Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.

Web application vulnerability scanner

The Most Advanced Client-Side Prototype Pollution Scanner

This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)

dogpack is an open-source reconnaissance and information gathering tool designed for analyzing websites. It automates the process of collecting critical data about a target domain, helping users perform security assessments, gather intelligence, and identify potential vulnerabilities.

Just a mirror of uniscan project

A lightweight Python-based web scanner that inspects websites for common client-side vulnerabilities such as missing security headers, clickjacking issues, JavaScript exposure, and insecure form behaviors.

HeaderSentinel is a high-performance, professional HTTP security analyzer written in Go. It performs deep inspection of HTTP response headers and status behavior to identify security misconfigurations, calculate risk scores, and provide actionable remediation advice.