Tools

-1-Burp extension for handling complex login sequences:

https://github.com/synopsys-sig/ATOR-Burp


-2-An automated SSRF finder:


https://github.com/michaelben6/SSRFire



-3-Extract endpoints from APK files:


https://github.com/ndelphit/apkurlgrep



-4-Selenium based web scraper to generate passwords list:



https://github.com/dariusztytko/words-scraper



-5-A tool for searching a Git repository for interesting content:



https://github.com/digininja/GitHunter/



-6-Quick script to nd domains who belong to a company through http://whoxy.com:


https://github.com/gwen001/pentest-tools/blob/master/domain-finder.py



-7-Automated JS Discovery:



https://github.com/robre/scripthunter



-8- Mass scan IPs for vulnerable services :



https://github.com/s0md3v/Silver



-9-Incredibly fast crawler designed for OSINT.:


https://github.com/s0md3v/Photon



-10- Most advanced XSS scanner. :


https://github.com/s0md3v/XSStrike



-11-Suite of programs meant to aid in bug hunting and security assessments:



https://github.com/fellchase/flumberboozle



-12-Extract endpoints from apk files:



https://github.com/s0md3v/Diggy



-13-Bash script to automate running subdomain enumeration, screenshots and directory enumeration tools:


https://github.com/Sambal0x/Recon-tools



-14-Trying to make automated recon for bug bounties:


https://github.com/phspade/Automated-Scanner



-15-An automated target reconnaissance pipeline:


https://github.com/epi052/recon-pipeline



-16-Reconstruct javascript from a sourcemap in bash:


https://github.com/tehryanx/sourcemapper