Documentation

0- DNS Tool

Based on the DNS records of a given DNS server and historical DNS, it checks subdomains and if it has DMARC.

prompt:

Specifying that you want to check X characteristic of a domain associated with DNS okay

ejemplo:

Is domain X safe?

1- Network scanner

Based on shodan and nmap that looks at the open ports of a host

prompt:

Specify that you want to scan a host at the network level. If you tell it that you want more information in addition to scanning, it will perform banner grabbing.

ejemplo:

Scan and give me X ip/host services

2- Check-IP tool

Consult AbuseIPDB for the characteristics and reputation of an IP

prompt:

Specify that you want to obtain the reputation of an IP

ejemplo:

I have received suspicious packets from X ip, is it reliable?

3- Subdomains

Uses censys to find subdomains automatically

prompt:

Specify that you want to get the subdomains of a domain

ejemplo:

Give me the subdomains of X domain

4- Creds

Tool to find default service credentials quickly and easily

prompt:

Specify that you want to obtain the default credentials for a service, software, or brand

ejemplo:

Give me the default FTP credentials

5- Look for exploits

Summarizes, generates and explains step by step how it works

prompt:

Specify that you want to obtain an exploit for a specific version or of a certain type

ejemplo:

Give me an exploit for XSS CVE-XXXX-XXXX or Give me an exploit for wordpress 7.0

6- Fuzz and crawl URLs

Using various tools

prompt:

Specify that you want to know the directories or fuzz X web

ejemplo:

Fuzzea X domain/web

7- Nuclei Scanner

General http vulnerability scanner automatically

prompt:

Specify that you want to scan http vulnerabilities on a specific website

ejemplo:

Tell me the HTTP vulnerabilities of X url

8- OSINT Agent

Investigation of online identities using APIs and private databases

prompt:

Specify that you want to obtain information about a nickname and an email

ejemplo:

Who is Luijait and all the information associated with his email luijait@...

8.2- Osint V2

You can now also search for passwords and data in leaks in various external and internal APIs

prompt:

Specify that you want to obtain information about a nickname, an email, passwords and data in leaks

ejemplo:

Give me Luijait leaked information including passwords

9- Auto-XSS

XSS vulnerability identifier in specific URLs powered by AI using dalfox

prompt:

Specify that you want to know the XSS vulnerabilities of a specific URL

ejemplo:

Give me the XSS vulnerabilities of X domain

10- Cloudflare Bypass

Discovering a server's IP after Cloudflare with Cloakquester and Historical DNS Records

prompt:

Specify that you want to bypass a Cloudflare or know the real IP behind a service

ejemplo:

Give me the real IP of X service

11- SQLMAP

Tool capable of finding login panels vulnerable to SQL injections

prompt:

Find a SQL injection at the following URL {URL}

12- Catphish

Implementation of the legendary tool to carry out homographic attacks on domains, useful for phishing campaigns

prompt:

Tell me possible domains to phishing google[.]com

13- Sn1per (Experimental)

Implementation of the autonomous pentesting tool, a single prompt

prompt:

Attack http://google.com

14- FakeID

Able to generate multiple high-quality records on fake identities and also generate a photo with AI

prompt:

Generate 10 fake identities with all kinds of data and photos

15- WPScan

Analysis with API Key in a single prompt to Wordpress

prompt:

Scan this wordpress

18- WAF Bypass

Detects and possibly identifies Web Application Firewall (WAF) software used on a website.

prompt:

You need the URL of the website to investigate

ejemplo:

Identifies the WAF used on X website

19- CryptoOps

Tool to encrypt or decrypt text using various cryptographic algorithms.

prompt:

It requires the text, key, algorithm, mode, method (encrypt or decrypt), and encryption.

ejemplo:

Encrypt this text with X algorithm and key

20- Shodan

Use the Shodan API to search for Internet-connected devices based on specific criteria.

prompt:

Requires a query or "dork" for searching in Shodan

ejemplo:

Search for SMBs without authentication in Shodan

21- nomore403

Try techniques to bypass HTTP 403 errors and access restricted content.

prompt:

You need the URL of the restricted resource

ejemplo:

Try to access restricted content from X URL

22- Github Scrapper

Search GitHub for tools and resources based on keywords.

prompt:

Requires keywords or the URL of a specific repository to search for detailed information.

ejemplo:

Search for X-related tools on GitHub

23- Phish Detector

Detects possible phishing pages by comparing them with a database of known sites.

prompt:

Requires the URL of the website to verify.

ejemplo:

Check if X website is a phishing page