Top Tools This Month
|
sqlmap
Automate the process of detecting and exploiting SQL injection flaws and taking over of database servers.
πΈοΈ Web / API
-
πͺ Windows
π§ Linux
-
π€ Free
nuclei
Fast and customizable vulnerability scanner based on simple YAML based DSL.
π₯οΈ Infrastructure
πΈοΈ Web / API
-
πͺ Windows
π MacOS
π§ Linux
-
π€ Free
feroxbuster
A fast, simple, recursive content discovery tool written in Rust.
πΈοΈ Web / API
-
πͺ Windows
π MacOS
π§ Linux
-
π€ Free
kiterunner
Kiterunner is a tool that is capable of performing traditional content discovery and bruteforcing of routes/endpoints in modern applications.
πΈοΈ Web / API
-
π MacOS
π§ Linux
-
π€ Free
dalfox
Dalfox is a powerful open-source XSS scanner and utility focused on automation.
πΈοΈ Web / API
-
πͺ Windows
π MacOS
π§ Linux
-
π€ Free
crlfuzz
A fast tool to scan CRLF vulnerability written in Go
πΈοΈ Web / API
-
πͺ Windows
π MacOS
π§ Linux
-
π€ Free
headi
Customisable and automated HTTP header injection
πΈοΈ Web / API
-
π§ Linux
-
π€ Free
byp4xx
40X/HTTP bypasser in Go. Features: Verb tampering, headers, #bugbountytips, User-Agents, extensions, default credentials...
πΈοΈ Web / API
-
π€ Free
LEAKEY
A bash script which checks and validates leaked credentials.
πΈοΈ Web / API
-
π€ Free
CloakQuest3r
Uncover the true IP address of websites safeguarded by Cloudflare & Others
πΈοΈ Web / API
-
πͺ Windows
π MacOS
π§ Linux
-
π€ Free
clairvoyance
Obtain GraphQL API schema even if the introspection is disabled
πΈοΈ Web / API
-
π§ Linux
-
π€ Free
graphqlMaker
Finds graphql queries in javascript files
πΈοΈ Web / API
-
π§ Linux
-
π€ Free
No results found
Looks like there's nothing that matches your filters.
Check back in later!
Tools by category
πΈοΈ Web / API
π¦ Blue Team
π₯ Red Team
πͺ Purple Team
βοΈ Cloud
π± Mobile
π Compiled Application
π§βπ» Code Review
ποΈ OSINT
π₯οΈ Infrastructure
π€ Other
Upvote to start earning kudos!
Pentest List is a curation of the latest top-rated tools and content in penetration testing and security defense. Discover cutting-edge tools, blogs, and more, covering port scanning, SQL injection, and a wide range of other vulnerability exploits.
2024 Pentest List, All Rights Reserved.