Awesome WebPenetration Testing []

Tools

• Dirhunt - Dirhunt does not use brute force. But neither is it just a crawler. This tool is faster than others because it minimizes requests to the server. Generally, this tool takes between 5-30 seconds, depending on the website and the server.

• Photon - Photon can extract the following data while crawling: URLs (in-scope & out-of-scope) URLs with parameters (example.com/gallery.php?id=2) Intel (emails, social media accounts, amazon buckets etc.) Files (pdf, png, xml etc.) Secret keys (auth/API keys & hashes) JavaScript files & Endpoints present in them Strings matching custom regex pattern Subdomains & DNS related data. p align="center">

* [Halberd](https://github.com/jmbr/halberd) - Halberd discovers HTTP load balancers. It is useful for web application security auditing and for load balancer configuration testing. * [SubOver](https://github.com/Ice3man543/SubOver) -Currently Checked Services Github, Heroku, Unbounce, Tumblr, Shopify, Instapage, Desk, Tictail, Campaignmonitor, Cargocollective, Statuspage, Amazonaws, Cloudfront, Bitbucket, Smartling, Acquia, Fastly, Pantheon, Zendesk, Uservoice, Ghost, Freshdesk, Pingdom, Tilda, Wordpress, Teamwork, Helpjuice, Helpscout, Cargo, Feedpress, Surge, Surveygizmo, Mashery, Intercom, Webflow, Kajabi, Thinkific, Tave, Wishpond, Aftership, Aha, Brightcove, Bigcartel, Activecompaign, Compaignmonitor, Acquia, Proposify, Simplebooklet, Getresponse, Vend, Jetbrains, Azure .

* [domained](https://github.com/cak/domained) - Subdomain Enumeraton Tools: Sublist3r by Ahmed Aboul-Ela enumall by Jason Haddix Knock by Gianni Amato Subbrute by TheRook massdns by B. Blechschmidt Recon-ng by Tim Tomes (LaNMaSteR53) Amass by Jeff Foley (caffix) SubFinder by by Ice3man543. * [Dirsearch](https://github.com/maurosoria/dirsearch) - dirsearch is a simple command line tool designed to brute force directories and files in websites.