GetAltName it’s a little script to discover sub-domains that can extract Subject Alt Names for SSL Certificates directly from HTTPS websites which can provide you with DNS names or virtual servers. It’s useful in a discovery phase of a pen-testing assessment, this tool can provide you with more information about your target and scope. Features […]
info gathering
Yuki Chan – Automated Penetration Testing Tool
Yuki Chan is an Automated Penetration Testing Tool that carries out a whole range of standard security auditing tasks automatically. It’s highly recommended to use this tool within Kali Linux OS as it already contains all the dependencies. This tool is only designed for Linux OS so if you are not using Linux OS it […]
PenTools – Penetration Testing Tools Bundle
PenTools is a bundle of Python and Bash penetration testing tools for the recon and information gathering stage of a PT or VA. They are fairly simple scripts but might be interesting if you are new and want to see how some things are done, or how things can be automated using Python or Bash. […]
snitch – Information Gathering Tool Via Dorks
Snitch is an information gathering tool which automates the process for a specified domain. Using built-in dork categories, this tool helps gather specified information domains which can be found using web search engines. It can be quite useful in early phases of penetration tests (commonly called the Information Gathering phase). snitch can identify general information, […]
SpiderFoot – Open Source Intelligence Automation Tool (OSINT)
SpiderFoot is an open source intelligence automation tool. Its goal is to automate the process of gathering intelligence about a given target, which may be an IP address, domain name, hostname or network subnet. SpiderFoot can be used offensively, i.e. as part of a black-box penetration test to gather information about the target or defensively […]