Add 12 missing security tools to the repository

Co-authored-by: hahwul <13212227+hahwul@users.noreply.github.com>
2025-11-11 20:06:39 -05:00 · 2025-11-09 10:18:44 +00:00 · 2025-11-09 10:18:44 +00:00 · ecb49c325a
commit ecb49c325a
parent cfd556e7e4
41 changed files with 293 additions and 1 deletions
--- a/README.md
+++ b/README.md
@ -28,7 +28,7 @@ A collection of awesome tools used by Web hackers. Happy hacking , Happy bug-hun
 |       | Attributes                                        |
 |-------|---------------------------------------------------|
 | Types | `Army-Knife` `Proxy` `Recon` `Fuzzer` `Scanner` `Exploit` `Env` `Utils` `Etc`|
-| Tags  | [`infra`](/categorize/tags/infra.md) [`live-audit`](/categorize/tags/live-audit.md) [`pentest`](/categorize/tags/pentest.md) [`mitmproxy`](/categorize/tags/mitmproxy.md) [`crawl`](/categorize/tags/crawl.md) [`recon`](/categorize/tags/recon.md) [`exploit`](/categorize/tags/exploit.md) [`js-analysis`](/categorize/tags/js-analysis.md) [`subdomains`](/categorize/tags/subdomains.md) [`url`](/categorize/tags/url.md) [`dns`](/categorize/tags/dns.md) [`param`](/categorize/tags/param.md) [`apk`](/categorize/tags/apk.md) [`endpoint`](/categorize/tags/endpoint.md) [`osint`](/categorize/tags/osint.md) [`takeover`](/categorize/tags/takeover.md) [`portscan`](/categorize/tags/portscan.md) [`online`](/categorize/tags/online.md) [`csp`](/categorize/tags/csp.md) [`port`](/categorize/tags/port.md) [`attack-surface`](/categorize/tags/attack-surface.md) [`favicon`](/categorize/tags/favicon.md) [`graphql`](/categorize/tags/graphql.md) [`domain`](/categorize/tags/domain.md) [`ssrf`](/categorize/tags/ssrf.md) [`jwt`](/categorize/tags/jwt.md) [`path-traversal`](/categorize/tags/path-traversal.md) [`header`](/categorize/tags/header.md) [`ssti`](/categorize/tags/ssti.md) [`cache-vuln`](/categorize/tags/cache-vuln.md) [`smuggle`](/categorize/tags/smuggle.md) [`fuzz`](/categorize/tags/fuzz.md) [`crlf`](/categorize/tags/crlf.md) [`prototypepollution`](/categorize/tags/prototypepollution.md) [`prototype-pollution`](/categorize/tags/prototype-pollution.md) [`sqli`](/categorize/tags/sqli.md) [`403`](/categorize/tags/403.md) [`xss`](/categorize/tags/xss.md) [`nosqli`](/categorize/tags/nosqli.md) [`dependency-confusion`](/categorize/tags/dependency-confusion.md) [`broken-link`](/categorize/tags/broken-link.md) [`s3`](/categorize/tags/s3.md) [`aaa`](/categorize/tags/aaa.md) [`cors`](/categorize/tags/cors.md) [`ssl`](/categorize/tags/ssl.md) [`oast`](/categorize/tags/oast.md) [`lfi`](/categorize/tags/lfi.md) [`open-redirect`](/categorize/tags/open-redirect.md) [`rfi`](/categorize/tags/rfi.md) [`xxe`](/categorize/tags/xxe.md) [`RMI`](/categorize/tags/RMI.md) [`rop`](/categorize/tags/rop.md) [`deserialize`](/categorize/tags/deserialize.md) [`blind-xss`](/categorize/tags/blind-xss.md) [`json`](/categorize/tags/json.md) [`http`](/categorize/tags/http.md) [`browser-record`](/categorize/tags/browser-record.md) [`race-condition`](/categorize/tags/race-condition.md) [`darkmode`](/categorize/tags/darkmode.md) [`diff`](/categorize/tags/diff.md) [`zipbomb`](/categorize/tags/zipbomb.md) [`dom`](/categorize/tags/dom.md) [`wordlist`](/categorize/tags/wordlist.md) [`documents`](/categorize/tags/documents.md) [`nuclei-templates`](/categorize/tags/nuclei-templates.md) [`note`](/categorize/tags/note.md) [`web3`](/categorize/tags/web3.md) [`payload`](/categorize/tags/payload.md) [`notify`](/categorize/tags/notify.md) [`cookie`](/categorize/tags/cookie.md) [`encode`](/categorize/tags/encode.md) [`gRPC-Web`](/categorize/tags/gRPC-Web.md) [`clipboard`](/categorize/tags/clipboard.md) [`report`](/categorize/tags/report.md)                         |
+| Tags  | [`infra`](/categorize/tags/infra.md) [`live-audit`](/categorize/tags/live-audit.md) [`pentest`](/categorize/tags/pentest.md) [`mitmproxy`](/categorize/tags/mitmproxy.md) [`crawl`](/categorize/tags/crawl.md) [`recon`](/categorize/tags/recon.md) [`exploit`](/categorize/tags/exploit.md) [`js-analysis`](/categorize/tags/js-analysis.md) [`subdomains`](/categorize/tags/subdomains.md) [`url`](/categorize/tags/url.md) [`dns`](/categorize/tags/dns.md) [`param`](/categorize/tags/param.md) [`apk`](/categorize/tags/apk.md) [`endpoint`](/categorize/tags/endpoint.md) [`asn`](/categorize/tags/asn.md) [`network-mapping`](/categorize/tags/network-mapping.md) [`osint`](/categorize/tags/osint.md) [`takeover`](/categorize/tags/takeover.md) [`portscan`](/categorize/tags/portscan.md) [`online`](/categorize/tags/online.md) [`wordlist`](/categorize/tags/wordlist.md) [`permutation`](/categorize/tags/permutation.md) [`csp`](/categorize/tags/csp.md) [`ssl`](/categorize/tags/ssl.md) [`tls`](/categorize/tags/tls.md) [`certificates`](/categorize/tags/certificates.md) [`port`](/categorize/tags/port.md) [`attack-surface`](/categorize/tags/attack-surface.md) [`favicon`](/categorize/tags/favicon.md) [`cloud`](/categorize/tags/cloud.md) [`asset-discovery`](/categorize/tags/asset-discovery.md) [`graphql`](/categorize/tags/graphql.md) [`domain`](/categorize/tags/domain.md) [`ssrf`](/categorize/tags/ssrf.md) [`jwt`](/categorize/tags/jwt.md) [`path-traversal`](/categorize/tags/path-traversal.md) [`header`](/categorize/tags/header.md) [`ssti`](/categorize/tags/ssti.md) [`cache-vuln`](/categorize/tags/cache-vuln.md) [`smuggle`](/categorize/tags/smuggle.md) [`fuzz`](/categorize/tags/fuzz.md) [`crlf`](/categorize/tags/crlf.md) [`prototypepollution`](/categorize/tags/prototypepollution.md) [`prototype-pollution`](/categorize/tags/prototype-pollution.md) [`vulnerability-scanner`](/categorize/tags/vulnerability-scanner.md) [`dependency-scanning`](/categorize/tags/dependency-scanning.md) [`sqli`](/categorize/tags/sqli.md) [`403`](/categorize/tags/403.md) [`xss`](/categorize/tags/xss.md) [`nosqli`](/categorize/tags/nosqli.md) [`dependency-confusion`](/categorize/tags/dependency-confusion.md) [`broken-link`](/categorize/tags/broken-link.md) [`s3`](/categorize/tags/s3.md) [`aaa`](/categorize/tags/aaa.md) [`sast`](/categorize/tags/sast.md) [`code-analysis`](/categorize/tags/code-analysis.md) [`cors`](/categorize/tags/cors.md) [`secret-scanning`](/categorize/tags/secret-scanning.md) [`credentials`](/categorize/tags/credentials.md) [`container-security`](/categorize/tags/container-security.md) [`sbom`](/categorize/tags/sbom.md) [`oast`](/categorize/tags/oast.md) [`lfi`](/categorize/tags/lfi.md) [`open-redirect`](/categorize/tags/open-redirect.md) [`web-scanner`](/categorize/tags/web-scanner.md) [`rfi`](/categorize/tags/rfi.md) [`xxe`](/categorize/tags/xxe.md) [`RMI`](/categorize/tags/RMI.md) [`rop`](/categorize/tags/rop.md) [`authentication`](/categorize/tags/authentication.md) [`deserialize`](/categorize/tags/deserialize.md) [`blind-xss`](/categorize/tags/blind-xss.md) [`json`](/categorize/tags/json.md) [`http`](/categorize/tags/http.md) [`browser-record`](/categorize/tags/browser-record.md) [`race-condition`](/categorize/tags/race-condition.md) [`darkmode`](/categorize/tags/darkmode.md) [`diff`](/categorize/tags/diff.md) [`zipbomb`](/categorize/tags/zipbomb.md) [`dom`](/categorize/tags/dom.md) [`documents`](/categorize/tags/documents.md) [`nuclei-templates`](/categorize/tags/nuclei-templates.md) [`note`](/categorize/tags/note.md) [`package-manager`](/categorize/tags/package-manager.md) [`tools-management`](/categorize/tags/tools-management.md) [`web3`](/categorize/tags/web3.md) [`payload`](/categorize/tags/payload.md) [`notify`](/categorize/tags/notify.md) [`cookie`](/categorize/tags/cookie.md) [`encode`](/categorize/tags/encode.md) [`cidr`](/categorize/tags/cidr.md) [`network`](/categorize/tags/network.md) [`ip-manipulation`](/categorize/tags/ip-manipulation.md) [`gRPC-Web`](/categorize/tags/gRPC-Web.md) [`clipboard`](/categorize/tags/clipboard.md) [`report`](/categorize/tags/report.md)                         |
 | Langs | [`Shell`](/categorize/langs/Shell.md) [`Go`](/categorize/langs/Go.md) [`Ruby`](/categorize/langs/Ruby.md) [`Java`](/categorize/langs/Java.md) [`Python`](/categorize/langs/Python.md) [`Rust`](/categorize/langs/Rust.md) [`Kotlin`](/categorize/langs/Kotlin.md) [`JavaScript`](/categorize/langs/JavaScript.md) [`Crystal`](/categorize/langs/Crystal.md) [`C`](/categorize/langs/C.md) [`Perl`](/categorize/langs/Perl.md) [`C#`](/categorize/langs/C%23.md) [`TypeScript`](/categorize/langs/TypeScript.md) [`BlitzBasic`](/categorize/langs/BlitzBasic.md) [`Txt`](/categorize/langs/Txt.md) [`C++`](/categorize/langs/C++.md) [`HTML`](/categorize/langs/HTML.md) [`PHP`](/categorize/langs/PHP.md) [`CSS`](/categorize/langs/CSS.md)                        |

 ### Tools
@ -64,6 +64,7 @@ A collection of awesome tools used by Web hackers. Happy hacking , Happy bug-hun
 |Recon|[apkleaks](https://github.com/dwisiswant0/apkleaks)|Scanning APK file for URIs, endpoints & secrets. |![](https://img.shields.io/github/stars/dwisiswant0/apkleaks?label=%20)|[`apk`](/categorize/tags/apk.md) [`url`](/categorize/tags/url.md) [`endpoint`](/categorize/tags/endpoint.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Recon|[Sublist3r](https://github.com/aboul3la/Sublist3r)|Fast subdomains enumeration tool for penetration testers |![](https://img.shields.io/github/stars/aboul3la/Sublist3r?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Recon|[dnsprobe](https://github.com/projectdiscovery/dnsprobe)|DNSProb (beta) is a tool built on top of retryabledns that allows you to perform multiple dns queries of your choice with a list of user supplied resolvers. |![](https://img.shields.io/github/stars/projectdiscovery/dnsprobe?label=%20)|[`dns`](/categorize/tags/dns.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
+|Recon|[asnmap](https://github.com/projectdiscovery/asnmap)|Go CLI and Library for quickly mapping organization network ranges using ASN information|![](https://img.shields.io/github/stars/projectdiscovery/asnmap?label=%20)|[`asn`](/categorize/tags/asn.md) [`network-mapping`](/categorize/tags/network-mapping.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Recon|[xnLinkFinder](https://github.com/xnl-h4ck3r/xnLinkFinder)|A python tool used to discover endpoints (and potential parameters) for a given target|![](https://img.shields.io/github/stars/xnl-h4ck3r/xnLinkFinder?label=%20)|[`js-analysis`](/categorize/tags/js-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Recon|[bbot](https://github.com/blacklanternsecurity/bbot)|OSINT automation for hackers|![](https://img.shields.io/github/stars/blacklanternsecurity/bbot?label=%20)|[`osint`](/categorize/tags/osint.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Recon|[knock](https://github.com/guelfoweb/knock)|Knock Subdomain Scan |![](https://img.shields.io/github/stars/guelfoweb/knock?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
@ -88,6 +89,7 @@ A collection of awesome tools used by Web hackers. Happy hacking , Happy bug-hun
 |Recon|[SecurityTrails](https://securitytrails.com)| Online dns / subdomain / recon tool||[`subdomains`](/categorize/tags/subdomains.md) [`online`](/categorize/tags/online.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)|
 |Recon|[zdns](https://github.com/zmap/zdns)|Fast CLI DNS Lookup Tool|![](https://img.shields.io/github/stars/zmap/zdns?label=%20)|[`dns`](/categorize/tags/dns.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Recon|[urx](https://github.com/hahwul/urx)|Extracts URLs from OSINT Archives for Security Insights|![](https://img.shields.io/github/stars/hahwul/urx?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|
+|Recon|[alterx](https://github.com/projectdiscovery/alterx)|Fast and customizable subdomain wordlist generator using DSL|![](https://img.shields.io/github/stars/projectdiscovery/alterx?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`wordlist`](/categorize/tags/wordlist.md) [`permutation`](/categorize/tags/permutation.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Recon|[httpx](https://github.com/projectdiscovery/httpx)|httpx is a fast and multi-purpose HTTP toolkit allow to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads. |![](https://img.shields.io/github/stars/projectdiscovery/httpx?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Recon|[urlhunter](https://github.com/utkusen/urlhunter)|a recon tool that allows searching on URLs that are exposed via shortener services|![](https://img.shields.io/github/stars/utkusen/urlhunter?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Recon|[Hunt3r](https://github.com/EasyRecon/Hunt3r)|Made your bugbounty subdomains reconnaissance easier with Hunt3r the web application reconnaissance framework|![](https://img.shields.io/github/stars/EasyRecon/Hunt3r?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|
@ -106,6 +108,7 @@ A collection of awesome tools used by Web hackers. Happy hacking , Happy bug-hun
 |Recon|[lazyrecon](https://github.com/nahamsec/lazyrecon)|This script is intended to automate your reconnaissance process in an organized fashion |![](https://img.shields.io/github/stars/nahamsec/lazyrecon?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|
 |Recon|[Sudomy](https://github.com/screetsec/Sudomy)|subdomain enumeration tool to collect subdomains and analyzing domains|![](https://img.shields.io/github/stars/screetsec/Sudomy?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|
 |Recon|[ParamSpider](https://github.com/devanshbatham/ParamSpider)|Mining parameters from dark corners of Web Archives |![](https://img.shields.io/github/stars/devanshbatham/ParamSpider?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
+|Recon|[tlsx](https://github.com/projectdiscovery/tlsx)|Fast and configurable TLS grabber focused on TLS based data collection|![](https://img.shields.io/github/stars/projectdiscovery/tlsx?label=%20)|[`ssl`](/categorize/tags/ssl.md) [`tls`](/categorize/tags/tls.md) [`certificates`](/categorize/tags/certificates.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Recon|[subgen](https://github.com/pry0cc/subgen)|A really simple utility to concate wordlists to a domain name - to pipe into your favourite resolver!|![](https://img.shields.io/github/stars/pry0cc/subgen?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Recon|[goverview](https://github.com/j3ssie/goverview)|goverview - Get an overview of the list of URLs|![](https://img.shields.io/github/stars/j3ssie/goverview?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Recon|[Shodan](https://www.shodan.io/)| World's first search engine for Internet-connected devices||[`osint`](/categorize/tags/osint.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)|
@ -128,6 +131,7 @@ A collection of awesome tools used by Web hackers. Happy hacking , Happy bug-hun
 |Recon|[intrigue-core](https://github.com/intrigueio/intrigue-core)|Discover Your Attack Surface |![](https://img.shields.io/github/stars/intrigueio/intrigue-core?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|
 |Recon|[hakrawler](https://github.com/hakluke/hakrawler)|Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application |![](https://img.shields.io/github/stars/hakluke/hakrawler?label=%20)|[`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Recon|[Osmedeus](https://github.com/j3ssie/Osmedeus)|Fully automated offensive security framework for reconnaissance and vulnerability scanning |![](https://img.shields.io/github/stars/j3ssie/Osmedeus?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
+|Recon|[cloudlist](https://github.com/projectdiscovery/cloudlist)|Cloudlist is a tool for listing Assets from multiple Cloud Providers|![](https://img.shields.io/github/stars/projectdiscovery/cloudlist?label=%20)|[`cloud`](/categorize/tags/cloud.md) [`asset-discovery`](/categorize/tags/asset-discovery.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Recon|[htcat](https://github.com/htcat/htcat)|Parallel and Pipelined HTTP GET Utility |![](https://img.shields.io/github/stars/htcat/htcat?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Recon|[cc.py](https://github.com/si9int/cc.py)|Extracting URLs of a specific target based on the results of "commoncrawl.org" |![](https://img.shields.io/github/stars/si9int/cc.py?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Recon|[assetfinder](https://github.com/tomnomnom/assetfinder)|Find domains and subdomains related to a given domain |![](https://img.shields.io/github/stars/tomnomnom/assetfinder?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
@ -179,6 +183,7 @@ A collection of awesome tools used by Web hackers. Happy hacking , Happy bug-hun
 |Fuzzer|[ppfuzz](https://github.com/dwisiswant0/ppfuzz)|A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀|![](https://img.shields.io/github/stars/dwisiswant0/ppfuzz?label=%20)|[`prototypepollution`](/categorize/tags/prototypepollution.md) [`prototype-pollution`](/categorize/tags/prototype-pollution.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Rust](/images/rust.png)](/categorize/langs/Rust.md)|
 |Fuzzer|[BatchQL](https://github.com/assetnote/batchql)|GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations|![](https://img.shields.io/github/stars/assetnote/batchql?label=%20)|[`graphql`](/categorize/tags/graphql.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Fuzzer|[jwt-cracker](https://github.com/lmammino/jwt-cracker)|Simple HS256 JWT token brute force cracker |![](https://img.shields.io/github/stars/lmammino/jwt-cracker?label=%20)|[`jwt`](/categorize/tags/jwt.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|
+|Scanner|[osv-scanner](https://github.com/google/osv-scanner)|Vulnerability scanner which uses the OSV database to find vulnerabilities in open source projects|![](https://img.shields.io/github/stars/google/osv-scanner?label=%20)|[`vulnerability-scanner`](/categorize/tags/vulnerability-scanner.md) [`dependency-scanning`](/categorize/tags/dependency-scanning.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Scanner|[hinject](https://github.com/dwisiswant0/hinject)|Host Header Injection Checker |![](https://img.shields.io/github/stars/dwisiswant0/hinject?label=%20)|[`header`](/categorize/tags/header.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Scanner|[xsinator.com](https://github.com/RUB-NDS/xsinator.com)|XS-Leak Browser Test Suite|![](https://img.shields.io/github/stars/RUB-NDS/xsinator.com?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|
 |Scanner|[DSSS](https://github.com/stamparm/DSSS)|Damn Small SQLi Scanner|![](https://img.shields.io/github/stars/stamparm/DSSS?label=%20)|[`sqli`](/categorize/tags/sqli.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
@ -221,6 +226,7 @@ A collection of awesome tools used by Web hackers. Happy hacking , Happy bug-hun
 |Scanner|[smuggler](https://github.com/defparam/smuggler)|Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3 |![](https://img.shields.io/github/stars/defparam/smuggler?label=%20)|[`smuggle`](/categorize/tags/smuggle.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Scanner|[Oralyzer](https://github.com/r0075h3ll/Oralyzer)|Open Redirection Analyzer|![](https://img.shields.io/github/stars/r0075h3ll/Oralyzer?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Scanner|[DOMPurify](https://github.com/cure53/DOMPurify)|DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:|![](https://img.shields.io/github/stars/cure53/DOMPurify?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|
+|Scanner|[semgrep](https://github.com/semgrep/semgrep)|Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.|![](https://img.shields.io/github/stars/semgrep/semgrep?label=%20)|[`sast`](/categorize/tags/sast.md) [`code-analysis`](/categorize/tags/code-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Scanner|[dalfox](https://github.com/hahwul/dalfox)|🌘🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.|![](https://img.shields.io/github/stars/hahwul/dalfox?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Scanner|[web_cache_poison](https://github.com/fngoo/web_cache_poison)|web cache poison - Top 1 web hacking technique of 2019|![](https://img.shields.io/github/stars/fngoo/web_cache_poison?label=%20)|[`cache-vuln`](/categorize/tags/cache-vuln.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|
 |Scanner|[ppmap](https://github.com/kleiton0x00/ppmap)|A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.|![](https://img.shields.io/github/stars/kleiton0x00/ppmap?label=%20)|[`prototypepollution`](/categorize/tags/prototypepollution.md) [`prototype-pollution`](/categorize/tags/prototype-pollution.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
@ -230,15 +236,18 @@ A collection of awesome tools used by Web hackers. Happy hacking , Happy bug-hun
 |Scanner|[Corsy](https://github.com/s0md3v/Corsy)|CORS Misconfiguration Scanner |![](https://img.shields.io/github/stars/s0md3v/Corsy?label=%20)|[`cors`](/categorize/tags/cors.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Scanner|[DeepViolet](https://github.com/spoofzu/DeepViolet)|Tool for introspection of SSL\TLS sessions|![](https://img.shields.io/github/stars/spoofzu/DeepViolet?label=%20)|[`ssl`](/categorize/tags/ssl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|
 |Scanner|[plution](https://github.com/raverrr/plution)|Prototype pollution scanner using headless chrome|![](https://img.shields.io/github/stars/raverrr/plution?label=%20)|[`prototypepollution`](/categorize/tags/prototypepollution.md) [`prototype-pollution`](/categorize/tags/prototype-pollution.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
+|Scanner|[trufflehog](https://github.com/trufflesecurity/trufflehog)|Find and verify credentials in git repositories, filesystems, and S3 buckets|![](https://img.shields.io/github/stars/trufflesecurity/trufflehog?label=%20)|[`secret-scanning`](/categorize/tags/secret-scanning.md) [`credentials`](/categorize/tags/credentials.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Scanner|[sqlmap](https://github.com/sqlmapproject/sqlmap)|Automatic SQL injection and database takeover tool|![](https://img.shields.io/github/stars/sqlmapproject/sqlmap?label=%20)|[`sqli`](/categorize/tags/sqli.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Scanner|[gitleaks](https://github.com/zricethezav/gitleaks)|Scan git repos (or files) for secrets using regex and entropy 🔑|![](https://img.shields.io/github/stars/zricethezav/gitleaks?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Scanner|[rapidscan](https://github.com/skavngr/rapidscan)|The Multi-Tool Web Vulnerability Scanner. |![](https://img.shields.io/github/stars/skavngr/rapidscan?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
+|Scanner|[trivy](https://github.com/aquasecurity/trivy)|Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more|![](https://img.shields.io/github/stars/aquasecurity/trivy?label=%20)|[`vulnerability-scanner`](/categorize/tags/vulnerability-scanner.md) [`container-security`](/categorize/tags/container-security.md) [`sbom`](/categorize/tags/sbom.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Scanner|[zap-cli](https://github.com/Grunny/zap-cli)|A simple tool for interacting with OWASP ZAP from the commandline. |![](https://img.shields.io/github/stars/Grunny/zap-cli?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Scanner|[wpscan](https://github.com/wpscanteam/wpscan)|WPScan is a free, for non-commercial use, black box WordPress Vulnerability Scanner written for security professionals and blog maintainers to test the security of their WordPress websites. |![](https://img.shields.io/github/stars/wpscanteam/wpscan?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Ruby](/images/ruby.png)](/categorize/langs/Ruby.md)|
 |Scanner|[SQLiDetector](https://github.com/eslam3kl/SQLiDetector)|Simple python script supported with BurpBouty profile that helps you to detect SQL injection "Error based" by sending multiple requests with 14 payloads and checking for 152 regex patterns for different databases.|![](https://img.shields.io/github/stars/eslam3kl/SQLiDetector?label=%20)|[`sqli`](/categorize/tags/sqli.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Scanner|[websocket-connection-smuggler](https://github.com/hahwul/websocket-connection-smuggler)|websocket-connection-smuggler|![](https://img.shields.io/github/stars/hahwul/websocket-connection-smuggler?label=%20)|[`smuggle`](/categorize/tags/smuggle.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Scanner|[LOXS](https://github.com/coffinxp/loxs)|best tool for finding SQLi,CRLF,XSS,LFi,OpenRedirect|![](https://img.shields.io/github/stars/coffinxp/loxs?label=%20)|[`xss`](/categorize/tags/xss.md) [`sqli`](/categorize/tags/sqli.md) [`crlf`](/categorize/tags/crlf.md) [`lfi`](/categorize/tags/lfi.md) [`open-redirect`](/categorize/tags/open-redirect.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Scanner|[tplmap](https://github.com/epinna/tplmap)|Server-Side Template Injection and Code Injection Detection and Exploitation Tool|![](https://img.shields.io/github/stars/epinna/tplmap?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
+|Scanner|[wapiti](https://github.com/wapiti-scanner/wapiti)|Web application vulnerability scanner. Wapiti allows you to audit the security of your websites or web applications.|![](https://img.shields.io/github/stars/wapiti-scanner/wapiti?label=%20)|[`vulnerability-scanner`](/categorize/tags/vulnerability-scanner.md) [`web-scanner`](/categorize/tags/web-scanner.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Scanner|[commix](https://github.com/commixproject/commix)|Automated All-in-One OS Command Injection Exploitation Tool.|![](https://img.shields.io/github/stars/commixproject/commix?label=%20)|[`exploit`](/categorize/tags/exploit.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Scanner|[Web-Cache-Vulnerability-Scanner](https://github.com/Hackmanit/Web-Cache-Vulnerability-Scanner)|Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).|![](https://img.shields.io/github/stars/Hackmanit/Web-Cache-Vulnerability-Scanner?label=%20)|[`cache-vuln`](/categorize/tags/cache-vuln.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Scanner|[OpenRedireX](https://github.com/devanshbatham/OpenRedireX)|A Fuzzer for OpenRedirect issues|![](https://img.shields.io/github/stars/devanshbatham/OpenRedireX?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
@ -275,6 +284,7 @@ A collection of awesome tools used by Web hackers. Happy hacking , Happy bug-hun
 |Exploit|[Gopherus](https://github.com/tarunkant/Gopherus)|This tool generates gopher link for exploiting SSRF and gaining RCE in various servers |![](https://img.shields.io/github/stars/tarunkant/Gopherus?label=%20)|[`ssrf`](/categorize/tags/ssrf.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Exploit|[toxssin](https://github.com/t3l3machus/toxssin)|An XSS exploitation command-line interface and payload generator.|![](https://img.shields.io/github/stars/t3l3machus/toxssin?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Exploit|[Liffy](https://github.com/mzfr/liffy)|Local file inclusion exploitation tool|![](https://img.shields.io/github/stars/mzfr/liffy?label=%20)|[`lfi`](/categorize/tags/lfi.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
+|Exploit|[jwt_tool](https://github.com/ticarpi/jwt_tool)|A toolkit for testing, tweaking and cracking JSON Web Tokens|![](https://img.shields.io/github/stars/ticarpi/jwt_tool?label=%20)|[`jwt`](/categorize/tags/jwt.md) [`authentication`](/categorize/tags/authentication.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Utils|[interactsh](https://github.com/projectdiscovery/interactsh)|An OOB interaction gathering server and client library|![](https://img.shields.io/github/stars/projectdiscovery/interactsh?label=%20)|[`oast`](/categorize/tags/oast.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Utils|[Bug-Bounty-Toolz](https://github.com/m4ll0k/Bug-Bounty-Toolz)|BBT - Bug Bounty Tools |![](https://img.shields.io/github/stars/m4ll0k/Bug-Bounty-Toolz?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Utils|[dnsobserver](https://github.com/allyomalley/dnsobserver)|A handy DNS service written in Go to aid in the detection of several types of blind vulnerabilities. It monitors a pentester's server for out-of-band DNS interactions and sends lookup notifications via Slack. |![](https://img.shields.io/github/stars/allyomalley/dnsobserver?label=%20)|[`oast`](/categorize/tags/oast.md) [`dns`](/categorize/tags/dns.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
@ -330,6 +340,7 @@ A collection of awesome tools used by Web hackers. Happy hacking , Happy bug-hun
 |Utils|[Blacklist3r](https://github.com/NotSoSecure/Blacklist3r)|project-blacklist3r |![](https://img.shields.io/github/stars/NotSoSecure/Blacklist3r?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![C#](/images/c%23.png)](/categorize/langs/C%23.md)|
 |Utils|[PayloadsAllTheThings](https://github.com/swisskyrepo/PayloadsAllTheThings)|A list of useful payloads and bypass for Web Application Security and Pentest/CTF |![](https://img.shields.io/github/stars/swisskyrepo/PayloadsAllTheThings?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Utils|[xless](https://github.com/mazen160/xless)|The Serverless Blind XSS App|![](https://img.shields.io/github/stars/mazen160/xless?label=%20)|[`xss`](/categorize/tags/xss.md) [`blind-xss`](/categorize/tags/blind-xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|
+|Utils|[pdtm](https://github.com/projectdiscovery/pdtm)|ProjectDiscovery's Open Source Tool Manager|![](https://img.shields.io/github/stars/projectdiscovery/pdtm?label=%20)|[`package-manager`](/categorize/tags/package-manager.md) [`tools-management`](/categorize/tags/tools-management.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Utils|[qsreplace](https://github.com/tomnomnom/qsreplace)|Accept URLs on stdin, replace all query string values with a user-supplied value |![](https://img.shields.io/github/stars/tomnomnom/qsreplace?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Utils|[pwncat](https://github.com/cytopia/pwncat)|pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE) |![](https://img.shields.io/github/stars/cytopia/pwncat?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|
 |Utils|[boast](https://github.com/marcoagner/boast)|The BOAST Outpost for AppSec Testing (v0.1.0)|![](https://img.shields.io/github/stars/marcoagner/boast?label=%20)|[`oast`](/categorize/tags/oast.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
@ -351,6 +362,7 @@ A collection of awesome tools used by Web hackers. Happy hacking , Happy bug-hun
 |Utils|[eoyc](https://github.com/hahwul/eoyc)|Encoding Only Your Choices|![](https://img.shields.io/github/stars/hahwul/eoyc?label=%20)|[`encode`](/categorize/tags/encode.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Crystal](/images/crystal.png)](/categorize/langs/Crystal.md)|
 |Utils|[GadgetProbe](https://github.com/BishopFox/GadgetProbe)|Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.|![](https://img.shields.io/github/stars/BishopFox/GadgetProbe?label=%20)|[`deserialize`](/categorize/tags/deserialize.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|
 |Utils|[ob_hacky_slack](https://github.com/openbridge/ob_hacky_slack)|Hacky Slack - a bash script that sends beautiful messages to Slack|![](https://img.shields.io/github/stars/openbridge/ob_hacky_slack?label=%20)|[`notify`](/categorize/tags/notify.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|
+|Utils|[mapcidr](https://github.com/projectdiscovery/mapcidr)|Utility program to perform multiple operations for a given subnet/CIDR ranges|![](https://img.shields.io/github/stars/projectdiscovery/mapcidr?label=%20)|[`cidr`](/categorize/tags/cidr.md) [`network`](/categorize/tags/network.md) [`ip-manipulation`](/categorize/tags/ip-manipulation.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Utils|[gxss](https://github.com/rverton/gxss)|Blind XSS service alerting over slack or email|![](https://img.shields.io/github/stars/rverton/gxss?label=%20)|[`xss`](/categorize/tags/xss.md) [`blind-xss`](/categorize/tags/blind-xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Utils|[Findsploit](https://github.com/1N3/Findsploit)|Find exploits in local and online databases instantly|![](https://img.shields.io/github/stars/1N3/Findsploit?label=%20)|[`exploit`](/categorize/tags/exploit.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|
 |Utils|[unfurl](https://github.com/tomnomnom/unfurl)|Pull out bits of URLs provided on stdin |![](https://img.shields.io/github/stars/tomnomnom/unfurl?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
--- a/categorize/langs/Go.md
+++ b/categorize/langs/Go.md
@ -15,6 +15,7 @@
 |Recon|[subjs](https://github.com/lc/subjs)|Fetches javascript file from a list of URLS or subdomains.|![](https://img.shields.io/github/stars/lc/subjs?label=%20)|[`url`](/categorize/tags/url.md) [`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Recon|[meg](https://github.com/tomnomnom/meg)|Fetch many paths for many hosts - without killing the hosts |![](https://img.shields.io/github/stars/tomnomnom/meg?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Recon|[dnsprobe](https://github.com/projectdiscovery/dnsprobe)|DNSProb (beta) is a tool built on top of retryabledns that allows you to perform multiple dns queries of your choice with a list of user supplied resolvers. |![](https://img.shields.io/github/stars/projectdiscovery/dnsprobe?label=%20)|[`dns`](/categorize/tags/dns.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
+|Recon|[asnmap](https://github.com/projectdiscovery/asnmap)|Go CLI and Library for quickly mapping organization network ranges using ASN information|![](https://img.shields.io/github/stars/projectdiscovery/asnmap?label=%20)|[`asn`](/categorize/tags/asn.md) [`network-mapping`](/categorize/tags/network-mapping.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Recon|[Sub404](https://github.com/r3curs1v3-pr0xy/sub404)|A python tool to check subdomain takeover vulnerability|![](https://img.shields.io/github/stars/r3curs1v3-pr0xy/sub404?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`takeover`](/categorize/tags/takeover.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Recon|[crawlergo](https://github.com/Qianlitp/crawlergo)|A powerful browser crawler for web vulnerability scanners|![](https://img.shields.io/github/stars/Qianlitp/crawlergo?label=%20)|[`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Recon|[jsluice](https://github.com/BishopFox/jsluice)|Extract URLs, paths, secrets, and other interesting bits from JavaScript|![](https://img.shields.io/github/stars/BishopFox/jsluice?label=%20)|[`js-analysis`](/categorize/tags/js-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
@ -24,12 +25,14 @@
 |Recon|[cariddi](https://github.com/edoardottt/cariddi)|Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more|![](https://img.shields.io/github/stars/edoardottt/cariddi?label=%20)|[`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Recon|[gowitness](https://github.com/sensepost/gowitness)|🔍 gowitness - a golang, web screenshot utility using Chrome Headless |![](https://img.shields.io/github/stars/sensepost/gowitness?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Recon|[zdns](https://github.com/zmap/zdns)|Fast CLI DNS Lookup Tool|![](https://img.shields.io/github/stars/zmap/zdns?label=%20)|[`dns`](/categorize/tags/dns.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
+|Recon|[alterx](https://github.com/projectdiscovery/alterx)|Fast and customizable subdomain wordlist generator using DSL|![](https://img.shields.io/github/stars/projectdiscovery/alterx?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`wordlist`](/categorize/tags/wordlist.md) [`permutation`](/categorize/tags/permutation.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Recon|[httpx](https://github.com/projectdiscovery/httpx)|httpx is a fast and multi-purpose HTTP toolkit allow to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads. |![](https://img.shields.io/github/stars/projectdiscovery/httpx?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Recon|[urlhunter](https://github.com/utkusen/urlhunter)|a recon tool that allows searching on URLs that are exposed via shortener services|![](https://img.shields.io/github/stars/utkusen/urlhunter?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Recon|[github-endpoints](https://github.com/gwen001/github-endpoints)|Find endpoints on GitHub.|![](https://img.shields.io/github/stars/gwen001/github-endpoints?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Recon|[csprecon](https://github.com/edoardottt/csprecon)|Discover new target domains using Content Security Policy|![](https://img.shields.io/github/stars/edoardottt/csprecon?label=%20)|[`csp`](/categorize/tags/csp.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Recon|[puredns](https://github.com/d3mondev/puredns)|Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.|![](https://img.shields.io/github/stars/d3mondev/puredns?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`dns`](/categorize/tags/dns.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Recon|[getJS](https://github.com/003random/getJS)|A tool to fastly get all javascript sources/files|![](https://img.shields.io/github/stars/003random/getJS?label=%20)|[`js-analysis`](/categorize/tags/js-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
+|Recon|[tlsx](https://github.com/projectdiscovery/tlsx)|Fast and configurable TLS grabber focused on TLS based data collection|![](https://img.shields.io/github/stars/projectdiscovery/tlsx?label=%20)|[`ssl`](/categorize/tags/ssl.md) [`tls`](/categorize/tags/tls.md) [`certificates`](/categorize/tags/certificates.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Recon|[subgen](https://github.com/pry0cc/subgen)|A really simple utility to concate wordlists to a domain name - to pipe into your favourite resolver!|![](https://img.shields.io/github/stars/pry0cc/subgen?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Recon|[goverview](https://github.com/j3ssie/goverview)|goverview - Get an overview of the list of URLs|![](https://img.shields.io/github/stars/j3ssie/goverview?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Recon|[github-subdomains](https://github.com/gwen001/github-subdomains)|Find subdomains on GitHub|![](https://img.shields.io/github/stars/gwen001/github-subdomains?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
@ -42,6 +45,7 @@
 |Recon|[waybackurls](https://github.com/tomnomnom/waybackurls)|Fetch all the URLs that the Wayback Machine knows about for a domain |![](https://img.shields.io/github/stars/tomnomnom/waybackurls?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Recon|[hakrawler](https://github.com/hakluke/hakrawler)|Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application |![](https://img.shields.io/github/stars/hakluke/hakrawler?label=%20)|[`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Recon|[Osmedeus](https://github.com/j3ssie/Osmedeus)|Fully automated offensive security framework for reconnaissance and vulnerability scanning |![](https://img.shields.io/github/stars/j3ssie/Osmedeus?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
+|Recon|[cloudlist](https://github.com/projectdiscovery/cloudlist)|Cloudlist is a tool for listing Assets from multiple Cloud Providers|![](https://img.shields.io/github/stars/projectdiscovery/cloudlist?label=%20)|[`cloud`](/categorize/tags/cloud.md) [`asset-discovery`](/categorize/tags/asset-discovery.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Recon|[htcat](https://github.com/htcat/htcat)|Parallel and Pipelined HTTP GET Utility |![](https://img.shields.io/github/stars/htcat/htcat?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Recon|[assetfinder](https://github.com/tomnomnom/assetfinder)|Find domains and subdomains related to a given domain |![](https://img.shields.io/github/stars/tomnomnom/assetfinder?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Recon|[SubOver](https://github.com/Ice3man543/SubOver)|A Powerful Subdomain Takeover Tool|![](https://img.shields.io/github/stars/Ice3man543/SubOver?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`takeover`](/categorize/tags/takeover.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
@ -62,6 +66,7 @@
 |Fuzzer|[headerpwn](https://github.com/devanshbatham/headerpwn)|A fuzzer for finding anomalies and analyzing how servers respond to different HTTP headers|![](https://img.shields.io/github/stars/devanshbatham/headerpwn?label=%20)|[`header`](/categorize/tags/header.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Fuzzer|[jwt-hack](https://github.com/hahwul/jwt-hack)|🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)|![](https://img.shields.io/github/stars/hahwul/jwt-hack?label=%20)|[`jwt`](/categorize/tags/jwt.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Fuzzer|[SmuggleFuzz](https://github.com/Moopinger/smugglefuzz/)|A rapid HTTP downgrade smuggling scanner written in Go.|![](https://img.shields.io/github/stars/Moopinger/smugglefuzz/?label=%20)|[`smuggle`](/categorize/tags/smuggle.md) [`fuzz`](/categorize/tags/fuzz.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
+|Scanner|[osv-scanner](https://github.com/google/osv-scanner)|Vulnerability scanner which uses the OSV database to find vulnerabilities in open source projects|![](https://img.shields.io/github/stars/google/osv-scanner?label=%20)|[`vulnerability-scanner`](/categorize/tags/vulnerability-scanner.md) [`dependency-scanning`](/categorize/tags/dependency-scanning.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Scanner|[hinject](https://github.com/dwisiswant0/hinject)|Host Header Injection Checker |![](https://img.shields.io/github/stars/dwisiswant0/hinject?label=%20)|[`header`](/categorize/tags/header.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Scanner|[dontgo403](https://github.com/devploit/dontgo403)|Tool to bypass 40X response codes.|![](https://img.shields.io/github/stars/devploit/dontgo403?label=%20)|[`403`](/categorize/tags/403.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Scanner|[ssrf-sheriff](https://github.com/teknogeek/ssrf-sheriff)|A simple SSRF-testing sheriff written in Go |![](https://img.shields.io/github/stars/teknogeek/ssrf-sheriff?label=%20)|[`ssrf`](/categorize/tags/ssrf.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
@ -78,7 +83,9 @@
 |Scanner|[dalfox](https://github.com/hahwul/dalfox)|🌘🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.|![](https://img.shields.io/github/stars/hahwul/dalfox?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Scanner|[ppmap](https://github.com/kleiton0x00/ppmap)|A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.|![](https://img.shields.io/github/stars/kleiton0x00/ppmap?label=%20)|[`prototypepollution`](/categorize/tags/prototypepollution.md) [`prototype-pollution`](/categorize/tags/prototype-pollution.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Scanner|[plution](https://github.com/raverrr/plution)|Prototype pollution scanner using headless chrome|![](https://img.shields.io/github/stars/raverrr/plution?label=%20)|[`prototypepollution`](/categorize/tags/prototypepollution.md) [`prototype-pollution`](/categorize/tags/prototype-pollution.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
+|Scanner|[trufflehog](https://github.com/trufflesecurity/trufflehog)|Find and verify credentials in git repositories, filesystems, and S3 buckets|![](https://img.shields.io/github/stars/trufflesecurity/trufflehog?label=%20)|[`secret-scanning`](/categorize/tags/secret-scanning.md) [`credentials`](/categorize/tags/credentials.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Scanner|[gitleaks](https://github.com/zricethezav/gitleaks)|Scan git repos (or files) for secrets using regex and entropy 🔑|![](https://img.shields.io/github/stars/zricethezav/gitleaks?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
+|Scanner|[trivy](https://github.com/aquasecurity/trivy)|Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more|![](https://img.shields.io/github/stars/aquasecurity/trivy?label=%20)|[`vulnerability-scanner`](/categorize/tags/vulnerability-scanner.md) [`container-security`](/categorize/tags/container-security.md) [`sbom`](/categorize/tags/sbom.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Scanner|[websocket-connection-smuggler](https://github.com/hahwul/websocket-connection-smuggler)|websocket-connection-smuggler|![](https://img.shields.io/github/stars/hahwul/websocket-connection-smuggler?label=%20)|[`smuggle`](/categorize/tags/smuggle.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Scanner|[Web-Cache-Vulnerability-Scanner](https://github.com/Hackmanit/Web-Cache-Vulnerability-Scanner)|Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).|![](https://img.shields.io/github/stars/Hackmanit/Web-Cache-Vulnerability-Scanner?label=%20)|[`cache-vuln`](/categorize/tags/cache-vuln.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Scanner|[ditto](https://github.com/evilsocket/ditto)|A tool for IDN homograph attacks and detection.|![](https://img.shields.io/github/stars/evilsocket/ditto?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
@ -108,6 +115,7 @@
 |Utils|[cent](https://github.com/xm1k3/cent)|Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place.|![](https://img.shields.io/github/stars/xm1k3/cent?label=%20)|[`nuclei-templates`](/categorize/tags/nuclei-templates.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Utils|[TukTuk](https://github.com/ArturSS7/TukTuk)|Tool for catching and logging different types of requests. |![](https://img.shields.io/github/stars/ArturSS7/TukTuk?label=%20)|[`oast`](/categorize/tags/oast.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Utils|[gee](https://github.com/hahwul/gee)|🏵 Gee is tool of stdin to each files and stdout. It is similar to the tee command, but there are more functions for convenience. In addition, it was written as go|![](https://img.shields.io/github/stars/hahwul/gee?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
+|Utils|[pdtm](https://github.com/projectdiscovery/pdtm)|ProjectDiscovery's Open Source Tool Manager|![](https://img.shields.io/github/stars/projectdiscovery/pdtm?label=%20)|[`package-manager`](/categorize/tags/package-manager.md) [`tools-management`](/categorize/tags/tools-management.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Utils|[qsreplace](https://github.com/tomnomnom/qsreplace)|Accept URLs on stdin, replace all query string values with a user-supplied value |![](https://img.shields.io/github/stars/tomnomnom/qsreplace?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Utils|[boast](https://github.com/marcoagner/boast)|The BOAST Outpost for AppSec Testing (v0.1.0)|![](https://img.shields.io/github/stars/marcoagner/boast?label=%20)|[`oast`](/categorize/tags/oast.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Utils|[gotator](https://github.com/Josue87/gotator)|Gotator is a tool to generate DNS wordlists through permutations.|![](https://img.shields.io/github/stars/Josue87/gotator?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
@ -115,6 +123,7 @@
 |Utils|[hacks](https://github.com/tomnomnom/hacks)|A collection of hacks and one-off scripts |![](https://img.shields.io/github/stars/tomnomnom/hacks?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Utils|[Emissary](https://github.com/BountyStrike/Emissary)|Send notifications on different channels such as Slack, Telegram, Discord etc.|![](https://img.shields.io/github/stars/BountyStrike/Emissary?label=%20)|[`notify`](/categorize/tags/notify.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Utils|[slackcat](https://github.com/bcicen/slackcat)|CLI utility to post files and command output to slack|![](https://img.shields.io/github/stars/bcicen/slackcat?label=%20)|[`notify`](/categorize/tags/notify.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
+|Utils|[mapcidr](https://github.com/projectdiscovery/mapcidr)|Utility program to perform multiple operations for a given subnet/CIDR ranges|![](https://img.shields.io/github/stars/projectdiscovery/mapcidr?label=%20)|[`cidr`](/categorize/tags/cidr.md) [`network`](/categorize/tags/network.md) [`ip-manipulation`](/categorize/tags/ip-manipulation.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Utils|[gxss](https://github.com/rverton/gxss)|Blind XSS service alerting over slack or email|![](https://img.shields.io/github/stars/rverton/gxss?label=%20)|[`xss`](/categorize/tags/xss.md) [`blind-xss`](/categorize/tags/blind-xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Utils|[unfurl](https://github.com/tomnomnom/unfurl)|Pull out bits of URLs provided on stdin |![](https://img.shields.io/github/stars/tomnomnom/unfurl?label=%20)|[`url`](/categorize/tags/url.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Utils|[anew](https://github.com/tomnomnom/anew)|A tool for adding new lines to files, skipping duplicates|![](https://img.shields.io/github/stars/tomnomnom/anew?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
--- a/categorize/langs/Python.md
+++ b/categorize/langs/Python.md
@ -68,6 +68,7 @@
 |Scanner|[Autorize](https://github.com/Quitten/Autorize)||![](https://img.shields.io/github/stars/Quitten/Autorize?label=%20)|[`aaa`](/categorize/tags/aaa.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Scanner|[smuggler](https://github.com/defparam/smuggler)|Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3 |![](https://img.shields.io/github/stars/defparam/smuggler?label=%20)|[`smuggle`](/categorize/tags/smuggle.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Scanner|[Oralyzer](https://github.com/r0075h3ll/Oralyzer)|Open Redirection Analyzer|![](https://img.shields.io/github/stars/r0075h3ll/Oralyzer?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
+|Scanner|[semgrep](https://github.com/semgrep/semgrep)|Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.|![](https://img.shields.io/github/stars/semgrep/semgrep?label=%20)|[`sast`](/categorize/tags/sast.md) [`code-analysis`](/categorize/tags/code-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Scanner|[S3cret Scanner](https://github.com/Eilonh/s3crets_scanner)|Hunting For Secrets Uploaded To Public S3 Buckets|![](https://img.shields.io/github/stars/Eilonh/s3crets_scanner?label=%20)|[`s3`](/categorize/tags/s3.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Scanner|[AuthMatrix](https://github.com/SecurityInnovation/AuthMatrix)||![](https://img.shields.io/github/stars/SecurityInnovation/AuthMatrix?label=%20)|[`aaa`](/categorize/tags/aaa.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Scanner|[AWSBucketDump](https://github.com/jordanpotti/AWSBucketDump)|Security Tool to Look For Interesting Files in S3 Buckets|![](https://img.shields.io/github/stars/jordanpotti/AWSBucketDump?label=%20)|[`s3`](/categorize/tags/s3.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
@ -79,6 +80,7 @@
 |Scanner|[SQLiDetector](https://github.com/eslam3kl/SQLiDetector)|Simple python script supported with BurpBouty profile that helps you to detect SQL injection "Error based" by sending multiple requests with 14 payloads and checking for 152 regex patterns for different databases.|![](https://img.shields.io/github/stars/eslam3kl/SQLiDetector?label=%20)|[`sqli`](/categorize/tags/sqli.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Scanner|[LOXS](https://github.com/coffinxp/loxs)|best tool for finding SQLi,CRLF,XSS,LFi,OpenRedirect|![](https://img.shields.io/github/stars/coffinxp/loxs?label=%20)|[`xss`](/categorize/tags/xss.md) [`sqli`](/categorize/tags/sqli.md) [`crlf`](/categorize/tags/crlf.md) [`lfi`](/categorize/tags/lfi.md) [`open-redirect`](/categorize/tags/open-redirect.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Scanner|[tplmap](https://github.com/epinna/tplmap)|Server-Side Template Injection and Code Injection Detection and Exploitation Tool|![](https://img.shields.io/github/stars/epinna/tplmap?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
+|Scanner|[wapiti](https://github.com/wapiti-scanner/wapiti)|Web application vulnerability scanner. Wapiti allows you to audit the security of your websites or web applications.|![](https://img.shields.io/github/stars/wapiti-scanner/wapiti?label=%20)|[`vulnerability-scanner`](/categorize/tags/vulnerability-scanner.md) [`web-scanner`](/categorize/tags/web-scanner.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Scanner|[commix](https://github.com/commixproject/commix)|Automated All-in-One OS Command Injection Exploitation Tool.|![](https://img.shields.io/github/stars/commixproject/commix?label=%20)|[`exploit`](/categorize/tags/exploit.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Scanner|[OpenRedireX](https://github.com/devanshbatham/OpenRedireX)|A Fuzzer for OpenRedirect issues|![](https://img.shields.io/github/stars/devanshbatham/OpenRedireX?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Scanner|[corsair_scan](https://github.com/Santandersecurityresearch/corsair_scan)|Corsair_scan is a security tool to test Cross-Origin Resource Sharing (CORS).|![](https://img.shields.io/github/stars/Santandersecurityresearch/corsair_scan?label=%20)|[`cors`](/categorize/tags/cors.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
@ -93,6 +95,7 @@
 |Exploit|[Gopherus](https://github.com/tarunkant/Gopherus)|This tool generates gopher link for exploiting SSRF and gaining RCE in various servers |![](https://img.shields.io/github/stars/tarunkant/Gopherus?label=%20)|[`ssrf`](/categorize/tags/ssrf.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Exploit|[toxssin](https://github.com/t3l3machus/toxssin)|An XSS exploitation command-line interface and payload generator.|![](https://img.shields.io/github/stars/t3l3machus/toxssin?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Exploit|[Liffy](https://github.com/mzfr/liffy)|Local file inclusion exploitation tool|![](https://img.shields.io/github/stars/mzfr/liffy?label=%20)|[`lfi`](/categorize/tags/lfi.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
+|Exploit|[jwt_tool](https://github.com/ticarpi/jwt_tool)|A toolkit for testing, tweaking and cracking JSON Web Tokens|![](https://img.shields.io/github/stars/ticarpi/jwt_tool?label=%20)|[`jwt`](/categorize/tags/jwt.md) [`authentication`](/categorize/tags/authentication.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Utils|[Bug-Bounty-Toolz](https://github.com/m4ll0k/Bug-Bounty-Toolz)|BBT - Bug Bounty Tools |![](https://img.shields.io/github/stars/m4ll0k/Bug-Bounty-Toolz?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Utils|[tiscripts](https://github.com/defparam/tiscripts)|Turbo Intruder Scripts|![](https://img.shields.io/github/stars/defparam/tiscripts?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Utils|[230-OOB](https://github.com/lc/230-OOB)|An Out-of-Band XXE server for retrieving file contents over FTP.|![](https://img.shields.io/github/stars/lc/230-OOB?label=%20)|[`xxe`](/categorize/tags/xxe.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
--- a/categorize/tags/asn.md
+++ b/categorize/tags/asn.md
@ -0,0 +1,7 @@
+
+## Tools for asn
+
+| Type | Name | Description | Star | Tags | Badges |
+| --- | --- | --- | --- | --- | --- |
+|Recon|[asnmap](https://github.com/projectdiscovery/asnmap)|Go CLI and Library for quickly mapping organization network ranges using ASN information|![](https://img.shields.io/github/stars/projectdiscovery/asnmap?label=%20)|[`asn`](/categorize/tags/asn.md) [`network-mapping`](/categorize/tags/network-mapping.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
+
--- a/categorize/tags/asset-discovery.md
+++ b/categorize/tags/asset-discovery.md
@ -0,0 +1,7 @@
+
+## Tools for asset-discovery
+
+| Type | Name | Description | Star | Tags | Badges |
+| --- | --- | --- | --- | --- | --- |
+|Recon|[cloudlist](https://github.com/projectdiscovery/cloudlist)|Cloudlist is a tool for listing Assets from multiple Cloud Providers|![](https://img.shields.io/github/stars/projectdiscovery/cloudlist?label=%20)|[`cloud`](/categorize/tags/cloud.md) [`asset-discovery`](/categorize/tags/asset-discovery.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
+
--- a/categorize/tags/authentication.md
+++ b/categorize/tags/authentication.md
@ -0,0 +1,7 @@
+
+## Tools for authentication
+
+| Type | Name | Description | Star | Tags | Badges |
+| --- | --- | --- | --- | --- | --- |
+|Exploit|[jwt_tool](https://github.com/ticarpi/jwt_tool)|A toolkit for testing, tweaking and cracking JSON Web Tokens|![](https://img.shields.io/github/stars/ticarpi/jwt_tool?label=%20)|[`jwt`](/categorize/tags/jwt.md) [`authentication`](/categorize/tags/authentication.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
+
--- a/categorize/tags/certificates.md
+++ b/categorize/tags/certificates.md
@ -0,0 +1,7 @@
+
+## Tools for certificates
+
+| Type | Name | Description | Star | Tags | Badges |
+| --- | --- | --- | --- | --- | --- |
+|Recon|[tlsx](https://github.com/projectdiscovery/tlsx)|Fast and configurable TLS grabber focused on TLS based data collection|![](https://img.shields.io/github/stars/projectdiscovery/tlsx?label=%20)|[`ssl`](/categorize/tags/ssl.md) [`tls`](/categorize/tags/tls.md) [`certificates`](/categorize/tags/certificates.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
+
--- a/categorize/tags/cidr.md
+++ b/categorize/tags/cidr.md
@ -0,0 +1,7 @@
+
+## Tools for cidr
+
+| Type | Name | Description | Star | Tags | Badges |
+| --- | --- | --- | --- | --- | --- |
+|Utils|[mapcidr](https://github.com/projectdiscovery/mapcidr)|Utility program to perform multiple operations for a given subnet/CIDR ranges|![](https://img.shields.io/github/stars/projectdiscovery/mapcidr?label=%20)|[`cidr`](/categorize/tags/cidr.md) [`network`](/categorize/tags/network.md) [`ip-manipulation`](/categorize/tags/ip-manipulation.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
+
--- a/categorize/tags/cloud.md
+++ b/categorize/tags/cloud.md
@ -0,0 +1,7 @@
+
+## Tools for cloud
+
+| Type | Name | Description | Star | Tags | Badges |
+| --- | --- | --- | --- | --- | --- |
+|Recon|[cloudlist](https://github.com/projectdiscovery/cloudlist)|Cloudlist is a tool for listing Assets from multiple Cloud Providers|![](https://img.shields.io/github/stars/projectdiscovery/cloudlist?label=%20)|[`cloud`](/categorize/tags/cloud.md) [`asset-discovery`](/categorize/tags/asset-discovery.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
+
--- a/categorize/tags/code-analysis.md
+++ b/categorize/tags/code-analysis.md
@ -0,0 +1,7 @@
+
+## Tools for code-analysis
+
+| Type | Name | Description | Star | Tags | Badges |
+| --- | --- | --- | --- | --- | --- |
+|Scanner|[semgrep](https://github.com/semgrep/semgrep)|Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.|![](https://img.shields.io/github/stars/semgrep/semgrep?label=%20)|[`sast`](/categorize/tags/sast.md) [`code-analysis`](/categorize/tags/code-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
+
--- a/categorize/tags/container-security.md
+++ b/categorize/tags/container-security.md
@ -0,0 +1,7 @@
+
+## Tools for container-security
+
+| Type | Name | Description | Star | Tags | Badges |
+| --- | --- | --- | --- | --- | --- |
+|Scanner|[trivy](https://github.com/aquasecurity/trivy)|Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more|![](https://img.shields.io/github/stars/aquasecurity/trivy?label=%20)|[`vulnerability-scanner`](/categorize/tags/vulnerability-scanner.md) [`container-security`](/categorize/tags/container-security.md) [`sbom`](/categorize/tags/sbom.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
+
--- a/categorize/tags/credentials.md
+++ b/categorize/tags/credentials.md
@ -0,0 +1,7 @@
+
+## Tools for credentials
+
+| Type | Name | Description | Star | Tags | Badges |
+| --- | --- | --- | --- | --- | --- |
+|Scanner|[trufflehog](https://github.com/trufflesecurity/trufflehog)|Find and verify credentials in git repositories, filesystems, and S3 buckets|![](https://img.shields.io/github/stars/trufflesecurity/trufflehog?label=%20)|[`secret-scanning`](/categorize/tags/secret-scanning.md) [`credentials`](/categorize/tags/credentials.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
+
--- a/categorize/tags/dependency-scanning.md
+++ b/categorize/tags/dependency-scanning.md
@ -0,0 +1,7 @@
+
+## Tools for dependency-scanning
+
+| Type | Name | Description | Star | Tags | Badges |
+| --- | --- | --- | --- | --- | --- |
+|Scanner|[osv-scanner](https://github.com/google/osv-scanner)|Vulnerability scanner which uses the OSV database to find vulnerabilities in open source projects|![](https://img.shields.io/github/stars/google/osv-scanner?label=%20)|[`vulnerability-scanner`](/categorize/tags/vulnerability-scanner.md) [`dependency-scanning`](/categorize/tags/dependency-scanning.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
+
--- a/categorize/tags/ip-manipulation.md
+++ b/categorize/tags/ip-manipulation.md
@ -0,0 +1,7 @@
+
+## Tools for ip-manipulation
+
+| Type | Name | Description | Star | Tags | Badges |
+| --- | --- | --- | --- | --- | --- |
+|Utils|[mapcidr](https://github.com/projectdiscovery/mapcidr)|Utility program to perform multiple operations for a given subnet/CIDR ranges|![](https://img.shields.io/github/stars/projectdiscovery/mapcidr?label=%20)|[`cidr`](/categorize/tags/cidr.md) [`network`](/categorize/tags/network.md) [`ip-manipulation`](/categorize/tags/ip-manipulation.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
+
--- a/categorize/tags/jwt.md
+++ b/categorize/tags/jwt.md
@ -6,6 +6,7 @@
 |Fuzzer|[c-jwt-cracker](https://github.com/brendan-rius/c-jwt-cracker)|JWT brute force cracker written in C |![](https://img.shields.io/github/stars/brendan-rius/c-jwt-cracker?label=%20)|[`jwt`](/categorize/tags/jwt.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![C](/images/c.png)](/categorize/langs/C.md)|
 |Fuzzer|[jwt-hack](https://github.com/hahwul/jwt-hack)|🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)|![](https://img.shields.io/github/stars/hahwul/jwt-hack?label=%20)|[`jwt`](/categorize/tags/jwt.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Fuzzer|[jwt-cracker](https://github.com/lmammino/jwt-cracker)|Simple HS256 JWT token brute force cracker |![](https://img.shields.io/github/stars/lmammino/jwt-cracker?label=%20)|[`jwt`](/categorize/tags/jwt.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|
+|Exploit|[jwt_tool](https://github.com/ticarpi/jwt_tool)|A toolkit for testing, tweaking and cracking JSON Web Tokens|![](https://img.shields.io/github/stars/ticarpi/jwt_tool?label=%20)|[`jwt`](/categorize/tags/jwt.md) [`authentication`](/categorize/tags/authentication.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Utils|[jsonwebtoken.github.io](https://github.com/jsonwebtoken/jsonwebtoken.github.io)|JWT En/Decode and Verify|![](https://img.shields.io/github/stars/jsonwebtoken/jsonwebtoken.github.io?label=%20)|[`jwt`](/categorize/tags/jwt.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![JavaScript](/images/javascript.png)](/categorize/langs/JavaScript.md)|
 |utils|[owasp-zap-jwt-addon](https://github.com/SasanLabs/owasp-zap-jwt-addon)||![](https://img.shields.io/github/stars/SasanLabs/owasp-zap-jwt-addon?label=%20)|[`jwt`](/categorize/tags/jwt.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|

--- a/categorize/tags/network-mapping.md
+++ b/categorize/tags/network-mapping.md
@ -0,0 +1,7 @@
+
+## Tools for network-mapping
+
+| Type | Name | Description | Star | Tags | Badges |
+| --- | --- | --- | --- | --- | --- |
+|Recon|[asnmap](https://github.com/projectdiscovery/asnmap)|Go CLI and Library for quickly mapping organization network ranges using ASN information|![](https://img.shields.io/github/stars/projectdiscovery/asnmap?label=%20)|[`asn`](/categorize/tags/asn.md) [`network-mapping`](/categorize/tags/network-mapping.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
+
--- a/categorize/tags/network.md
+++ b/categorize/tags/network.md
@ -0,0 +1,7 @@
+
+## Tools for network
+
+| Type | Name | Description | Star | Tags | Badges |
+| --- | --- | --- | --- | --- | --- |
+|Utils|[mapcidr](https://github.com/projectdiscovery/mapcidr)|Utility program to perform multiple operations for a given subnet/CIDR ranges|![](https://img.shields.io/github/stars/projectdiscovery/mapcidr?label=%20)|[`cidr`](/categorize/tags/cidr.md) [`network`](/categorize/tags/network.md) [`ip-manipulation`](/categorize/tags/ip-manipulation.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
+
--- a/categorize/tags/package-manager.md
+++ b/categorize/tags/package-manager.md
@ -0,0 +1,7 @@
+
+## Tools for package-manager
+
+| Type | Name | Description | Star | Tags | Badges |
+| --- | --- | --- | --- | --- | --- |
+|Utils|[pdtm](https://github.com/projectdiscovery/pdtm)|ProjectDiscovery's Open Source Tool Manager|![](https://img.shields.io/github/stars/projectdiscovery/pdtm?label=%20)|[`package-manager`](/categorize/tags/package-manager.md) [`tools-management`](/categorize/tags/tools-management.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
+
--- a/categorize/tags/permutation.md
+++ b/categorize/tags/permutation.md
@ -0,0 +1,7 @@
+
+## Tools for permutation
+
+| Type | Name | Description | Star | Tags | Badges |
+| --- | --- | --- | --- | --- | --- |
+|Recon|[alterx](https://github.com/projectdiscovery/alterx)|Fast and customizable subdomain wordlist generator using DSL|![](https://img.shields.io/github/stars/projectdiscovery/alterx?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`wordlist`](/categorize/tags/wordlist.md) [`permutation`](/categorize/tags/permutation.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
+
--- a/categorize/tags/sast.md
+++ b/categorize/tags/sast.md
@ -0,0 +1,7 @@
+
+## Tools for sast
+
+| Type | Name | Description | Star | Tags | Badges |
+| --- | --- | --- | --- | --- | --- |
+|Scanner|[semgrep](https://github.com/semgrep/semgrep)|Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.|![](https://img.shields.io/github/stars/semgrep/semgrep?label=%20)|[`sast`](/categorize/tags/sast.md) [`code-analysis`](/categorize/tags/code-analysis.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
+
--- a/categorize/tags/sbom.md
+++ b/categorize/tags/sbom.md
@ -0,0 +1,7 @@
+
+## Tools for sbom
+
+| Type | Name | Description | Star | Tags | Badges |
+| --- | --- | --- | --- | --- | --- |
+|Scanner|[trivy](https://github.com/aquasecurity/trivy)|Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more|![](https://img.shields.io/github/stars/aquasecurity/trivy?label=%20)|[`vulnerability-scanner`](/categorize/tags/vulnerability-scanner.md) [`container-security`](/categorize/tags/container-security.md) [`sbom`](/categorize/tags/sbom.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
+
--- a/categorize/tags/secret-scanning.md
+++ b/categorize/tags/secret-scanning.md
@ -0,0 +1,7 @@
+
+## Tools for secret-scanning
+
+| Type | Name | Description | Star | Tags | Badges |
+| --- | --- | --- | --- | --- | --- |
+|Scanner|[trufflehog](https://github.com/trufflesecurity/trufflehog)|Find and verify credentials in git repositories, filesystems, and S3 buckets|![](https://img.shields.io/github/stars/trufflesecurity/trufflehog?label=%20)|[`secret-scanning`](/categorize/tags/secret-scanning.md) [`credentials`](/categorize/tags/credentials.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
+
--- a/categorize/tags/ssl.md
+++ b/categorize/tags/ssl.md
@ -3,6 +3,7 @@

 | Type | Name | Description | Star | Tags | Badges |
 | --- | --- | --- | --- | --- | --- |
+|Recon|[tlsx](https://github.com/projectdiscovery/tlsx)|Fast and configurable TLS grabber focused on TLS based data collection|![](https://img.shields.io/github/stars/projectdiscovery/tlsx?label=%20)|[`ssl`](/categorize/tags/ssl.md) [`tls`](/categorize/tags/tls.md) [`certificates`](/categorize/tags/certificates.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Scanner|[DeepViolet](https://github.com/spoofzu/DeepViolet)|Tool for introspection of SSL\TLS sessions|![](https://img.shields.io/github/stars/spoofzu/DeepViolet?label=%20)|[`ssl`](/categorize/tags/ssl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|
 |Scanner|[a2sv](https://github.com/hahwul/a2sv)|Auto Scanning to SSL Vulnerability |![](https://img.shields.io/github/stars/hahwul/a2sv?label=%20)|[`ssl`](/categorize/tags/ssl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Scanner|[testssl.sh](https://github.com/drwetter/testssl.sh)|Testing TLS/SSL encryption anywhere on any port |![](https://img.shields.io/github/stars/drwetter/testssl.sh?label=%20)|[`ssl`](/categorize/tags/ssl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|
--- a/categorize/tags/subdomains.md
+++ b/categorize/tags/subdomains.md
@ -12,6 +12,7 @@
 |Recon|[knock](https://github.com/guelfoweb/knock)|Knock Subdomain Scan |![](https://img.shields.io/github/stars/guelfoweb/knock?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
 |Recon|[Sub404](https://github.com/r3curs1v3-pr0xy/sub404)|A python tool to check subdomain takeover vulnerability|![](https://img.shields.io/github/stars/r3curs1v3-pr0xy/sub404?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`takeover`](/categorize/tags/takeover.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Recon|[SecurityTrails](https://securitytrails.com)| Online dns / subdomain / recon tool||[`subdomains`](/categorize/tags/subdomains.md) [`online`](/categorize/tags/online.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)|
+|Recon|[alterx](https://github.com/projectdiscovery/alterx)|Fast and customizable subdomain wordlist generator using DSL|![](https://img.shields.io/github/stars/projectdiscovery/alterx?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`wordlist`](/categorize/tags/wordlist.md) [`permutation`](/categorize/tags/permutation.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Recon|[CT_subdomains](https://github.com/internetwache/CT_subdomains)|An hourly updated list of subdomains gathered from certificate transparency logs |![](https://img.shields.io/github/stars/internetwache/CT_subdomains?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)|
 |Recon|[puredns](https://github.com/d3mondev/puredns)|Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.|![](https://img.shields.io/github/stars/d3mondev/puredns?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`dns`](/categorize/tags/dns.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Recon|[Sudomy](https://github.com/screetsec/Sudomy)|subdomain enumeration tool to collect subdomains and analyzing domains|![](https://img.shields.io/github/stars/screetsec/Sudomy?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|
--- a/categorize/tags/tls.md
+++ b/categorize/tags/tls.md
@ -0,0 +1,7 @@
+
+## Tools for tls
+
+| Type | Name | Description | Star | Tags | Badges |
+| --- | --- | --- | --- | --- | --- |
+|Recon|[tlsx](https://github.com/projectdiscovery/tlsx)|Fast and configurable TLS grabber focused on TLS based data collection|![](https://img.shields.io/github/stars/projectdiscovery/tlsx?label=%20)|[`ssl`](/categorize/tags/ssl.md) [`tls`](/categorize/tags/tls.md) [`certificates`](/categorize/tags/certificates.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
+
--- a/categorize/tags/tools-management.md
+++ b/categorize/tags/tools-management.md
@ -0,0 +1,7 @@
+
+## Tools for tools-management
+
+| Type | Name | Description | Star | Tags | Badges |
+| --- | --- | --- | --- | --- | --- |
+|Utils|[pdtm](https://github.com/projectdiscovery/pdtm)|ProjectDiscovery's Open Source Tool Manager|![](https://img.shields.io/github/stars/projectdiscovery/pdtm?label=%20)|[`package-manager`](/categorize/tags/package-manager.md) [`tools-management`](/categorize/tags/tools-management.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
+
--- a/categorize/tags/vulnerability-scanner.md
+++ b/categorize/tags/vulnerability-scanner.md
@ -0,0 +1,9 @@
+
+## Tools for vulnerability-scanner
+
+| Type | Name | Description | Star | Tags | Badges |
+| --- | --- | --- | --- | --- | --- |
+|Scanner|[osv-scanner](https://github.com/google/osv-scanner)|Vulnerability scanner which uses the OSV database to find vulnerabilities in open source projects|![](https://img.shields.io/github/stars/google/osv-scanner?label=%20)|[`vulnerability-scanner`](/categorize/tags/vulnerability-scanner.md) [`dependency-scanning`](/categorize/tags/dependency-scanning.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
+|Scanner|[trivy](https://github.com/aquasecurity/trivy)|Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more|![](https://img.shields.io/github/stars/aquasecurity/trivy?label=%20)|[`vulnerability-scanner`](/categorize/tags/vulnerability-scanner.md) [`container-security`](/categorize/tags/container-security.md) [`sbom`](/categorize/tags/sbom.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
+|Scanner|[wapiti](https://github.com/wapiti-scanner/wapiti)|Web application vulnerability scanner. Wapiti allows you to audit the security of your websites or web applications.|![](https://img.shields.io/github/stars/wapiti-scanner/wapiti?label=%20)|[`vulnerability-scanner`](/categorize/tags/vulnerability-scanner.md) [`web-scanner`](/categorize/tags/web-scanner.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
+
--- a/categorize/tags/web-scanner.md
+++ b/categorize/tags/web-scanner.md
@ -0,0 +1,7 @@
+
+## Tools for web-scanner
+
+| Type | Name | Description | Star | Tags | Badges |
+| --- | --- | --- | --- | --- | --- |
+|Scanner|[wapiti](https://github.com/wapiti-scanner/wapiti)|Web application vulnerability scanner. Wapiti allows you to audit the security of your websites or web applications.|![](https://img.shields.io/github/stars/wapiti-scanner/wapiti?label=%20)|[`vulnerability-scanner`](/categorize/tags/vulnerability-scanner.md) [`web-scanner`](/categorize/tags/web-scanner.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
+
--- a/categorize/tags/wordlist.md
+++ b/categorize/tags/wordlist.md
@ -3,6 +3,7 @@

 | Type | Name | Description | Star | Tags | Badges |
 | --- | --- | --- | --- | --- | --- |
+|Recon|[alterx](https://github.com/projectdiscovery/alterx)|Fast and customizable subdomain wordlist generator using DSL|![](https://img.shields.io/github/stars/projectdiscovery/alterx?label=%20)|[`subdomains`](/categorize/tags/subdomains.md) [`wordlist`](/categorize/tags/wordlist.md) [`permutation`](/categorize/tags/permutation.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
 |Utils|[SecLists](https://github.com/danielmiessler/SecLists)|SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place.|![](https://img.shields.io/github/stars/danielmiessler/SecLists?label=%20)|[`wordlist`](/categorize/tags/wordlist.md) [`documents`](/categorize/tags/documents.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Txt](/images/txt.png)](/categorize/langs/Txt.md)|
 |Utils|[bruteforce-lists](https://github.com/random-robbie/bruteforce-lists)|Some files for bruteforcing certain things.|![](https://img.shields.io/github/stars/random-robbie/bruteforce-lists?label=%20)|[`wordlist`](/categorize/tags/wordlist.md) [`documents`](/categorize/tags/documents.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Txt](/images/txt.png)](/categorize/langs/Txt.md)|
 |Utils|[Assetnote Wordlists](https://github.com/assetnote/wordlists)|Automated & Manual Wordlists provided by Assetnote|![](https://img.shields.io/github/stars/assetnote/wordlists?label=%20)|[`wordlist`](/categorize/tags/wordlist.md) [`documents`](/categorize/tags/documents.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![CSS](/images/css.png)](/categorize/langs/CSS.md)|
--- a/weapons/alterx.yaml
+++ b/weapons/alterx.yaml
@ -0,0 +1,9 @@
+---
+name: alterx
+description: Fast and customizable subdomain wordlist generator using DSL
+url: https://github.com/projectdiscovery/alterx
+category: tool
+type: Recon
+platform: [linux, macos, windows]
+lang: Go
+tags: [subdomains, wordlist, permutation]
--- a/weapons/asnmap.yaml
+++ b/weapons/asnmap.yaml
@ -0,0 +1,9 @@
+---
+name: asnmap
+description: Go CLI and Library for quickly mapping organization network ranges using ASN information
+url: https://github.com/projectdiscovery/asnmap
+category: tool
+type: Recon
+platform: [linux, macos, windows]
+lang: Go
+tags: [asn, network-mapping]
--- a/weapons/cloudlist.yaml
+++ b/weapons/cloudlist.yaml
@ -0,0 +1,9 @@
+---
+name: cloudlist
+description: Cloudlist is a tool for listing Assets from multiple Cloud Providers
+url: https://github.com/projectdiscovery/cloudlist
+category: tool
+type: Recon
+platform: [linux, macos, windows]
+lang: Go
+tags: [cloud, asset-discovery]
--- a/weapons/jwt_tool.yaml
+++ b/weapons/jwt_tool.yaml
@ -0,0 +1,9 @@
+---
+name: jwt_tool
+description: A toolkit for testing, tweaking and cracking JSON Web Tokens
+url: https://github.com/ticarpi/jwt_tool
+category: tool
+type: Exploit
+platform: [linux, macos, windows]
+lang: Python
+tags: [jwt, authentication]
--- a/weapons/mapcidr.yaml
+++ b/weapons/mapcidr.yaml
@ -0,0 +1,9 @@
+---
+name: mapcidr
+description: Utility program to perform multiple operations for a given subnet/CIDR ranges
+url: https://github.com/projectdiscovery/mapcidr
+category: tool
+type: Utils
+platform: [linux, macos, windows]
+lang: Go
+tags: [cidr, network, ip-manipulation]
--- a/weapons/osv-scanner.yaml
+++ b/weapons/osv-scanner.yaml
@ -0,0 +1,9 @@
+---
+name: osv-scanner
+description: Vulnerability scanner which uses the OSV database to find vulnerabilities in open source projects
+url: https://github.com/google/osv-scanner
+category: tool
+type: Scanner
+platform: [linux, macos, windows]
+lang: Go
+tags: [vulnerability-scanner, dependency-scanning]
--- a/weapons/pdtm.yaml
+++ b/weapons/pdtm.yaml
@ -0,0 +1,9 @@
+---
+name: pdtm
+description: ProjectDiscovery's Open Source Tool Manager
+url: https://github.com/projectdiscovery/pdtm
+category: tool
+type: Utils
+platform: [linux, macos, windows]
+lang: Go
+tags: [package-manager, tools-management]
--- a/weapons/semgrep.yaml
+++ b/weapons/semgrep.yaml
@ -0,0 +1,9 @@
+---
+name: semgrep
+description: Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
+url: https://github.com/semgrep/semgrep
+category: tool
+type: Scanner
+platform: [linux, macos, windows]
+lang: Python
+tags: [sast, code-analysis]
--- a/weapons/tlsx.yaml
+++ b/weapons/tlsx.yaml
@ -0,0 +1,9 @@
+---
+name: tlsx
+description: Fast and configurable TLS grabber focused on TLS based data collection
+url: https://github.com/projectdiscovery/tlsx
+category: tool
+type: Recon
+platform: [linux, macos, windows]
+lang: Go
+tags: [ssl, tls, certificates]
--- a/weapons/trivy.yaml
+++ b/weapons/trivy.yaml
@ -0,0 +1,9 @@
+---
+name: trivy
+description: Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
+url: https://github.com/aquasecurity/trivy
+category: tool
+type: Scanner
+platform: [linux, macos, windows]
+lang: Go
+tags: [vulnerability-scanner, container-security, sbom]
--- a/weapons/trufflehog.yaml
+++ b/weapons/trufflehog.yaml
@ -0,0 +1,9 @@
+---
+name: trufflehog
+description: Find and verify credentials in git repositories, filesystems, and S3 buckets
+url: https://github.com/trufflesecurity/trufflehog
+category: tool
+type: Scanner
+platform: [linux, macos, windows]
+lang: Go
+tags: [secret-scanning, credentials]
--- a/weapons/wapiti.yaml
+++ b/weapons/wapiti.yaml
@ -0,0 +1,9 @@
+---
+name: wapiti
+description: Web application vulnerability scanner. Wapiti allows you to audit the security of your websites or web applications.
+url: https://github.com/wapiti-scanner/wapiti
+category: tool
+type: Scanner
+platform: [linux, macos, windows]
+lang: Python
+tags: [vulnerability-scanner, web-scanner]