Pentest Assistant

DOM XSS Highlighter — Pro

Highlights user-controlled reflections in DOM to help detect risky contexts. Run only on sites you own or may test. DOM XSS Highlighter helps developers and security testers quickly spot user-controlled reflections inside a webpage’s DOM. By highlighting URL parameters, hash fragments, and other inputs that appear in risky contexts, it makes it easier to catch potential security issues during development and QA. ✨ Features • On-demand scanning (runs only when you click the extension) • Highlights user input in text, HTML, attributes, and scripts • Quick “rescan” and “clear” controls for fast testing • Click highlighted text to copy a structured JSON report • Local-only: no data ever leaves your browser Simple interface with professional security look ⚠️ Note: For educational and authorized testing only. Use on websites you own or have explicit permission to test.

DIRFOX - Endpoint Fuzzer for Pentesters

Fuzz endpoints using custom or GitHub-hosted wordlists. Built for security researchers and pentesters. 🔍 DIRFOX – Endpoint Fuzzer for Pentesters Discover hidden endpoints effortlessly, built for professionals. Dirfox is a lightweight yet powerful browser extension designed for penetration testers, bug bounty hunters, and cybersecurity enthusiasts. With a sleek Apple-style interface and real-time scanning capabilities, Dirfox helps you uncover hidden directories and endpoints from any website — fast, accurate, and efficiently. 🚀 Key Features : ✅ Custom & GitHub Wordlist Support Use your own wordlists or fetch popular ones directly from GitHub. 📡 Live Scanning with Status Code Filtering Watch your scan progress in real time and filter results by HTTP status codes (200, 403, 404, etc.). 🧠 Persistent Background Scanning Close the popup or switch tabs — your scan keeps running in the background without interruption. 📊 Auto-Save 200 OK Results Successful results are automatically saved and available in the scan history. 🌗 Modern Apple-style UI with Dark Mode Enjoy a clean, responsive interface with smooth transitions and a dark/light mode toggle. 🛠️ Full Scan Control Start, stop, or restart your scan anytime with intuitive controls. 🧩 Fullscreen Monitoring Mode Track scans in an immersive fullscreen view — perfect for focused workflows. 🧼 Clear History Button Easily delete all scan history with a single click. ❤️ Built-in Author Page & Support Links Learn more about the developer, explore other tools, and support the project directly from the extension. 🔒 Why Dirfox? Dirfox isn't just another endpoint scanner — it's a must-have tool that gives you: - Faster, smarter endpoint fuzzing. - Real-time feedback with clean visual progress. - Auto-saved results for efficient analysis. - A smooth, elegant user experience inspired by Apple-style design. Perfect for CTFs, bug bounty programs, and professional pentesting projects. 💡 Ready to uncover the hidden? 📥 Install Dirfox now and take your recon to the next level.

Hunter Search

Otimize buscas para pentest e bug bounty com dorks automáticos. Hunter Search – Dorks Inteligentes para Pentest e Bug Bounty Otimize suas buscas de segurança! O Hunter Search é a extensão definitiva para profissionais de pentest, bug bounty hunters e entusiastas de segurança que desejam encontrar informações sensíveis, vulnerabilidades e exposições públicas de forma rápida, prática e inteligente. Principais Funcionalidades - Montagem Avançada de Dorks: Combine palavras-chave, múltiplos sites, operadores Google e dorks prontos (IDOR, XSS, SQLi, AWS, arquivos sensíveis, leaks, painéis admin e muito mais) em uma interface intuitiva. - Pré-visualização em Tempo Real: Veja como ficará sua query antes de buscar, garantindo precisão e controle total. - Busca Multi-Plataforma: Escolha entre Google, Bing ou DuckDuckGo para ampliar suas possibilidades de descoberta. - Histórico e Favoritos: Salve e reutilize suas queries mais usadas. Nunca mais perca aquele dork perfeito! - Botões Rápidos: Copie, limpe ou favorite suas buscas com apenas um clique. - Modo Escuro/Claro Automático: Interface moderna, responsiva e confortável para qualquer hora do dia. - Tooltips e Ajuda: Dicas rápidas em cada campo para facilitar o uso, mesmo para quem está começando. Exemplos de uso - Encontrar vazamentos de chaves AWS em repositórios públicos. - Buscar arquivos sensíveis (.env, config, credentials) em sites e domínios específicos. - Descobrir endpoints de administração, painéis e dashboards expostos. - Pesquisar por vulnerabilidades comuns (IDOR, XSS, SQLi) em qualquer site. - Montar dorks customizados para investigações avançadas. Por que usar o Hunter Search? - Produtividade: Economize tempo montando queries complexas com poucos cliques. - Personalização: Adapte a busca ao seu objetivo, seja para bug bounty, CTF, OSINT ou auditoria. - Praticidade: Tudo em um só lugar, sem precisar decorar dorks ou operadores. Hunter Search Otimize suas buscas. Encontre vulnerabilidades. Eleve seu bug bounty!

VAPT Assistant Pro+

Advanced VAPT toolkit with AI, security headers, WAF detection, DNS/WHOIS tools, subdomain scanner, and VirusTotal integration. Unlock powerful web security and penetration testing capabilities with VAPT Assistant Pro+, the ultimate Chrome extension for pentesters, ethical hackers, and cyber security professionals. This all-in-one pentest tool and penetration testing toolkit provides everything you need for efficient vulnerability assessment, ethical hacking, and security testing directly in your browser. VAPT Assistant Pro+ offers a wide range of pentesting tools for comprehensive vulnerability assessment and penetration testing (VAPT), making it an essential tool for security analysts, bug bounty hunters, and IT professionals. Conduct advanced penetration testing, automate vulnerability scanning, analyze web application security, and strengthen your cyber security posture—all with an intuitive, user-friendly interface. Key features include web application pentesting, automated VAPT scans, cyber security analysis, ethical hacking tools, and real-time security monitoring. Whether you are performing manual security audits or automated tests, this extension simplifies your workflow and boosts your productivity. This extension helps you during a web application penetration testing and report writing so it was a checklist management tool pentester can also add custom bug bounty checklist also this extension is secure using MPIN pentest tool, pentesting tool, penetration testing tool, pentest toolkit, cyber security tool, ethical hacking tool, VAPT, vulnerability assessment, security testing, web application security, bug bounty, security analyst, IT security, browser extension, web security tool, automated pentest. Take your penetration testing and cyber security efforts to the next level with VAPT Assistant Pro+, the best Chrome extension for ethical hackers and penetration testers!