5arth4k-X

5arth4k-X / RedVect0r

Public

Attack surface mapping tool for penetration testers.

19
1
69% credibility
Found Mar 17, 2026 at 19 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Python
AI Summary

RedVect0r is an open-source security scanner that maps a website's exposed areas by finding subdomains, open ports, sensitive files, misconfigurations, and risks, then generates reports with scores.

How It Works

1
🔍 Discover RedVect0r

You find this free tool on a sharing site that helps spot weak spots on websites so you can make them safer.

2
📥 Get it ready

Download the files and run a simple setup script to prepare everything on your computer.

3
🌐 Pick your website

Tell the tool the name of the website you want to check, like your company's site.

4
🚀 Start the check

Choose a quick look or deep search, then launch it and watch as it explores hidden parts of the site.

5
📊 Watch discoveries unfold

See live updates on extra site sections, open entry points, and possible risks as it works.

6
📈 Review the findings

Get a colorful report with risk scores, screenshots, and tips on what needs fixing.

Strengthen your site

Use the insights to patch issues and feel confident your website is more secure.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 19 to 19 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is RedVect0r?

RedVect0r is a Python-based attack surface mapping tool for penetration testers, automating recon to uncover subdomains, open ports, sensitive endpoints, WAFs, subdomain takeovers, CORS misconfigs, open redirects, and SSL weaknesses. Run a single CLI command like `python main.py example.com --fast` to get HTTP/HTTPS probing, tech fingerprinting, risk scoring, and optional screenshots across live hosts. It generates TXT/JSON reports for attack surface analysis and management, helping prioritize reduction efforts.

Why is it gaining traction?

It stands out by chaining tools like subfinder, nmap, and whatweb into a configurable pipeline with proxy support, delays, and custom wordlists—ideal for stealthy scans without scripting your own. Risk scores weigh critical issues like takeovers (80 points) or expired SSL, while screenshots visualize exposures. Devs dig the abort-safe workflow and BSI-style attack surface checks in one lightweight package.

Who should use this?

Penetration testers prepping for engagements or bug bounty hunters mapping attack surfaces. Red teams scanning client infra for quick wins like open ports or auth bypass hints. Security engineers monitoring attack surface reduction rules and exclusions over time.

Verdict

Solid starter for Python-savvy pentesters needing an all-in-one attack surface analyzer, but 19 stars and 0.7% credibility score signal early maturity—expect dependency tweaks (nmap, playwright). Test on non-prod targets first; pairs well with mature tools for production recon.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.