RaaP | xfgEHLtmwl

Mobile Application
1. Android
  1. Apkatshu
  2. ReverseAPK
  3. slicer
  4. mobi
  5. reverse-apk
Domains
1. Horizontal Domain Discovery (Acquisitions & Entities)
  1. knockknock
  2. get_acquisitions
  3. DomLink
  4. whoxyrm
  5. Elevate
2. Vertical Domain Discovery
  1. Passive Subdomain Enumeration
    1. Single Execution
      1. Findomain
      2. vita
      3. subfinder
      4. sigsubs
      5. knock
      6. github-subdomains
      7. OneForAll
      8. SimpleReconSubdomain
      9. SubDomainizer
      10. assetfinder
      11. crtfinder
      12. crtsh
      13. sub.sh
      14. Amass
    2. Continuous Monitor
      1. CertEagle
      2. sublert
      3. monitor-new-subdomain
      4. Substr3am
  2. Active Subdomain Enumeration
    1. DNS Resolvers Lists
      1. bass
      2. grepips
      3. fresh.py
      4. dnsresolvers
      5. dnsvalidator
      6. dmut-resolvers
      7. dnsfaster
    2. Domain Mutation
      1. dnsgen
      2. gotator
      3. DNSCewl
      4. goaltdns
      5. altdns
      6. permDNS
      7. dmut
    3. Get fresh list of resolvers for DNS bruteforce
      1. Subdomains Bruteforce
      2. sonar
      3. ksubdomain
      4. shuffledns
      5. massdns
      6. puredns
      7. dnscan
      8. BadDNS
      9. flydns
      10. dnsspider
      11. dnsx
      12. dnsrecon
      13. rusolver
      14. r3solve
      15. resolvermt
      16. dnscheck
      17. Syborg
      18. Reverse DNS
      19. hakrevdns
      20. Possible output: 1. A records (IPv4) 2. CNAME records 3. MX records 4. TXT records 5. AAAA (IPv6) 6. NS records
    4. Get mutated subdomains list
  3. VHost Discovery
    1. VHostScan
  4. scraped subdomains list
3. Send results for vertical enumeration
ASN
1. ASN-Eagle
2. Asnlookup
3. asnip
4. asnrecon
5. Metabigor
Leak Finder
1. git
  1. Git-Pwned
  2. GitGot
  3. Git_Secret
  4. GithubCloner
  5. Hogger
  6. github-search
  7. gitls
  8. gitleaks-wrapper
  9. shhgit
  10. gitGraber
  11. github-dorks
2. Others
  1. shania
  2. sloot
  3. santaHog
  4. locohunt
  5. keyFinder
  6. circleci-logs
  7. yar
  8. Scavenger
  9. TravisLeaks
  10. keyhacks
  11. xkeys
Data
1. Dictionary/Wordlists
  1. Gf-Patterns
  2. squeaky
  3. wordlists
  4. gf-secrets
  5. Dictionary-Of-Pentesting
  6. RegHex
  7. bruteforce-lists
  8. keywords
  9. OneListForAll
  10. PassList
  11. ApiWordlistGenerator
  12. PayloadsAllTheThings
  13. fuzzmost
  14. htshells
  15. Oracle-EBS-Security-Audit
  16. wwwordlist
  17. SSRF-Testing
2. Bug Bounty Resources
  1. Bug-Bounty-Roadmaps
  2. targets
  3. awesome-bughunting-oneliners
  4. assessment-mindset
  5. awesome-oneliner-bugbounty
  6. bugbounty-cheatsheet
  7. webHunt
  8. BB-datas
  9. learn365
  10. one_liner
  11. KingOfBugBountyTips
  12. nahamcon-axiom-demo-2021
  13. hackerone-reports
  14. Web-Attack-Cheat-Sheet
  15. recox
  16. idun
  17. owncraft
  18. tipseeker
  19. Scanners-Box
  20. xsleaks
  21. bugbounty-dorks
All In One(AIO)
1. Sn1per
2. HydraRecon
3. Eagle
4. Monitorizer
5. Bountystrike-sh
6. project-black
7. Interlace
8. Reconnoitre
9. penum
10. cariddi
11. recon-pipeline
12. 3klCon
13. xray
14. Bheem
15. bbrf-server
16. Osmedeus
17. bug-bounty
18. bugshop
19. rengine
20. gampung
21. crimson
22. bbht
23. lazyrecon
24. horizon
25. nuclei
26. Garud
27. pentestER-Fully-automatic-scanner
28. DomainRecon
29. reconness
30. magicRecon
31. celerystalk
32. reconftw
33. chomp-scan
34. rejig
35. ARL
36. BigBountyRecon
37. cent
subdomain wordlists
1. jhaddix wordlists
2. himanshudas wordlist
3. EnumerationList
Web Servers
1. Enumerate valid web servers
  1. httpgrep
  2. httprobe
  3. httpx
  4. fprobe
  5. fhc
2. URL weild
  1. crawlers/spider
    1. hakrawler
    2. urlgrab
    3. SourceWolf
    4. gau
    5. gauplus
    6. waybackurls
    7. scout
    8. nozaki
    9. gospider
    10. URL's cleanup
      1. qsfuzz
      2. grapX
      3. urldedupe
      4. uniqurl
  2. scanners
    1. jaeles
    2. nuclei
    3. BountyIt
    4. sns
    5. detective
  3. fingerprint
    1. massprint
    2. webanalyze
    3. wappalyzergo
    4. gofingerprint
    5. GoPatternMatcher
    6. Wappaligner
  4. enumerate
    1. urlprobe
    2. burl
    3. GoHead
    4. dirscraper
    5. cc.py
    6. GoLinkFinder
    7. dirlstr
    8. Drishti
    9. bulkreq
    10. get-title
    11. FavFreak
    12. FavHunt
    13. favicon wordlists
  5. bruteforce/fuzzing
    1. parameters
      1. fuzzparam
      2. ParamPamPam
      3. parameth
      4. Arjun
      5. ParameterMiner
      6. ParamSpider
      7. paraglider
      8. x8
    2. URL's
      1. byp4xx
      2. XFFenum
      3. rate-limit-checker
      4. DirDar
      5. meg
      6. cansina
      7. scanomaly
      8. url-fuzzer
    3. Content Discovery
      1. pathbrute
      2. crithit
      3. kiterunner
      4. yotter
      5. urlbuster
      6. ffufplus
      7. ffuf
      8. fuzznav
      9. ChopChop
      10. boxer
      11. dirble
      12. dirmap
      13. fasdir
      14. feroxbuster
      15. lulzbuster
      16. rustbuster
    4. context-specific wordlists
    5. wordlists
      1. params
      2. Top-parameters-list
      3. top25-parameter
      4. ffw-content-discovery
  6. exploit
    1. HTTP Smuggling
      1. h2csmuggler
      2. http2smugl
      3. request_smuggler
      4. smuggler
    2. CRLF
      1. Injectus
      2. crlfuzz
      3. crlf-injector
      4. crlfmap
    3. Cross Site Scripting(XSS)
      1. findom-xss
      2. dalfox
      3. kxss
      4. bxss
      5. Gxss
      6. xsspwn
      7. puff
      8. XSpear
      9. QuickXSS
      10. XRCross
      11. ezXSS
    4. Open Redirect
      1. ORtester
      2. dom-red
      3. open-redirect
    5. CORS
      1. corsX
      2. theftfuzzer
    6. SSRF
      1. SSRFuck
      2. SSRFmap
      3. ssrf-tool
      4. ssrfDetector
      5. ssrfuzz
    7. Host-header
      1. xforwardy
      2. hinject
      3. HostPanic
  7. URL manipulation
    1. unew
    2. uddup
    3. ureplace
    4. qsreplace
    5. unfurl
    6. gal
  8. misc
    1. gee
    2. differer
    3. XSSwagger
    4. anewer
    5. Keye
    6. web-cache-deception-checker
    7. nginxpwner
    8. untrusted-types
    9. waybackSqliScanner
    10. fuxploider
  9. Javascript Enumerations
    1. getJS
    2. jsleak
    3. endpointdiff
    4. linkz
    5. FileChangeMonitor
    6. diffJs
    7. subscraper
    8. linkJS
    9. LinkFinder
    10. jsubfinder
    11. nipejs
    12. js-identifiers
    13. JSFScan.sh
    14. js-parse
    15. is-website-vulnerable
    16. SecretFinder
    17. JScanner
    18. JSParser
    19. jsmon
    20. scripthunter
    21. extract-relative-url-heapsnapshot
  10. URL's screenshot
    1. Deeplack
    2. Snapper
    3. crystalball
    4. eyeballer
    5. electric-scan
    6. gowitness
    7. lightScreenShot
    8. go-stare
    9. EyeWitness
Generate wordlists
1. wordlistgen
Subdomain Takeover
1. robusto
2. subjack
3. takeover
4. second-order
5. SubOver
6. subcapture
7. NtHiM
IP Address
1. Remove CDN IP
  1. cdnstrip
  2. cdncheck
2. Port Scan
  1. DivideAndScan
  2. RustScan
  3. blackwater
  4. masscan
  5. nmap
vulscan
FavHash
brutespray
Miscellaneous DNS tools
1. dkimsc4n
2. DeadDNS
3. domainhunter
4. FindFrontableDomains
5. NSBrute
6. cloudfrunt
vscan-go
BruteX
Himanshu Kumar Das
License: Creative Commons
grepips
get CIDR or ipv4