Web Directory Brute Force Tools

This project is a comprehensive cybersecurity tool collection designed to support security research, penetration testing, and vulnerability assessment. It functions as a unified penetration testing suite, providing a centralized environment where professionals can access a wide range of offensive security utilities to identify system weaknesses and study attack vectors. The platform distinguishes itself through a modular architecture that aggregates disparate security scripts into a single, hierarchical command-line interface. It simplifies the management of these utilities by integrating external repositories, allowing users to fetch and organize third-party tools directly into a structured local directory. By utilizing a categorized menu system and shell-based process execution, the suite enables efficient navigation and direct invocation of specialized tools for tasks ranging from forensic analysis and reverse engineering to exploit development. The toolkit covers a broad spectrum of security domains, including web and wireless attack vectors, cloud security, payload creation, and social media analysis. It also incorporates automated environment setup to handle the installation of necessary system packages and language runtimes, ensuring compatibility across its diverse collection of utilities.

This project is an automated security testing suite designed to detect and exploit database vulnerabilities. It functions as a command-line utility that streamlines the identification, verification, and exploitation of web application flaws by automating the injection of malicious payloads into input parameters. The tool provides a comprehensive framework for database enumeration, allowing users to extract schema information, user data, and system configurations from identified injection points. What distinguishes this tool is its sophisticated engine for dynamic payload adaptation and heuristic fingerprinting, which adjusts injection techniques in real-time based on server responses. It supports advanced post-exploitation capabilities, including remote command execution on the underlying host operating system and file system access through database-level vulnerabilities. To navigate restricted environments, the software incorporates out-of-band data exfiltration channels and a middleware pipeline for applying user-defined transformations to bypass security filters and web application firewalls. The suite covers a broad range of operational requirements, including stateful session management, anti-CSRF token handling, and extensive request customization. It supports various target specification methods, such as proxy log analysis and remote API management, while offering granular control over scan performance and detection thresholds. The software is distributed as a command-line application, with configuration management supported through external file loading and command-line arguments.

This project is a comprehensive directory of software utilities, frameworks, and educational resources designed for cybersecurity competitions and offensive security research. It serves as a centralized index for tools used in cryptography, forensics, reverse engineering, and web exploitation, while providing structured materials for training and skill development. The repository distinguishes itself through a community-driven maintenance model that aggregates and organizes technical resources into a searchable, hierarchical structure. It facilitates knowledge transfer by cataloging expert problem-solving methodologies and writeups, enabling users to discover specialized toolchains and infrastructure configurations for both participating in and hosting competitive hacking events. Beyond its role as a directory, the project covers a broad capability surface including the deployment of isolated lab environments and the configuration of automated systems for security research. It provides access to frameworks for vulnerability analysis, credential testing, and the orchestration of simulated attack scenarios. The collection is maintained as an open-source resource, allowing for collaborative updates to ensure the relevance of its indexed tools and documentation.

Wfuzz is a web application fuzzing framework that automates the injection of payloads into HTTP requests to discover hidden resources, parameters, and vulnerabilities. It functions as a content discovery scanner, a brute-force tool for credential guessing, and a plugin-based vulnerability scanner, all within a single modular system. The tool distinguishes itself through its plugin-based extensibility, allowing custom Python modules to add new payload sources, output printers, or scanning logic without modifying core code. It supports concurrent request dispatch using thread-based parallelism to improve throughput on large payload sets, while also providing result filtering and comparison to highlight anomalies. Wfuzz replays captured HTTP requests and responses from prior sessions, preserving state for manual inspection and resending during testing. The framework covers hidden endpoint and resource discovery, HTTP parameter fuzzing across query strings, POST bodies, headers, and cookies, and brute-force authentication against login forms and HTTP authentication mechanisms. It uses a keyword-based payload injection system where a placeholder token in any HTTP request field is replaced with values from wordlists, generators, or iterators.

This project is a comprehensive, community-sourced knowledge base designed for security professionals and researchers. It functions as a centralized repository of offensive security techniques, providing a structured collection of exploit payloads, attack vectors, and methodologies for conducting vulnerability assessments and penetration testing. The repository distinguishes itself through a cross-platform payload taxonomy that categorizes exploitation methods by vulnerability type and target environment, enabling rapid lookup during security assessments. It maintains high standards of data integrity and collaborative growth by utilizing version-controlled knowledge management and template-driven content generation, ensuring that the research remains current and consistent across a wide range of technical domains. The project covers a broad capability surface, including detailed references for web application security, database injection, insecure deserialization, and AI model security testing. It also aggregates external resources, such as research papers and third-party tools, to provide a holistic view of modern threat analysis and defensive research. The documentation is organized as a hierarchical tree of markdown files, designed for easy navigation and reference during active security engagements.

Nuclei is a modular security scanning framework designed for automated vulnerability detection and infrastructure reconnaissance. It functions as a template-driven engine that executes security checks across diverse network protocols, allowing users to define custom detection logic to identify vulnerabilities, misconfigurations, and exposed assets. The platform distinguishes itself through its highly extensible architecture, which supports distributed scanning, headless browser automation for dynamic web content, and out-of-band interaction monitoring to detect blind vulnerabilities. It integrates advanced reconnaissance capabilities, including cloud infrastructure assessment, subdomain discovery, and technology fingerprinting, into a unified workflow that can be orchestrated via a command-line interface or programmatic API. Beyond core scanning, the project provides a comprehensive suite of tools for external attack surface management, including asset inventorying, visual evidence capture, and automated ticketing integration. It supports collaborative security operations through team workspaces, centralized template management, and real-time alerting, ensuring that vulnerability findings can be tracked, verified, and remediated within a single environment. The platform is distributed as a command-line utility and supports containerized execution, enabling integration into existing CI/CD pipelines and automated security workflows.

MediaCrawler is an automated web scraping framework designed to extract public posts, comments, and creator metadata from various social media platforms. It functions as a headless browser automator, utilizing real browser instances to render dynamic content and execute the client-side scripts necessary for interacting with modern web interfaces. The system distinguishes itself through a focus on session persistence and network flexibility. It supports remote debugging to reuse active browser sessions and cookies, which helps minimize the risk of triggering platform security challenges. To maintain stable data collection at scale, the tool integrates proxy-based request routing, allowing users to distribute traffic across external IP services to bypass rate limits and geographic restrictions. The architecture is built for extensibility and modularity, employing a provider pattern that allows developers to integrate new platforms or custom storage backends through standardized interfaces. Users can manage complex scraping workflows via command-line configuration, enabling the definition of specific targets and storage formats—such as JSON, CSV, or various database systems—without modifying the core logic. The project also includes utilities for data visualization, such as generating word clouds from collected comments. Installation requires setting up the necessary runtime environments, including a JavaScript engine for handling complex client-side rendering and the appropriate browser automation drivers.

Anubis is a command-line security reconnaissance framework designed for subdomain enumeration and attack surface mapping. It functions as a utility for security professionals to identify, catalog, and visualize the external digital footprint of an organization by discovering all subdomains associated with a target domain. The tool distinguishes itself through a modular resolver pipeline that integrates passive reconnaissance from third-party security APIs and public certificate transparency logs. It combines this data with active discovery methods, including recursive DNS brute-forcing and algorithmic pattern-based permutation generation, to uncover hidden infrastructure that is not publicly indexed. To maintain efficiency during large-scale assessments, the software utilizes asynchronous concurrent scanning to perform thousands of simultaneous DNS lookups. A built-in deduplication engine normalizes and filters these results to provide a clean, unique list of discovered assets for further vulnerability research.

This project is a high-performance command-line utility designed for rapid filesystem navigation and file discovery. It enables users to locate files and directories within large project structures using recursive search, pattern matching, and metadata-aware filtering. By employing multi-threaded parallel traversal, it provides an efficient way to explore complex directory trees. What distinguishes this tool is its ability to integrate directly into terminal workflows and automate file management tasks. It automatically respects version control ignore files and hidden file settings, ensuring that search results remain focused on relevant project content. Beyond simple discovery, it features a built-in batch execution engine that allows users to run custom shell commands or scripts against search results, using dynamic placeholders to process file paths and metadata. The utility supports a wide range of interoperability features, including standard stream piping for safe data transfer to other command-line tools, text editors, and fuzzy finders. It provides granular control over search parameters, including full path matching, regex-based pattern evaluation, and configurable output formatting. Diagnostic utilities are also included to assist with pattern debugging and terminal readability.

Fscan is an automated penetration testing tool designed for internal network reconnaissance and vulnerability assessment. It functions as a comprehensive security framework that maps network infrastructure, identifies active hosts and services, and detects security weaknesses across internal environments. The tool distinguishes itself through a modular plugin architecture that allows for extensible security checks and a stateful asset tracking system that maintains an in-memory registry of discovered infrastructure. It incorporates a dedicated credential brute-force engine for testing password strength and supports proxy-aware traffic routing to facilitate operations within segmented or restricted network segments. Beyond core discovery, the platform provides capabilities for post-exploitation security operations, including system information collection and remote access management. Users can control scan performance through configurable concurrency and rate limits, with options to manage tasks via both command-line execution and a graphical web interface.

The framework is a comprehensive penetration testing platform designed for the development, testing, and execution of security exploits. It serves as a research toolkit and automated assessment environment, enabling security professionals to identify and validate vulnerabilities within networked systems and infrastructure through repeatable, standardized procedures. The platform distinguishes itself through a modular architecture that supports reflective payload injection, allowing for the execution of code directly in memory without writing to disk. It utilizes an asynchronous event loop to manage high-performance, concurrent network connections and features a transport-agnostic communication layer that abstracts protocols to maintain persistent command and control. Users can extend the core functionality through a plugin system and define complex exploit logic using a domain-specific language. The framework provides robust capabilities for remote payload management, including the configuration of network settings like sleep intervals and timeout thresholds. It maintains state persistence across long-running sessions by storing discovered host information and vulnerability data in a relational database. The software is designed for cross-platform deployment, with installation support available for Linux, macOS, and Windows environments.

Gobuster is a command-line security utility designed for brute-force discovery of hidden infrastructure and content. It operates by systematically testing wordlists against target network services to identify files, directories, subdomains, and cloud storage buckets. The tool utilizes a concurrent worker pool to execute these requests in parallel, ensuring efficient scanning across various network environments. The project distinguishes itself through a modular plugin architecture that supports multiple discovery modes, including HTTP, DNS, and TFTP. This design allows for protocol-agnostic request abstraction, enabling the tool to perform virtual host identification, cloud storage auditing, and custom protocol fuzzing within a unified execution pipeline. Users can further refine these operations by customizing network headers, proxy settings, and security certificates. Beyond basic enumeration, the tool provides robust result management capabilities. It includes response-based filtering logic to discard irrelevant data based on status codes or content patterns, and it supports real-time stream-based processing to save findings directly to local files. These features allow for the systematic mapping of external network footprints and the identification of exposed application endpoints or sensitive configuration data.

Colly is a high-performance web scraping framework designed for the automated extraction of structured data from websites. It provides a programmable toolkit that manages the complexities of large-scale data collection, including concurrent request orchestration, automatic cookie handling, and robots.txt compliance. By utilizing an asynchronous execution model, the engine maintains high throughput while preventing resource exhaustion during recursive or distributed crawling tasks. The framework is distinguished by its modular, event-driven architecture, which allows developers to hook into specific lifecycle stages of a network request to process content or control flow. It features a flexible middleware pipeline for handling proxy rotation, user agents, and rate limiting, alongside an interface-driven storage layer that supports swapping default in-memory state for persistent external databases. This design enables the coordination of multiple scraping instances and the maintenance of crawl history across application restarts. Beyond its core engine, the project offers extensive customization options for network transport, including support for custom round-trippers to manage connection pooling and timeouts. It also provides robust observability tools, allowing for the attachment of custom debuggers and logging observers to monitor internal state during execution. Developers can further extend functionality through a plugin system or by sharing request context and configuration across different collector instances to support complex, multi-stage data extraction workflows.

Naabu is a port scanner library and tool that probes hosts for open ports using SYN, CONNECT, and UDP methods to identify active services. It functions as a Go library for embedding port scanning into programs, and as a standalone tool that accepts targets as hostnames, IP addresses, CIDR ranges, or ASN numbers. The tool discovers live hosts before scanning, filters ports by range or top lists, and can integrate with Nmap for service version detection. The project distinguishes itself through its SYN-based port probing approach that sends TCP SYN packets and analyzes responses without completing the full handshake, enabling faster scans. It supports passive port enumeration through external services like Shodan InternetDB, and can exclude CDN or WAF IPs from full scans. Naabu also provides a REST API for programmatic scan triggering, configuration management, and result export, alongside the ability to embed port scanning directly into Go programs with callback-based result handling. The tool covers host discovery, port scanning, and service detection across multiple input formats and output options. It includes features for filtering scan targets, rescanning completed scans, and exposing scan metrics via HTTP. The project is available as a command-line tool and as a Go library, with support for Docker deployment.

This project is a terminal-based HTTP client designed for interacting with web services, debugging APIs, and automating network requests. It provides a specialized command-line interface that simplifies the construction of complex HTTP exchanges, allowing users to test and inspect web services directly from the shell. The tool distinguishes itself through a declarative syntax engine that translates shorthand command-line tokens into fully formed HTTP requests, including headers, parameters, and body payloads. It features a modular, plugin-based architecture that enables users to extend core functionality with custom authentication schemes, transport protocols, and data formatting logic. Furthermore, it supports persistent session management, allowing for the maintenance of cookies and authentication states across multiple related requests to simulate browser-like interactions. Beyond its core request capabilities, the tool provides a comprehensive suite of features for handling network traffic, including automated shell scripting with error handling, remote file downloading with progress tracking, and robust proxy support. It also offers advanced configuration options for HTTPS security, response streaming for large payloads, and terminal-aware output formatting that provides syntax-highlighted, human-readable displays.

Subfinder is a security reconnaissance framework designed for subdomain enumeration and attack surface management. It functions as a discovery engine that identifies and maps internet-exposed infrastructure, cloud-hosted assets, and network ranges to maintain a comprehensive inventory of an organization's digital footprint. The project distinguishes itself through a modular, template-driven scanning engine that executes security checks against discovered assets. It leverages cloud-native asset discovery to query provider APIs and infrastructure metadata, while supporting distributed agent orchestration to parallelize discovery workloads across remote nodes. For dynamic web application analysis, the tool incorporates headless browser rendering to execute client-side code and capture visual state. The platform provides a broad capability surface for security operations, including asynchronous interaction monitoring to detect blind vulnerabilities and server-side request forgery. It features a domain-specific language for granular filtering of scan results and supports pipeline-oriented data streaming to integrate findings into external security tools and reporting systems. The software is implemented in Go and provides a command-line interface for executing discovery tasks and managing security workflows.

Masscan is a command-line network scanner designed for large-scale discovery and infrastructure reconnaissance. It identifies open ports across specific network segments or the entire internet by probing vast address ranges with high efficiency. The tool functions as an asynchronous packet engine, bypassing standard operating system kernel networking stacks to transmit raw packets directly from application memory. The project distinguishes itself through a specialized architecture that manages millions of concurrent connections by separating packet transmission and reception into independent execution threads. It utilizes a stateless, index-based mathematical algorithm to randomize target selection, ensuring probes are distributed unpredictably across address spaces. To maintain consistent performance and prevent network congestion, the scanner employs a high-precision timer to regulate transmission rates and uses zero-copy buffer management to minimize memory overhead. The software provides a platform-agnostic interface for raw network access, allowing it to operate consistently across different hardware and operating system environments. It supports the export of collected reconnaissance data into structured formats such as XML, JSON, or plain text for further analysis. The application is distributed as a portable utility, with its core codebase maintained through standardized string handling and automated testing.

Maskphish is a comprehensive security toolkit that integrates capabilities for digital forensics, network vulnerability scanning, open-source intelligence, penetration testing, and social engineering. It functions as a multi-purpose framework for automating reconnaissance and executing security audits across diverse network environments. The project features a specialized phishing and social engineering toolkit used for cloning websites, masking URLs, and deploying deceptive pages to capture user credentials. It also includes a remote access Trojan builder for generating platform-specific executables and mobile application packages to establish remote command sessions. The framework covers a broad surface of capabilities, including web application penetration testing, OSINT reconnaissance, memory and disk forensics, and wireless network auditing. It provides tools for payload generation, credential theft, and the automation of information gathering from public data sources. This project is implemented primarily as a shell-based application.

ripgrep is a command-line utility designed for searching through large file trees and source code repositories. It functions as a recursive text processor that traverses directories to locate and display matching patterns, serving as a high-performance alternative to traditional search tools. The tool distinguishes itself through a focus on execution speed and intelligent file handling. It utilizes a finite automata-based regular expression engine to ensure linear time complexity and employs hardware-level acceleration for literal byte sequence scanning. By integrating with version control systems, it automatically respects ignore patterns to skip irrelevant files, while its parallel worker threading and memory-mapped file scanning techniques maximize throughput across large datasets. Beyond its core search capabilities, the utility supports complex text filtering and data stream manipulation within terminal environments. It is designed to optimize development workflows by reducing wait times during large-scale codebase analysis and log file inspection. The project provides precompiled, static binaries for Windows, macOS, and Linux, and is invoked via the command line using the binary name rg.

reconftw is an attack surface management framework and reconnaissance workflow orchestrator designed to automate the discovery, mapping, and monitoring of external digital assets. It operates as a modular tool-chain pipeline that coordinates a sequence of security tools to perform intelligence gathering and vulnerability scanning. The project distinguishes itself through a cloud-native deployment model that parallelizes scanning workloads across a fleet of remote VPS instances to bypass local resource constraints. It utilizes container-based environment isolation to ensure consistent execution across different cloud providers and features a checkpoint system to resume interrupted workflows from the last point of failure. The toolkit covers a broad range of capabilities, including passive and active subdomain enumeration, open-source intelligence gathering, and network infrastructure analysis. It also incorporates automated vulnerability scanning for common web flaws and CVEs, differential asset tracking to identify new targets, and the generation of security reports using artificial intelligence. The environment can be deployed via container orchestration and integrated into CI/CD pipelines for recurring security checks.