N00bs give credits i spent much time to find them on github so don't copy like a leecher mf. Original Credits : @MrBlackX ? JOOMLA SCAN ?
# --= https://github.com/drego85/JoomlaScan
? SN1PER - AUTOMATED PENTEST RECON SCANNER ?
# --= https://github.com/1N3/Sn1per
? SUBLIST3R - DNS SCAN ?
# --= https://github.com/aboul3la/Sublist3r
? PENTEST TOOL - CTF-TOOLS ?
# --= https://github.com/MrMugiwara/CTF-Tools
? A PRIVACY-RESPECTING, HACKABLE METASEARCH ENGINE ?
# --= https://github.com/asciimoo/searx
? CMSMAP SCANNER CMS AUTMOMATIC ?
# --= https://github.com/Dionach/CMSmap
?️ D-TECT - PENTESTING THE MODERN WEB ?️
# --= https://github.com/shawarkhanethicalhacker/D-TECT-1
? JSQL INJECTION V0.77 - JAVA APPLICATION FOR AUTOMATIC SQL DATABASE INJECTION ?
# --= https://github.com/ron190/jsql-injection
WAFNINJA - PENETRATION TESTERS FAVORITE FOR WAF BYPASSING # --= https://github.com/khalilbijjou/WAFNinja
? WHITEWIDOW 1.5.0 - SQL VULNERABILITY SCANNER ?
# --= https://github.com/Ekultek/whitewidow
? GOOGLE EXPLORER - GOOGLE MASS EXPLORER ?
# --= https://github.com/anarcoder/google_explorer
? WORDPRESS MASS EXPLOITER ?
# --= https://github.com/anarcoder/WordPressMassExploiter
JOOMLA MASS EXPLOITER # --= https://github.com/anarcoder/JoomlaMassExploiter
BBQSQL - A BLIND SQL INJECTION EXPLOITATION TOOL # --= https://github.com/Neohapsis/bbqsql
VBSCAN 0.1.7.1 - BLACK BOX VBULLETIN VULNERABILITY SCANNER # --= https://github.com/rezasp/vbscan/
? DRACNMAP - PENTEST EXPLOIT NETWORK AND GATHERING INFORMATION WITH NMAP ?
# --= https://github.com/screetsec/Dracnmap
? QRLJACKER - QRLJACKING EXPLOITATION FRAMEWORK ?
# --= https://github.com/OWASP/QRLJacking/tree/master/QrlJacking-Framework
? ONIOFF - ONION URL INSPECTOR ?
# --= https://github.com/k4m4/onioff
️ BLACKBOX - A PENETRATION TESTING FRAMEWORK ️# --= https://github.com/sepehrdaddev/blackbox
? BRUTEFORCE LISTS ?
# --= https://github.com/random-robbie/bruteforce-lists
? DRUPAL ENUMERATION & EXPLOITATION TOOL ?
# --= https://github.com/random-robbie/drupwn
? DIRSEARCH WEB PATH SCANNER ?
# --= https://github.com/maurosoria/dirsearch
? PHP UNIT BRUTE ?
# --= https://github.com/random-robbie/phpunit-brute
MINI PHP SHELLS # --= https://github.com/random-robbie/mini-php-shells
AUTO RECON INFORMATION GATHERING TOOL # --= https://github.com/random-robbie/AutoRecon
? WORDPRESS SMTP PLUGIN EXPLOIT ?
# --= https://github.com/KTN1990/WordPress-Easy-WP-SMTP-plugin-0day
? PHOTON WEB CRAWLER (OSINT) ?
# --= https://github.com/s0md3v/Photon
ACID REVERSE IP LOOKUPER 
# --= https://github.com/KTN1990/ACIDREVERSER
? EMAIL LIST GRABBER V2 ?
# --= https://github.com/KTN1990/Email-Grabber
?JOOMLA COM_XCLONER UPLOAD SHELL ?
# --= https://github.com/KTN1990/joomla-com_xcloner-upload_shell
CLOUD MANAGE SYSTEM(CMS) DETECTOR (PERL)# --= https://github.com/KTN1990/CMS-FAST-CHECKR
? POSTGRESQL DEFAULT PASSWORD AUTO EXPLOITER ?
# --= https://github.com/KTN1990/PostgreSQL--Attack-on-default-password-AUTOEXPLOITING-
? BREACHER - MULTITHREAD ADMIN PANEL FINDER ?
# --= https://github.com/s0md3v/Breacher
? SHIVA - WORDPRESS DOS EXPLOIT TOOL ?
# --= https://github.com/s0md3v/Shiva
⛓ PROXIFY MODULE FOR DUMP PROXIES ⛓
# --= https://github.com/s0md3v/proxify
? XSS FINDER (REFLECTED XSS) ?
# --= https://github.com/random-robbie/xssfinder
?MASSIVE | MIXED EXPLOIT TOOLS ?
# --= https://github.com/XiphosResearch/exploits
? WORDPRESS USER ENUMERATION TOOL ?
# --= https://github.com/XiphosResearch/wp-user-enum-scripts
? MASS WORDPRESS SHELL UPLOADER[REPAIRED] ?
# --= https://t.me/viperzcrewchat/13604
? MASS EXPLOITER SLIDERS REVOLUTION SHOWBIZ WORDPRESS ?
# --= https://t.me/viperzcrewchat/13605
? WORDPRESS EXPLOITATION FRAMEWORK ?
# --= https://github.com/rastating/wordpress-exploit-framework
? DEFACE WORDPRESS PAGE ?
# --= https://github.com/Bayz21/WP-3u3
WORDPRESS PLUGIN "WP CHECKOUT" MASS EXPLOIT # --= https://github.com/2inf3rnal/wp-checkout-exploit
? WP CONTENT INJECTION MASS EXPLOIT TOOL ?
# --= https://github.com/dr-iman/wp-content-injection-mass-exploit
? M3M0 PENETRATION TESTING TOOL (WORDPRESS, JOOMLA, DRUPAL) ?
# --= https://github.com/mrwn007/M3M0.git
? DRUPAL HUNTER EXPLOITATION TOOL ?
# --= https://github.com/dr-iman/Drupal-Hunter
CMS DETECTOR v2 (WP, DUPAL, JOOMLA) # --= https://github.com/dr-iman/cms-detector
? WORDPRESS DETECTOR (VULN DORKER) ?
# --= https://github.com/dr-iman/Wordpress-detector
? PACKET STORM EXPLOIT LIST ?
# --= https://github.com/BuddhaLabs/PacketStorm-Exploits
PHP SHELLS# --= https://github.com/backdoorhub/shell-backdoor-list/tree/master/shell/php? PHP FILE MANAGER ?
# --= https://github.com/alexantr/filemanager
? OPENCART BRUTEFORCE AND IMAGE UPLOAD ?
# --= https://github.com/indoxploit-coders/opencart-bruteforce
? WEBSHELLS v2 ?
# --= https://github.com/phpshellxyz/webshell
? MIXED TOOLS (Cpanel Brute, ShellFinder, Symlink Shell, DDoSer) ?
# --= https://github.com/incredibleindishell/PHP-web-shells
WHMCS KILLER V4 SHELL(Server Root, Domain Resellers, Client Root, CC, Pass, Accs) # --= https://github.com/iamhex/WHMCS-Killer-v4
? Amazon AWS S3 Bucket Enumeration ?
# --= https://github.com/0xSearches/sandcastle/
? Amazon SMTP Credential Checker ?
# --= https://github.com/noolep/AWCREC
? Twilio Mass Checker ?
# --= https://github.com/noolep/Twilio_Check
? Laravel .env Database Exploit ?
# --= https://github.com/security007/laravelExploit
? 007 Scanner(Grabber, Admin finder and more) ?
# --= https://github.com/security007/007scanner
? Laravel Config Exploit ?
# --= https://github.com/anhaxteam/laravel-config-exploit
Laravel PHP Unit RCE and Env Exploiter # --= https://github.com/vsec7/Laravel-PhpUnit-Rce-And-Get-Env-Exploiter
Zerobyte's Laravel Exploiter # --= https://github.com/zerobyte-id-bak/LaravelENV
? DarkSplitz Exploit Framework ?
# --= https://github.com/koboi137/darksplitz
? NetAss2 - Network Assessment Assistance Framework ?
# --= https://github.com/zerobyte-id-bak/NetAss2
? Bashter - Web Scanner & Analyzer ?
# --= https://github.com/zerobyte-id-bak/Bashter
? Domain Take Over Finder ?
# --= https://github.com/zerobyte-id-bak/FinderDomainTakeOver
? Sudomy - Subdomain Enumeration & Analysis ?
# --= https://github.com/Screetsec/Sudomy
? Wordpress Auto Upload Shell in Plugin ?
# --= https://github.com/AnonRoz-Team/wp_auto_upshell
?Domain to IP [FAST] ?
# --= https://github.com/rebl0x3r/domain2ip
? xAttacker - Website Vulnerability Scanner & Auto Exploiter ?
# --= https://github.com/moham3driahi/xattacker
? SQLI, LFI, XSS and RCE Dorker & Auto Exploiter ?
# --= https://github.com/xpr1m3/sqli-lfi-xss-rce-dorker-and-auto-exploiter-python-
? Drupal Hunter ?
# --= https://github.com/dr-iman/drupal-hunter
? Wordpress Exploits (Stored XSS, XML-RPC DDoS, Add Admin, RSS, Login) ?
# --= https://github.com/shadowz3n/wpexploit
Revslider Auto Exploiter # --= https://github.com/kyo1337/revsliderautoexploiter
? WebDav Mass Exploiter ?
# --= https://github.com/kyo1337/Webdav-Mass-Exploiter
? IP Mass Grabber [.exe] ?
# --= https://github.com/kyo1337/Mass-IP-Grabbing
? Shell Finder [ Dictionary Attack + Wordlist ]?
# --= https://github.com/kyo1337/Shell-Finder
? CMS Detector + Vulnerability Finder (Exploit DB) ?
# --= https://github.com/ptonewreckin/cmsdetector
? Advanced CMS Detector (Slow but Exact) ?
# --= https://github.com/redhathackers/cms-detector
? RDP Cracker [ BASH + Wordlists ] ?
# --= https://github.com/exploit-inters/crackrdp
TIDoS - The Offensive Manual Web Application Penetration Testing Framework # --= https://github.com/exploit-inters/TIDoS-Framework
? JustARandomBot Tool (SMTP Checker, Extract Data, Laravel Scanner, Email Filter, OpenCart Bruter, WP Bruter) ?
# --= https://t.me/leakerhounds/5966
? IP Generator ?
# --= https://t.me/ViperZCrew/16316
?? Faraday ??
# --= https://github.com/infobyte/faraday
? Automatic All Around Scanner ?
# --= https://github.com/az0ne/AZScanner
? LalaScan - Vulnerability Scanning Framework ?
# --= https://github.com/blackye/lalascan
?
BKScanner - Plug-in Web Vulnerability Scanner ?# --= https://github.com/blackye/BkScanner
? GourdScan V2 - Passive Vulnerability Scanning System ?
# --= https://github.com/ysrc/GourdScanV2
? PentestDB - Web Penetration Test Database ?
# --= https://github.com/alpha1e0/pentestdb
? Passive Scan - Web Vuln Scanner ?
# --= https://github.com/netxfly/passive_scan
? Automated Penetration Testing Scanner ?
# --= https://github.com/RASSec/pentestEr_Fully-automatic-scanner
? 3xpl0it - Automated Penetration Testing Framework ?
# --= https://github.com/3xp10it/3xp10it
? Lcyscan - Plugins Scanner ?
# --= https://github.com/Lcys/lcyscan
? POC-T - Plug-In Framework ?
# --= https://github.com/Xyntax/POC-T
? V3n0m Scanner For SQLi/XSS/LFI/RFI ?
# --= https://github.com/v3n0m-Scanner/V3n0M-Scanner)
?RED HAWK - All In One Information Gathering Tool ?
# --= https://github.com/Tuhinshubhra/RED_HAWK
? Arachni - Web Application Security Scanner Framework ?
# --= https://github.com/Arachni/arachn
? W8Scan - Similar To Bugscan ?
# --= https://github.com/boy-hack/w8scan
BruteXSS - Cross Site Scripting Bruteforcer # --= https://github.com/rajeshmajumdar/BruteXSS
? XSSTracer - Check For Cross-Site Tracing ?
# --= https://github.com/1N3/XSSTracer
? FuzzXssPHP - Reflected XSS Scanner ?
# --= https://github.com/0x584A/fuzzXssPHP
XSSScan - Reflected XSS Scanner # --= https://github.com/chuhades/xss_scan
? A plugin for browser that checks page haves xss and csrf vuln ?
# --= https://github.com/BlackHole1/autoFindXssAndCsrf
? Shuriken - XSS CLI Tools For Testing Lists Of XSS Payload on Web Apps ?
# --= https://github.com/shogunlab/shuriken
?XSStrike - Fuzz And Bruteforce Parameters For XSS,WAFs detect and bypass ?
# --= https://github.com/UltimateHackers/XSStrike
? Domain2IP & IP2Domain ?
# --= https://github.com/rebl0x3r/domain2ip
? CPanel Valid Login Checker ?
# --= https://t.me/ViperZCrew/16024
N00bs give credits i spent much time to find them on github so don't copy like a leecher mf.
Last edited by a moderator:
thanks for posting
