​

Pentesting Tools

BLACKBIRD offers a set of semi-automated pentesting tools that you can make use of. This section is dedicated to the usage of each tool.

You can always explore the interactive demo that requires no registration.

​

Available Pentesting Tools

• CNAME X: Subdomain Takeover Scanner
• CORSCANNER: CORS Misconfiguration Scanner
• REDIRECT X: Open URL Redirect Scanner
• SPIDER X: Content Discovery Scanner & Fuzzer
• SUBDOMAIN X: Subdomain Enumeration Scanner
• HTTPBOLT: Live Host Prober & Domain Fly Over Tool
• XSSCANNER: Cross-Site Scripting (XSS) Scanner
• WAYPOINTS: Template-based Scanner
• SQLS: SQL Injection (SQLi) Scanner
• S9R: Server-Side Request Forgery (SSRF) Scanner
• L8R: Local File Inclusion (LFI), Remote File Inclusion (RFI) & Local File Disclosure (LFD) Scanner
• CISCANNER: OS Command Injection Scanner
• INJECT49: Server-Side Template Injection (SSTI) Scanner
• JSAUDITOR: JavaScript File Auditor
• JS Alert: JavaScript & Resource Monitor