Product & API Documentation | BLACKBIRD Technologies (Formerly NOVA SECURITY) home pagelight logodark logo
  • Contact Support
  • Pricing
  • Customer Dashboard
  • Customer Dashboard
Documentation
API Documentation
  • Documentation
  • Contact Support
  • Discord Community
  • Blog
  • Platform Overview
    • Introduction
    • Why BLACKBIRD Web App Pentesting Suite
    • For Who?
    • BLACKBIRD's Mission, Vision and Values
    • Capabilities
    Getting Started
    • Getting Started
    • Onboarding
    • Navigation
    • Common Use Cases & Workflows
    • Launching Your First Scan
    • Best Practices
    • Glossary
    Pentesting Tools
    • Pentesting Tools
    • Global Configuration
    • Subdomain Takeover Scanner
    • CORS Misconfiguration Scanner
    • Open URL Redirect Scanner
    • Content Discovery Scanner
    • Fuzzer
    • Cross-Site Scripting (XSS) Scanner
    • WAYPOINTS Template-Based Scanner
    • SQL Injection (SQLi) Scanner
    • Server-Side Request Forgery (SSRF) Scanner
    • LFI, RFI & LFD Scanner
    • OS Command Injection Scanner
    • Server-Side Template Injection (SSTI) Scanner
    • JavaScript File Scanner
    • JavaScript File Monitor
    Private OAST Server
    • OAST Server
    Real-Time Notifications
    • Notifications
    VPN Connection Profiles
    • VPN Connection Profiles
    • Create VPN Connection Profiles
    Custom Wordlists
    • Wordlists
    • Upload Custom Wordlists
    Pentesting Tools

    Pentesting Tools

    BLACKBIRD offers a set of semi-automated pentesting tools that you can make use of. This section is dedicated to the usage of each tool.

    ​
    Pentesting Tools

    BLACKBIRD offers a set of semi-automated pentesting tools that you can make use of. This section is dedicated to the usage of each tool.

    You can always explore the interactive demo that requires no registration.

    ​
    Available Pentesting Tools

    • CNAME X: Subdomain Takeover Scanner
    • CORSCANNER: CORS Misconfiguration Scanner
    • REDIRECT X: Open URL Redirect Scanner
    • SPIDER X: Content Discovery Scanner & Fuzzer
    • SUBDOMAIN X: Subdomain Enumeration Scanner
    • HTTPBOLT: Live Host Prober & Domain Fly Over Tool
    • XSSCANNER: Cross-Site Scripting (XSS) Scanner
    • WAYPOINTS: Template-based Scanner
    • SQLS: SQL Injection (SQLi) Scanner
    • S9R: Server-Side Request Forgery (SSRF) Scanner
    • L8R: Local File Inclusion (LFI), Remote File Inclusion (RFI) & Local File Disclosure (LFD) Scanner
    • CISCANNER: OS Command Injection Scanner
    • INJECT49: Server-Side Template Injection (SSTI) Scanner
    • JSAUDITOR: JavaScript File Auditor
    • JS Alert: JavaScript & Resource Monitor

    Was this page helpful?

    GlossaryGlobal Configuration
    twittergithub
    Powered by Mintlify
    On this page
    • Pentesting Tools
    • Available Pentesting Tools
    Assistant
    Responses are generated using AI and may contain mistakes.