TeamsUserEnum, sometimes user enumeration could be sometimes useful during the reconnaissance of an assessment. This tool will determine if an…
Godehashed is a golang tool that uses the dehashed.com API to search for compromised assets. Results can then be compiled…
RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding…
Instagram offers two kinds of APIs to developers. The Instagram API Platform (extremely limited in functionality and close to being…
A batch-catching, pattern-matching, patch-attacking secret snatcher. GitHound pinpoints exposed API keys on GitHub using pattern matching, commit history searching, and…
Frida-Fuzzer is a experimental fuzzer is meant to be used for API in-memory fuzzing. The design is highly inspired and…
REST API penetration testing is complex due to continuous changes in existing APIs and newly added APIs. Astra can be…
Automatic API Attack Tool is a imperva's customizable API attack tool takes an API specification as an input, generates and…
Secretx is a tool which is mainly used for extracting api keys and secrets by requesting each url at the…
RDPThief by itself is a standalone DLL that when injected in the mstsc.exe process, will perform API hooking, extract the…