
Performs passive scan to identify buckets and test them for publicly accessible vulnerabilities.



WitnessMe
Web Inventory tool, takes screenshots and provides some extra bells&whistles to make life easier.



brutesubs
Automation framework for running multiple open sourced subdomain bruteforcing tools in parallel.

Substr3am
Passive reconnaissance/enumeration of interesting targets by watching for SSL certificates.



Censys Enumeration
Extract subdomains/emails for a given domain using SSL/TLS certificate dataset on Censys.


Censys subdomain finder
Perform subdomain enumeration using the certificate transparency logs from Censys.










Rengine
Automated reconnaissance framework for webapps, highly configurable streamlined recon process.


























