![Warning :warning: ⚠️](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/26a0.png)
![Warning :warning: ⚠️](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/26a0.png)
? JOOMLA SCAN ?
# --= https://github.com/drego85/JoomlaScan
? SN1PER - AUTOMATED PENTEST RECON SCANNER ?
# --= https://github.com/1N3/Sn1per
? SUBLIST3R - DNS SCAN ?
# --= https://github.com/aboul3la/Sublist3r
? PENTEST TOOL - CTF-TOOLS ?
# --= https://github.com/MrMugiwara/CTF-Tools
? A PRIVACY-RESPECTING, HACKABLE METASEARCH ENGINE ?
# --= https://github.com/asciimoo/searx
? CMSMAP SCANNER CMS AUTMOMATIC ?
# --= https://github.com/Dionach/CMSmap
?️ D-TECT - PENTESTING THE MODERN WEB ?️
# --= https://github.com/shawarkhanethicalhacker/D-TECT-1
? JSQL INJECTION V0.77 - JAVA APPLICATION FOR AUTOMATIC SQL DATABASE INJECTION ?
# --= https://github.com/ron190/jsql-injection
![Crossed swords :crossed_swords: ⚔️](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/2694.png)
![Crossed swords :crossed_swords: ⚔️](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/2694.png)
# --= https://github.com/khalilbijjou/WAFNinja
? WHITEWIDOW 1.5.0 - SQL VULNERABILITY SCANNER ?
# --= https://github.com/Ekultek/whitewidow
? GOOGLE EXPLORER - GOOGLE MASS EXPLORER ?
# --= https://github.com/anarcoder/google_explorer
? WORDPRESS MASS EXPLOITER ?
# --= https://github.com/anarcoder/WordPressMassExploiter
![Multiplication sign :heavy_multiplication_x: ✖️](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/2716.png)
![Multiplication sign :heavy_multiplication_x: ✖️](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/2716.png)
# --= https://github.com/anarcoder/JoomlaMassExploiter
![Hot springs :hotsprings: ♨️](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/2668.png)
![Hot springs :hotsprings: ♨️](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/2668.png)
# --= https://github.com/Neohapsis/bbqsql
![Balance scale :scales: ⚖️](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/2696.png)
![Balance scale :scales: ⚖️](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/2696.png)
# --= https://github.com/rezasp/vbscan/
? DRACNMAP - PENTEST EXPLOIT NETWORK AND GATHERING INFORMATION WITH NMAP ?
# --= https://github.com/screetsec/Dracnmap
? QRLJACKER - QRLJACKING EXPLOITATION FRAMEWORK ?
# --= https://github.com/OWASP/QRLJacking/tree/master/QrlJacking-Framework
? ONIOFF - ONION URL INSPECTOR ?
# --= https://github.com/k4m4/onioff
![Black large square :black_large_square: ⬛](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/2b1b.png)
![Black large square :black_large_square: ⬛](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/2b1b.png)
# --= https://github.com/sepehrdaddev/blackbox
? BRUTEFORCE LISTS ?
# --= https://github.com/random-robbie/bruteforce-lists
? DRUPAL ENUMERATION & EXPLOITATION TOOL ?
# --= https://github.com/random-robbie/drupwn
? DIRSEARCH WEB PATH SCANNER ?
# --= https://github.com/maurosoria/dirsearch
? PHP UNIT BRUTE ?
# --= https://github.com/random-robbie/phpunit-brute
![Check mark :heavy_check_mark: ✔️](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/2714.png)
![Check mark :heavy_check_mark: ✔️](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/2714.png)
# --= https://github.com/random-robbie/mini-php-shells
![Gear :gear: ⚙️](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/2699.png)
![Gear :gear: ⚙️](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/2699.png)
# --= https://github.com/random-robbie/AutoRecon
? WORDPRESS SMTP PLUGIN EXPLOIT ?
# --= https://github.com/KTN1990/WordPress-Easy-WP-SMTP-plugin-0day
? PHOTON WEB CRAWLER (OSINT) ?
# --= https://github.com/s0md3v/Photon
![Play button :arrow_forward: ▶️](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/25b6.png)
![Reverse button :arrow_backward: ◀️](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/25c0.png)
# --= https://github.com/KTN1990/ACIDREVERSER
? EMAIL LIST GRABBER V2 ?
# --= https://github.com/KTN1990/Email-Grabber
?JOOMLA COM_XCLONER UPLOAD SHELL ?
# --= https://github.com/KTN1990/joomla-com_xcloner-upload_shell
![Cloud :cloud: ☁️](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/2601.png)
![Cloud :cloud: ☁️](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/2601.png)
# --= https://github.com/KTN1990/CMS-FAST-CHECKR
? POSTGRESQL DEFAULT PASSWORD AUTO EXPLOITER ?
# --= https://github.com/KTN1990/PostgreSQL--Attack-on-default-password-AUTOEXPLOITING-
? BREACHER - MULTITHREAD ADMIN PANEL FINDER ?
# --= https://github.com/s0md3v/Breacher
? SHIVA - WORDPRESS DOS EXPLOIT TOOL ?
# --= https://github.com/s0md3v/Shiva
⛓ PROXIFY MODULE FOR DUMP PROXIES ⛓
# --= https://github.com/s0md3v/proxify
? XSS FINDER (REFLECTED XSS) ?
# --= https://github.com/random-robbie/xssfinder
?MASSIVE | MIXED EXPLOIT TOOLS ?
# --= https://github.com/XiphosResearch/exploits
? WORDPRESS USER ENUMERATION TOOL ?
# --= https://github.com/XiphosResearch/wp-user-enum-scripts
? MASS WORDPRESS SHELL UPLOADER[REPAIRED] ?
# --= https://t.me/viperzcrewchat/13604
? MASS EXPLOITER SLIDERS REVOLUTION SHOWBIZ WORDPRESS ?
# --= https://t.me/viperzcrewchat/13605
? WORDPRESS EXPLOITATION FRAMEWORK ?
# --= https://github.com/rastating/wordpress-exploit-framework
? DEFACE WORDPRESS PAGE ?
# --= https://github.com/Bayz21/WP-3u3
![Check mark button :white_check_mark: ✅](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/2705.png)
![Check mark button :white_check_mark: ✅](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/2705.png)
# --= https://github.com/2inf3rnal/wp-checkout-exploit
? WP CONTENT INJECTION MASS EXPLOIT TOOL ?
# --= https://github.com/dr-iman/wp-content-injection-mass-exploit
? M3M0 PENETRATION TESTING TOOL (WORDPRESS, JOOMLA, DRUPAL) ?
# --= https://github.com/mrwn007/M3M0.git
? DRUPAL HUNTER EXPLOITATION TOOL ?
# --= https://github.com/dr-iman/Drupal-Hunter
![Alarm clock :alarm_clock: ⏰](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/23f0.png)
![Alarm clock :alarm_clock: ⏰](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/23f0.png)
# --= https://github.com/dr-iman/cms-detector
? WORDPRESS DETECTOR (VULN DORKER) ?
# --= https://github.com/dr-iman/Wordpress-detector
? PACKET STORM EXPLOIT LIST ?
# --= https://github.com/BuddhaLabs/PacketStorm-Exploits
![Fleur-de-lis :fleur-de-lis: ⚜️](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/269c.png)
![Fleur-de-lis :fleur-de-lis: ⚜️](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/269c.png)
? PHP FILE MANAGER ?
# --= https://github.com/alexantr/filemanager
? OPENCART BRUTEFORCE AND IMAGE UPLOAD ?
# --= https://github.com/indoxploit-coders/opencart-bruteforce
? WEBSHELLS v2 ?
# --= https://github.com/phpshellxyz/webshell
? MIXED TOOLS (Cpanel Brute, ShellFinder, Symlink Shell, DDoSer) ?
# --= https://github.com/incredibleindishell/PHP-web-shells
![Crossed swords :crossed_swords: ⚔️](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/2694.png)
![Crossed swords :crossed_swords: ⚔️](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/2694.png)
# --= https://github.com/iamhex/WHMCS-Killer-v4
? Amazon AWS S3 Bucket Enumeration ?
# --= https://github.com/0xSearches/sandcastle/
? Amazon SMTP Credential Checker ?
# --= https://github.com/noolep/AWCREC
? Twilio Mass Checker ?
# --= https://github.com/noolep/Twilio_Check
? Laravel .env Database Exploit ?
# --= https://github.com/security007/laravelExploit
? 007 Scanner(Grabber, Admin finder and more) ?
# --= https://github.com/security007/007scanner
? Laravel Config Exploit ?
# --= https://github.com/anhaxteam/laravel-config-exploit
![Multiplication sign :heavy_multiplication_x: ✖️](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/2716.png)
![Multiplication sign :heavy_multiplication_x: ✖️](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/2716.png)
# --= https://github.com/vsec7/Laravel-PhpUnit-Rce-And-Get-Env-Exploiter
![Keycap: 0 :zero: 0️⃣](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/0030-20e3.png)
![Keycap: 0 :zero: 0️⃣](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/0030-20e3.png)
# --= https://github.com/zerobyte-id-bak/LaravelENV
? DarkSplitz Exploit Framework ?
# --= https://github.com/koboi137/darksplitz
? NetAss2 - Network Assessment Assistance Framework ?
# --= https://github.com/zerobyte-id-bak/NetAss2
? Bashter - Web Scanner & Analyzer ?
# --= https://github.com/zerobyte-id-bak/Bashter
? Domain Take Over Finder ?
# --= https://github.com/zerobyte-id-bak/FinderDomainTakeOver
? Sudomy - Subdomain Enumeration & Analysis ?
# --= https://github.com/Screetsec/Sudomy
? Wordpress Auto Upload Shell in Plugin ?
# --= https://github.com/AnonRoz-Team/wp_auto_upshell
?Domain to IP [FAST] ?
# --= https://github.com/rebl0x3r/domain2ip
? xAttacker - Website Vulnerability Scanner & Auto Exploiter ?
# --= https://github.com/moham3driahi/xattacker
? SQLI, LFI, XSS and RCE Dorker & Auto Exploiter ?
# --= https://github.com/xpr1m3/sqli-lfi-xss-rce-dorker-and-auto-exploiter-python-
? Drupal Hunter ?
# --= https://github.com/dr-iman/drupal-hunter
? Wordpress Exploits (Stored XSS, XML-RPC DDoS, Add Admin, RSS, Login) ?
# --= https://github.com/shadowz3n/wpexploit
![Reverse button :arrow_backward: ◀️](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/25c0.png)
![Reverse button :arrow_backward: ◀️](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/25c0.png)
# --= https://github.com/kyo1337/revsliderautoexploiter
? WebDav Mass Exploiter ?
# --= https://github.com/kyo1337/Webdav-Mass-Exploiter
? IP Mass Grabber [.exe] ?
# --= https://github.com/kyo1337/Mass-IP-Grabbing
? Shell Finder [ Dictionary Attack + Wordlist ]?
# --= https://github.com/kyo1337/Shell-Finder
? CMS Detector + Vulnerability Finder (Exploit DB) ?
# --= https://github.com/ptonewreckin/cmsdetector
? Advanced CMS Detector (Slow but Exact) ?
# --= https://github.com/redhathackers/cms-detector
? RDP Cracker [ BASH + Wordlists ] ?
# --= https://github.com/exploit-inters/crackrdp
![Check mark :heavy_check_mark: ✔️](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/2714.png)
![Check mark :heavy_check_mark: ✔️](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/2714.png)
# --= https://github.com/exploit-inters/TIDoS-Framework
? JustARandomBot Tool (SMTP Checker, Extract Data, Laravel Scanner, Email Filter, OpenCart Bruter, WP Bruter) ?
# --= https://t.me/leakerhounds/5966
? IP Generator ?
# --= https://t.me/ViperZCrew/16316
?? Faraday ??
# --= https://github.com/infobyte/faraday
? Automatic All Around Scanner ?
# --= https://github.com/az0ne/AZScanner
? LalaScan - Vulnerability Scanning Framework ?
# --= https://github.com/blackye/lalascan
?
![Male sign :male_sign: ♂️](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/2642.png)
![Male sign :male_sign: ♂️](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/2642.png)
# --= https://github.com/blackye/BkScanner
? GourdScan V2 - Passive Vulnerability Scanning System ?
# --= https://github.com/ysrc/GourdScanV2
? PentestDB - Web Penetration Test Database ?
# --= https://github.com/alpha1e0/pentestdb
? Passive Scan - Web Vuln Scanner ?
# --= https://github.com/netxfly/passive_scan
? Automated Penetration Testing Scanner ?
# --= https://github.com/RASSec/pentestEr_Fully-automatic-scanner
? 3xpl0it - Automated Penetration Testing Framework ?
# --= https://github.com/3xp10it/3xp10it
? Lcyscan - Plugins Scanner ?
# --= https://github.com/Lcys/lcyscan
? POC-T - Plug-In Framework ?
# --= https://github.com/Xyntax/POC-T
? V3n0m Scanner For SQLi/XSS/LFI/RFI ?
# --= https://github.com/v3n0m-Scanner/V3n0M-Scanner)
?RED HAWK - All In One Information Gathering Tool ?
# --= https://github.com/Tuhinshubhra/RED_HAWK
? Arachni - Web Application Security Scanner Framework ?
# --= https://github.com/Arachni/arachn
? W8Scan - Similar To Bugscan ?
# --= https://github.com/boy-hack/w8scan
![Multiplication sign :heavy_multiplication_x: ✖️](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/2716.png)
![Multiplication sign :heavy_multiplication_x: ✖️](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/2716.png)
# --= https://github.com/rajeshmajumdar/BruteXSS
? XSSTracer - Check For Cross-Site Tracing ?
# --= https://github.com/1N3/XSSTracer
? FuzzXssPHP - Reflected XSS Scanner ?
# --= https://github.com/0x584A/fuzzXssPHP
![Snowflake :snowflake: ❄️](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/2744.png)
![Snowflake :snowflake: ❄️](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/2744.png)
# --= https://github.com/chuhades/xss_scan
? A plugin for browser that checks page haves xss and csrf vuln ?
# --= https://github.com/BlackHole1/autoFindXssAndCsrf
? Shuriken - XSS CLI Tools For Testing Lists Of XSS Payload on Web Apps ?
# --= https://github.com/shogunlab/shuriken
?XSStrike - Fuzz And Bruteforce Parameters For XSS,WAFs detect and bypass ?
# --= https://github.com/UltimateHackers/XSStrike
? Domain2IP & IP2Domain ?
# --= https://github.com/rebl0x3r/domain2ip
? CPanel Valid Login Checker ?
# --= https://t.me/ViperZCrew/16024
![Warning :warning: ⚠️](https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/26a0.png)
Last edited by a moderator: