30 open-source projects similar to cloudtracer/paskto, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Paskto alternative.
Rengine is an automated reconnaissance framework and vulnerability management platform designed for attack surface monitoring. It functions as a centralized hub for discovering subdomains and open ports, gathering open-source intelligence, and tracking security flaws across target networks. The system integrates large language models to analyze reconnaissance data and generate vulnerability descriptions and insights. It distinguishes itself through a plugin-based tool integration that wraps external security scanning binaries and a target mapping system that tracks changes to assets over time
HowToHunt is a bug bounty hunting knowledge base and a structured guide for web application penetration testing. It provides a research methodology for organizing security testing procedures and validating application behaviors against known vulnerability patterns. The project features a curated library of security flaws and reconnaissance techniques. It organizes security testing into modular playbooks, checklists, and categorical vulnerability mappings to align specific exploitation techniques with target weaknesses. The repository covers a systematic sequence of information gathering task
Gowitness is a system for rendering web interfaces at scale to capture visual snapshots, HTTP metadata, and network scan results. It functions as a headless browser screenshot tool and a web surface mapper used to identify and visually document the attack surface of network ranges and URL lists. The tool includes a screenshot gallery server that provides a web-based interface for browsing, filtering, and managing a database of captures. It specifically serves as an Nmap target visualizer, parsing network scan results to automatically capture screenshots of discovered web services. Capabiliti
Get website IP address by scanning the entire net 通过扫描全网绕过CDN获取网站IP地址
GOWAPT is the younger brother of wfuzz a swiss army knife of WAPT, it allow pentester to perform huge activity with no stress at all, just configure it and it's just a matter of clicks.
Detect and bypass web application firewalls and protection systems
WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
` / | () | () | | / | ' \ / | | ' \| '| | ' \ / | | || (| | | | | (| | | |) | | | | | | | (| | \\,|| ||\, ||./|| ||| ||\,| |/ Beta - v0.8.7 Dashboard Finder ``
@Author: xxlin @Date: 2019-04-11 20:34:14 @LastEditors: ttttmr @LastEditTime: 2019-06-03 23:49:33 -->
Inforfinder is a tool made to collect information of any domain pointing at a server (ip,domain,range,file).
wig is a web application information gathering tool, which can identify numerous Content Management Systems and other administrative applications.
w11scan是一款分布式的WEB指纹识别系统(包括CMS识别、js框架、组件容器、代码语言、WAF等等),管理员可以在WEB端新增/修改指纹,建立批量的扫描任务,并且支持多种搜索语法。
kscan is a network security scanner and service fingerprinter used to discover active hosts and open ports. It functions as a network protocol analyzer and internal network mapper to identify reachable gateways and analyze the network surface area of target environments. The tool integrates external asset discovery by retrieving target hosts through external intelligence services and verifying their availability. It also operates as a credential brute force tool, testing authentication strength across multiple protocols using automated username and password dictionaries. The project covers n
I did this tool to help me to check which security headers are enabled on certain websites.
dirsearch is a command-line security tool and web path scanner used for discovering hidden directories and files on web servers. It functions as a recursive directory fuzzer and brute-force utility that identifies undocumented paths and sensitive files using wordlists and HTTP status codes. The tool distinguishes itself through template-driven path generation and an automated HTTP response filter that uses status codes, content length, and regex patterns to isolate valid targets. It supports recursive directory crawling to map complex web structures and provides state-persistence serializatio
CyberScan is an open source penetration testing tool that can analyse packets , decoding , scanning ports, pinging and geolocation of an IP including (latitude, longitude , region , country ...)
A very simple way to find out which SSL ciphersuites are supported by a target.
Tool to identify if a domain has got a CMS and determine his version.
Scan-T is an open source penetration testing tool that automates the process of detecting and collecting the hosts flaws and port fingerprinting. It comes with a powerful detection engine, many nice features for the ultimate penetration tester .
this tools can be searched web leak files