Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.

• UpdatedMar 25, 2025
• Go

Attack Surface Management Platform

• UpdatedFeb 28, 2025
• Shell

A Workflow Engine for Offensive Security

• UpdatedFeb 6, 2025
• Go

Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.

• UpdatedFeb 18, 2025
• C#

Quickly discover exposed hosts on the internet using multiple search engines.

• UpdatedMar 13, 2025
• Go

AttackSurfaceMapper is a tool that aims to automate the reconnaissance process.

• UpdatedApr 8, 2024
• Python

Chiasmodon is an OSINT tool designed to assist in the process of gathering information about a target domain. Its primary functionality revolves around searching for domain-related data, including domain emails, domain credentials, CIDRs , ASNs , and subdomains, the tool also allows users to search Google Play application ID.

• UpdatedSep 24, 2024
• Python

OSINT Template Engine

• UpdatedJul 20, 2023
• C

External attack surface discovery, enumeration and reconnaissance for massive networks

• UpdatedMar 7, 2025
• Shell

Curated list of open-source & paid Attack Surface Monitoring (ASM) tools.

• UpdatedOct 9, 2024

Find cloud assets that no one wants exposed 🔎 ☁️

• UpdatedJul 20, 2020
• Go

the blazing-fast pentesting suite.

• UpdatedDec 2, 2024
• Go

WebStor efficiently enumerates all websites across your organization’s networks and those in your DNS records - including cloud-hosted servers via zone transfer data - stores their responses, and lets you query for known web technologies, including those with zero-day vulnerabilities.

• UpdatedMar 31, 2024
• Python

Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty

• UpdatedSep 27, 2021
• Shell

Site-Scanner - Web application vulnerability assessment tool.

• UpdatedJul 30, 2024
• Python

Seekolver is a tool focused on attack-surface mapping. It performs searches for subdomains associated with root domains and root domains associated with organisations using open sources, additionally, it resolves these domains and subdomains in search of HTTP and HTTPS services and then filters the information obtained based on their response.

• UpdatedDec 11, 2023
• Python

Based on Lightspin proprietary data, research, and our tracking of cloud security trends in the market, our research team has compiled a list of the 2022 Top 7 Cloud Attack Paths across AWS, Azure, GCP, and Kubernetes as seen on the Lightspin Cloud Native Application Protection Platform.

• UpdatedAug 8, 2022

OWASP Amass Docker Compose for setting up a full instance of the infrastructure

• UpdatedMar 19, 2025
• Shell

Minimal web server enumeration & attack surface detection tool based on results of nmap.

• UpdatedSep 24, 2024
• Shell

ssb=simple subdomain bruteforcer

• UpdatedMar 10, 2023
• Python