0- DNS Tool

Based on the DNS records of a given DNS server and historical DNS, it checks subdomains and if it has DMARC.

Prompt: Specifying that you want to check X characteristic of a domain associated with DNS okay

Ejemplo: Is domain X safe?

1- Network scanner

Based on shodan and nmap that looks at the open ports of a host

Prompt: Specify that you want to scan a host at the network level. If you tell it that you want more information in addition to scanning, it will perform banner grabbing.

Ejemplo: Scan and give me X ip/host services

2- Check-IP tool

Consult AbuseIPDB for the characteristics and reputation of an IP

Prompt: Specify that you want to obtain the reputation of an IP

Ejemplo: I have received suspicious packets from X ip, is it reliable?

3- Subdomains

Uses censys to find subdomains automatically

Prompt: Specify that you want to get the subdomains of a domain

Ejemplo: Give me the subdomains of X domain

4- Creds

Tool to find default service credentials quickly and easily

Prompt: Specify that you want to obtain the default credentials for a service, software, or brand

Ejemplo: Give me the default FTP credentials

5- Look for exploits

Summarizes, generates and explains step by step how it works

Prompt: Specify that you want to obtain an exploit for a specific version or of a certain type

Ejemplo: Give me an exploit for XSS CVE-XXXX-XXXX or Give me an exploit for wordpress 7.0

6- Fuzz and crawl URLs

Using various tools

Prompt: Specify that you want to know the directories or fuzz X web

Ejemplo: Fuzzea X domain/web

7- Nuclei Scanner

General http vulnerability scanner automatically

Prompt: Specify that you want to scan http vulnerabilities on a specific website

Ejemplo: Tell me the HTTP vulnerabilities of X url

8- OSINT Agent

Investigation of online identities using APIs and private databases

Prompt: Specify that you want to obtain information about a nickname and an email

Ejemplo: Who is Luijait and all the information associated with his email luijait@...

8.2- Osint V2

You can now also search for passwords and data in leaks in various external and internal APIs

Prompt: Specify that you want to obtain information about a nickname, an email, passwords and data in leaks

Ejemplo: Give me Luijait leaked information including passwords

9- Auto-XSS

XSS vulnerability identifier in specific URLs powered by AI using dalfox

Prompt: Specify that you want to know the XSS vulnerabilities of a specific URL

Ejemplo: Give me the XSS vulnerabilities of X domain

10- Cloudflare Bypass

Discovering a server's IP after Cloudflare with Cloakquester and Historical DNS Records

Prompt: Specify that you want to bypass a Cloudflare or know the real IP behind a service

Ejemplo: Give me the real IP of X service


Tool capable of finding login panels vulnerable to SQL injections

Prompt: Find a SQL injection at the following URL {URL}

12- Catphish

Implementation of the legendary tool to carry out homographic attacks on domains, useful for phishing campaigns

Prompt: Tell me possible domains to phishing google[.]com

13- Sn1per (Experimental)

Implementation of the autonomous pentesting tool, a single prompt

Prompt: Attack

14- FakeID

Able to generate multiple high-quality records on fake identities and also generate a photo with AI

Prompt: Generate 10 fake identities with all kinds of data and photos

15- WPScan

Analysis with API Key in a single prompt to Wordpress

Prompt: Scan this wordpress

18- WAF Bypass

Detects and possibly identifies Web Application Firewall (WAF) software used on a website.

Prompt: You need the URL of the website to investigate

Ejemplo: Identifies the WAF used on X website

19- CryptoOps

Tool to encrypt or decrypt text using various cryptographic algorithms.

Prompt: It requires the text, key, algorithm, mode, method (encrypt or decrypt), and encryption.

Ejemplo: Encrypt this text with X algorithm and key

20- Shodan

Use the Shodan API to search for Internet-connected devices based on specific criteria.

Prompt: Requires a query or "dork" for searching in Shodan

Ejemplo: Search for SMBs without authentication in Shodan

21- nomore403

Try techniques to bypass HTTP 403 errors and access restricted content.

Prompt: You need the URL of the restricted resource

Ejemplo: Try to access restricted content from X URL

22- Github Scrapper

Search GitHub for tools and resources based on keywords.

Prompt: Requires keywords or the URL of a specific repository to search for detailed information.

Ejemplo: Search for X-related tools on GitHub

23- Phish Detector

Detects possible phishing pages by comparing them with a database of known sites.

Prompt: Requires the URL of the website to verify.

Ejemplo: Check if X website is a phishing page