Documentation
0- DNS Tool
Based on the DNS records of a given DNS server and historical DNS, it checks subdomains and if it has DMARC.
Prompt: Specifying that you want to check X characteristic of a domain associated with DNS okay
Ejemplo: Is domain X safe?
1- Network scanner
Based on shodan and nmap that looks at the open ports of a host
Prompt: Specify that you want to scan a host at the network level. If you tell it that you want more information in addition to scanning, it will perform banner grabbing.
Ejemplo: Scan and give me X ip/host services
2- Check-IP tool
Consult AbuseIPDB for the characteristics and reputation of an IP
Prompt: Specify that you want to obtain the reputation of an IP
Ejemplo: I have received suspicious packets from X ip, is it reliable?
3- Subdomains
Uses censys to find subdomains automatically
Prompt: Specify that you want to get the subdomains of a domain
Ejemplo: Give me the subdomains of X domain
4- Creds
Tool to find default service credentials quickly and easily
Prompt: Specify that you want to obtain the default credentials for a service, software, or brand
Ejemplo: Give me the default FTP credentials
5- Look for exploits
Summarizes, generates and explains step by step how it works
Prompt: Specify that you want to obtain an exploit for a specific version or of a certain type
Ejemplo: Give me an exploit for XSS CVE-XXXX-XXXX or Give me an exploit for wordpress 7.0
6- Fuzz and crawl URLs
Using various tools
Prompt: Specify that you want to know the directories or fuzz X web
Ejemplo: Fuzzea X domain/web
7- Nuclei Scanner
General http vulnerability scanner automatically
Prompt: Specify that you want to scan http vulnerabilities on a specific website
Ejemplo: Tell me the HTTP vulnerabilities of X url
8- OSINT Agent
Investigation of online identities using APIs and private databases
Prompt: Specify that you want to obtain information about a nickname and an email
Ejemplo: Who is Luijait and all the information associated with his email luijait@...
8.2- Osint V2
You can now also search for passwords and data in leaks in various external and internal APIs
Prompt: Specify that you want to obtain information about a nickname, an email, passwords and data in leaks
Ejemplo: Give me Luijait leaked information including passwords
9- Auto-XSS
XSS vulnerability identifier in specific URLs powered by AI using dalfox
Prompt: Specify that you want to know the XSS vulnerabilities of a specific URL
Ejemplo: Give me the XSS vulnerabilities of X domain
10- Cloudflare Bypass
Discovering a server's IP after Cloudflare with Cloakquester and Historical DNS Records
Prompt: Specify that you want to bypass a Cloudflare or know the real IP behind a service
Ejemplo: Give me the real IP of X service
11- SQLMAP
Tool capable of finding login panels vulnerable to SQL injections
Prompt: Find a SQL injection at the following URL {URL}
12- Catphish
Implementation of the legendary tool to carry out homographic attacks on domains, useful for phishing campaigns
Prompt: Tell me possible domains to phishing google[.]com
13- Sn1per (Experimental)
Implementation of the autonomous pentesting tool, a single prompt
Prompt: Attack http://google.com
14- FakeID
Able to generate multiple high-quality records on fake identities and also generate a photo with AI
Prompt: Generate 10 fake identities with all kinds of data and photos
15- WPScan
Analysis with API Key in a single prompt to Wordpress
Prompt: Scan this wordpress
18- WAF Bypass
Detects and possibly identifies Web Application Firewall (WAF) software used on a website.
Prompt: You need the URL of the website to investigate
Ejemplo: Identifies the WAF used on X website
19- CryptoOps
Tool to encrypt or decrypt text using various cryptographic algorithms.
Prompt: It requires the text, key, algorithm, mode, method (encrypt or decrypt), and encryption.
Ejemplo: Encrypt this text with X algorithm and key
20- Shodan
Use the Shodan API to search for Internet-connected devices based on specific criteria.
Prompt: Requires a query or "dork" for searching in Shodan
Ejemplo: Search for SMBs without authentication in Shodan
21- nomore403
Try techniques to bypass HTTP 403 errors and access restricted content.
Prompt: You need the URL of the restricted resource
Ejemplo: Try to access restricted content from X URL
22- Github Scrapper
Search GitHub for tools and resources based on keywords.
Prompt: Requires keywords or the URL of a specific repository to search for detailed information.
Ejemplo: Search for X-related tools on GitHub
23- Phish Detector
Detects possible phishing pages by comparing them with a database of known sites.
Prompt: Requires the URL of the website to verify.
Ejemplo: Check if X website is a phishing page