Documentation
0- DNS Tool
Based on the DNS records of a given DNS server and historical DNS, it checks subdomains and if it has DMARC.
prompt:
Specifying that you want to check X characteristic of a domain associated with DNS okay
ejemplo:
Is domain X safe?
1- Network scanner
Based on shodan and nmap that looks at the open ports of a host
prompt:
Specify that you want to scan a host at the network level. If you tell it that you want more information in addition to scanning, it will perform banner grabbing.
ejemplo:
Scan and give me X ip/host services
2- Check-IP tool
Consult AbuseIPDB for the characteristics and reputation of an IP
prompt:
Specify that you want to obtain the reputation of an IP
ejemplo:
I have received suspicious packets from X ip, is it reliable?
3- Subdomains
Uses censys to find subdomains automatically
prompt:
Specify that you want to get the subdomains of a domain
ejemplo:
Give me the subdomains of X domain
4- Creds
Tool to find default service credentials quickly and easily
prompt:
Specify that you want to obtain the default credentials for a service, software, or brand
ejemplo:
Give me the default FTP credentials
5- Look for exploits
Summarizes, generates and explains step by step how it works
prompt:
Specify that you want to obtain an exploit for a specific version or of a certain type
ejemplo:
Give me an exploit for XSS CVE-XXXX-XXXX or Give me an exploit for wordpress 7.0
6- Fuzz and crawl URLs
Using various tools
prompt:
Specify that you want to know the directories or fuzz X web
ejemplo:
Fuzzea X domain/web
7- Nuclei Scanner
General http vulnerability scanner automatically
prompt:
Specify that you want to scan http vulnerabilities on a specific website
ejemplo:
Tell me the HTTP vulnerabilities of X url
8- OSINT Agent
Investigation of online identities using APIs and private databases
prompt:
Specify that you want to obtain information about a nickname and an email
ejemplo:
Who is Luijait and all the information associated with his email luijait@...
8.2- Osint V2
You can now also search for passwords and data in leaks in various external and internal APIs
prompt:
Specify that you want to obtain information about a nickname, an email, passwords and data in leaks
ejemplo:
Give me Luijait leaked information including passwords
9- Auto-XSS
XSS vulnerability identifier in specific URLs powered by AI using dalfox
prompt:
Specify that you want to know the XSS vulnerabilities of a specific URL
ejemplo:
Give me the XSS vulnerabilities of X domain
10- Cloudflare Bypass
Discovering a server's IP after Cloudflare with Cloakquester and Historical DNS Records
prompt:
Specify that you want to bypass a Cloudflare or know the real IP behind a service
ejemplo:
Give me the real IP of X service
11- SQLMAP
Tool capable of finding login panels vulnerable to SQL injections
prompt:
Find a SQL injection at the following URL {URL}
12- Catphish
Implementation of the legendary tool to carry out homographic attacks on domains, useful for phishing campaigns
prompt:
Tell me possible domains to phishing google[.]com
13- Sn1per (Experimental)
Implementation of the autonomous pentesting tool, a single prompt
prompt:
Attack http://google.com
14- FakeID
Able to generate multiple high-quality records on fake identities and also generate a photo with AI
prompt:
Generate 10 fake identities with all kinds of data and photos
15- WPScan
Analysis with API Key in a single prompt to Wordpress
prompt:
Scan this wordpress
18- WAF Bypass
Detects and possibly identifies Web Application Firewall (WAF) software used on a website.
prompt:
You need the URL of the website to investigate
ejemplo:
Identifies the WAF used on X website
19- CryptoOps
Tool to encrypt or decrypt text using various cryptographic algorithms.
prompt:
It requires the text, key, algorithm, mode, method (encrypt or decrypt), and encryption.
ejemplo:
Encrypt this text with X algorithm and key
20- Shodan
Use the Shodan API to search for Internet-connected devices based on specific criteria.
prompt:
Requires a query or "dork" for searching in Shodan
ejemplo:
Search for SMBs without authentication in Shodan
21- nomore403
Try techniques to bypass HTTP 403 errors and access restricted content.
prompt:
You need the URL of the restricted resource
ejemplo:
Try to access restricted content from X URL
22- Github Scrapper
Search GitHub for tools and resources based on keywords.
prompt:
Requires keywords or the URL of a specific repository to search for detailed information.
ejemplo:
Search for X-related tools on GitHub
23- Phish Detector
Detects possible phishing pages by comparing them with a database of known sites.
prompt:
Requires the URL of the website to verify.
ejemplo:
Check if X website is a phishing page