Pentest tools from Nmap online to Subdomain Finder
theHarvester

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.

HostWAF detected

Nmap scan options

HostProtocolPortStateServiceVersion
How many packets
CipherProtocolsSigalgTrusted
Release DateTitleTypePlatformAuthor
2020-07-06"Grafana 7.0.1 - Denial of Service (PoC)"doslinuxmostwanted002
2020-07-06"Nagios XI 5.6.12 - 'export-rrd.php' Remote Code Execution"webappsphp"Basim Alabdullah"
2020-07-06"RiteCMS 2.2.1 - Authenticated Remote Code Execution"webappsphp"Enes Özeser"
2020-07-06"File Management System 1.1 - Persistent Cross-Site Scripting"webappsphpKeopssGroup0day_Inc
2020-07-06"RSA IG&L Aveksa 7.1.1 - Remote Code Execution"webappsmultiple"Jakub Palaczynski"
2020-07-06"Fire Web Server 0.1 - Remote Denial of Service (PoC)"doswindows"Saeed reza Zamanian"
2020-07-02"WhatsApp Remote Code Execution - Paper"webappsandroid"ashu Jaiswal"
2020-07-02"ZenTao Pro 8.8.2 - Command Injection"webappsphp"Daniel Monzón"
2020-07-02"OCS Inventory NG 2.7 - Remote Code Execution"webappsmultipleAskar
2020-07-01"Online Shopping Portal 3.1 - Authentication Bypass"webappsphp"Ümit Yalçın"
2020-07-01"e-learning Php Script 0.1.0 - 'search' SQL Injection"webappsphpKeopssGroup0day_Inc
2020-07-01"PHP-Fusion 9.03.60 - PHP Object Injection"webappsphpcoiffeur
2020-07-01"RM Downloader 2.50.60 2006.06.23 - 'Load' Local Buffer Overflow (EggHunter) (SEH) (PoC)"localwindows"Paras Bhatia"
2020-06-30"Victor CMS 1.0 - 'user_firstname' Persistent Cross-Site Scripting"webappsphp"Anushree Priyadarshini"
2020-06-30"Reside Property Management 3.0 - 'profile' SQL Injection"webappsphp"Behzad Khalifeh"
2020-06-26"OpenEMR 5.0.1 - 'controller' Remote Code Execution"webappsphp"Emre ÖVÜNÇ"
2020-06-26"KiteService 1.2020.618.0 - Unquoted Service Path"localwindows"Marcos Antonio León"
2020-06-26"Windscribe 1.83 - 'WindscribeService' Unquoted Service Path"localwindows"Ethan Seow"
2020-06-25"FHEM 6.0 - Local File Inclusion"webappsphp"Emre ÖVÜNÇ"
2020-06-25"mySCADA myPRO 7 - Hardcoded Credentials"remotehardware"Emre ÖVÜNÇ"
2020-06-24"BSA Radar 1.6.7234.24750 - Persistent Cross-Site Scripting"webappsmultiple"William Summerhill"
2020-06-23"Code Blocks 20.03 - Denial Of Service (PoC)"doswindows"Paras Bhatia"
2020-06-23"Lansweeper 7.2 - Incorrect Access Control"localwindows"Amel BOUZIANE-LEBLOND"
2020-06-23"Responsive Online Blog 1.0 - 'id' SQL Injection"webappsphp"Eren Şimşek"
2020-06-23"Online Student Enrollment System 1.0 - Cross-Site Request Forgery (Add Student)"webappsphpBKpatron
2020-06-22"WebPort 1.19.1 - Reflected Cross-Site Scripting"webappsmultiple"Emre ÖVÜNÇ"
2020-06-22"FileRun 2019.05.21 - Reflected Cross-Site Scripting"webappsmultiple"Emre ÖVÜNÇ"
2020-06-22"Frigate 2.02 - Denial Of Service (PoC)"doswindows"Paras Bhatia"
2020-06-22"Odoo 12.0 - Local File Inclusion"webappsmultiple"Emre ÖVÜNÇ"
2020-06-22"WebPort 1.19.1 - 'setup' Reflected Cross-Site Scripting"webappsphp"Emre ÖVÜNÇ"
IpIs toxicProxySpam report

DNS records to SSL Trustchecker

Tools for system administrator

Reconnaissance tools freely hosted online

Cms detection to information gathering

CMS Detection and Exploitation suite

CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and 150 other CMSs

Offensive features

  • Admin page finder
  • User Enumeration
  • Core vulnerability detection
  • Modular bruteforce system
  • Advanced Joomla Scans
  • Advanced Wordpress Scans
  • Drupal version detection
  • Basic CMS Detection of over 155 CMS

Raccoon tool

Offensive Security Tool for Reconnaissance and Information Gathering

Offensive features

  • DNS details
  • DNS visual mapping using DNS dumpster
  • WHOIS information
  • TLS Data - supported ciphers
  • Port Scan
  • Subdomain enumeration
  • Web application data retrieval
  • Detects known WAFs

WhatWeb

WhatWeb recognises web technologies including content management systems (CMS).

Offensive features

  • Over 1800 plugins
  • Control the trade off between speed/stealth and reliability
  • Performance tuning. Control how many websites to scan concurrently.
  • Proxy support including TOR
  • Custom HTTP headers
  • Basic HTTP authentication
  • Control over webpage redirection

Exploit searching and discovery

Searching for exploits has been made easy.