Content Discovery

Ultimate Web Brute-Forcer

Get all possible URLs for a web app through js extraction, fuzzing per dir level, wayback archive, remove false positives and do everything in parallel

Complexity
Publisherzaric
Content Discovery

Fuzz URL Levels - Multiple

Enumerate URLs for a list of hosts, then use a wordlist to fuzz for additional directories at each level.

Complexity
Publisherzaric
Content Discovery

Fuzz URL levels

Enumerate URLs for a host, then use a wordlist to fuzz for additional directories at each level.

Complexity
Publishertrickest-mhmdiaa
Content Discovery

Check URLs and send notification on diff

Take a list of URLs, request them, and send notification if changes occur in title, status code or content-length

Complexity
Publisherzaric
Content Discovery

Custom Parameter Discovery Wordlist

Collect URLs of a list of domains and generate a custom parameter discovery wordlist

Complexity
Publishertrickest-mhmdiaa
Content Discovery

Simple Content Discovery

Enumerate subdomains and discover URLs through multiple ways

Complexity
Publishertrickest-mhmdiaa
Content Discovery

Inventory 2.0 - URL enumeration

Enumerate URLs from passive sources and classify them based on potential vulnerabilities. Check out the URLs of public bug bounty programs on https://github.com/trickest/inventory

Complexity
Publishertrickest-mhmdiaa
Content Discovery

Inventory 2.0 - Web Spider

Actively crawl a list of web servers. Check out the crawled URLs of public bug bounty programs on https://github.com/trickest/inventory

Complexity
Publishertrickest-mhmdiaa
Content Discovery

Get Firebase Databases from Hosts

Permutate and alter hosts in order to find firebase instances.

Complexity
Publisherzaric
Content Discovery

Brute-Force Parameters - Single URL

Get all of the parameters that are used by a single url passed.

Complexity
Publisherzaric
Content Discovery

Single Web App Fuzz

Fuzz and spider a web application, get responses and zip files for further examination.

Complexity
Publisherzaric
Content Discovery

NPM Wordlist & NPM Package Finder

Find package.json files on list of hosts by creating wordlist by cloning OneListForAll and then brute-forcing list of hosts.

Complexity
Publisherzaric
Content Discovery

JavaScript Links and Paths

Find URLs/endpoints in a list of JavaScript files

Complexity
Publishertrickest-mhmdiaa
Content Discovery

Virtual Host Discovery

Enumerate virtual hosts

Complexity
Publishertrickest-mhmdiaa
Content Discovery

Crawl URLs and Discover JavaScript URLs & Endpoints

Crawl a web host and extract endpoints and URLs from its JavaScript code

Complexity
Publishertrickest-mhmdiaa
Content Discovery

Brute-Force Files & Directories on a List of Hosts

Fuzz a list of hosts for files/directories with a wordlist

Complexity
Publishertrickest-mhmdiaa
Content Discovery

Spider All Subdomains

Spider all subdomains and merge all results.

Complexity
Publishertrickest-mhmdiaa
Content Discovery

APK Discovery - Urls & Paths

Find URLs & Paths in an APK file

Complexity
Publishertrickest-mhmdiaa
Content Discovery

Get All Public Urls

Get all archived urls for a list of subdomains.

Complexity
Publishertrickest-mhmdiaa
Content Discovery

Get all urls and classify by vulnerability type

This workflow is used to gather ALL URLs and sort them by common vulnerabilities

Complexity
Publishertrickest-mhmdiaa
ToolsTools