A simple pure-Python TCP Connect port scanner. This application leverages the use of Python's Standard Library asyncio framework to execute a number of TCP connections to an arbitrary number ports on target IP addresses, taking a
An automation tool that scans sub-domains using multiple tools. Most importantly, it greps all the words from the first, second and N level of subdomains and creates a wordlist. Then uses crt.sh to brute force every single name to
A proxy tool that records communication (requests, websockets) between client and server. This recording can later be used for tests as a mock backend. It works in 2 modes, RECORD and PLAYBACK, capturing and reproducing the server
Tool to find the real IP behind CDNs/WAFs like cloudflare using passive recon by retrieving the favicon hash. For the same hash value, all the possible IPs, PORTs and SSL/TLS Certs are searched to validate the target in-scope.
Developers commonly use apps like ngrok, localtunnel, or cloudflared to expose a local web service at a publicly-accessible URL. This is useful for developing with HTTPS or sharing a site preview with a colleague or client.
In the security test for android apps, we can specify a local proxy server or local DNS server from the Wifi settings and use a proxy tool to check request and response. Since it is troublesome to configure this from the GUI, we c
TinyCheck allows you to easily capture network communications from a smartphone or any device which can be associated to a Wi-Fi access point in order to quickly analyze them. This can be used to check if any suspect or malicious
TunnelPy simply exposes any service, running internally in a network/host, to the outside, by creating a tunnel between a client on the outside, and any internal host in a network, by pivoting from/to a 'middle-man' host that is a
Blackstone is a spaCy model and library for processing long-form, unstructured legal text. Here, we wrap Blackstone with a performant API layer written in Go. Communication between Blackstone and the API layer happens via gRPC.