Welcome to the Advance Penetration Testing Tools repository. This comprehensive collection of tools is designed to enhance both automated and manual penetration testing. These tools cover a wide range of tasks, from subdomain enumeration and vulnerability scanning to web crawling and visual reconnaissance.

• dirsearch - Directory and file scanner.
• JSParser - JavaScript parser for finding sensitive data.
• knockpy - Subdomain scanner.
• lazys3 - S3 bucket enumeration tool.
• recon_profile - Reconnaissance profile manager.
• sqlmap-dev - SQL injection tool.
• Sublist3r - Subdomain enumeration tool.
• teh_s3_bucketeers - S3 bucket enumeration tool.
• virtual-host-discovery - Virtual host discovery tool.
• wpscan - WordPress vulnerability scanner.
• webscreenshot - Automated screenshot tool for websites.
• Massdns - DNS resolver.
• Asnlookup - ASN lookup tool.
• Unfurl - Extracts and unfurls URLs.
• Waybackurls - Retrieve URLs from the Wayback Machine.
• Httprobe - HTTP probe tool.
• Seclists collection - Collection of security lists.

For a comprehensive installation script and toolset, visit the VPS-Bug-Bounty-Tools GitHub page.

cd /tmp && git clone https://github.com/drak3hft7/VPS-Bug-Bounty-Tools
cd VPS-Bug-Bounty-Tools
sudo ./Tools-BugBounty-installer.sh

• Network Scanners:

  • Nmap - Network scanner.
  • Masscan - High-speed port scanner.
  • Naabu - Port scanning tool.

• Subdomain Enumeration and DNS Resolver:

  • Massdns - DNS resolver.
  • Subfinder - Subdomain discovery tool.
  • Knock - Subdomain scanner.
  • Lazyrecon - Reconnaissance tool.
  • Github-subdomains - Subdomain enumeration.
  • Sublist3r - Subdomain enumeration tool.
  • Crtndstry - Certificate transparency subdomain enumeration.
  • Assetfinder - Domain and subdomain finder.
  • Dnsx - DNS toolkit.
  • Dnsgen - DNS record generator.

• Subdomain Takeovers:

  • SubOver - Subdomain takeover tool.

• Web Fuzzers:

  • Dirsearch - Directory and file scanner.
  • Ffuf - Fuzzing tool.

• Wordlists:

  • SecLists - Collection of wordlists.

• CMS Scanners:

  • Wpscan - WordPress vulnerability scanner.
  • Droopescan - Drupal and Joomla scanner.

• SQL Vulnerability Tools:

  • SQLmap - SQL injection tool.
  • NoSQLmap - NoSQL injection tool.
  • Jeeves - SQL injection tool.

• JavaScript Enumeration:

  • LinkFinder - JavaScript link finder.
  • SecretFinder - Secret data finder in JavaScript.
  • JSParser - JavaScript parser.

• Visual Recon:

  • Aquatone - Visual reconnaissance tool.

• Web Crawlers:

  • GoSpider - Web spider.
  • Hakrawler - Web crawler.
  • Katana - Web crawler.

• XSS Vulnerability Tools:

  • XSStrike - XSS vulnerability scanner.
  • XSS-Loader - XSS payload loader.
  • Freq - Frequency analysis tool for XSS.
  • Gxss - XSS vulnerability scanner.
  • Dalfox - XSS scanning tool.

• SSRF Vulnerability Tools:

  • SSRFmap - SSRF mapping tool.
  • Gopherus - SSRF testing tool.

• Vulnerability Scanners:

  • Nuclei - Vulnerability scanner.

• Virtual Host Discovery:

  • Virtual host scanner - Virtual host discovery tool.

• Additional Useful Tools:

  • Anew - Append unique lines to files.
  • Unew - Unique newline processing.
  • Gf - GitHub fuzzing tool.
  • Httprobe - HTTP probe tool.
  • Httpx - HTTP probing tool.
  • Waybackurls - Retrieve URLs from the Wayback Machine.
  • Arjun - HTTP parameter discovery tool.
  • Gau - Get all URLs.
  • GauPlus - Enhanced version of Gau.
  • Uro - URL-related operations tool.
  • Qsreplace - URL parameter replacement.
  • SocialHunter - Social media reconnaissance tool.

• Available Tools List

I am merely a script kiddie and all credits go to the respective tool creators. Special thanks to The Cyberboy for their comprehensive overview on YouTube: Watch Here.