RedHunt Labs's Projects
List of Awesome Asset Discovery Resources
BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for custom keywords as well as Regular Expressions from publicly-exposed storage buckets by scanning files that store data in plain-text.
Burp Suite extension to discover assets from HTTP response.
Atlassian confluence unauthenticated ONGL injection remote code execution scanner (CVE-2022-26134).
A "really" damned TLS library.
An automated tool which can simultaneously crawl, fill forms, trigger error/debug pages and "loot" secrets out of the client-facing code of sites.
A "Spring4Shell" vulnerability scanner.
KubeStalk discovers Kubernetes and related infrastructure based attack surface from a black-box perspective.
An automated, reliable scanner for the Log4Shell (CVE-2021-44228) vulnerability.
An AI-powered Personal Identifiable Information (PII) scanner.
Internet wide surveys to study and understand the security state of Internet as well as facilitate research into various components / topics which originate as a result of our surveys.
Virtual Machine for Adversary Emulation and Threat Hunting