Take it like a gift

clairvoyance
clairvoyance

Obtain GraphQL API Schema even if the introspection is not enabled.

Argus-SAF
Argus-SAF

Static analysis framework built in house to do security vetting for Android applications.

Certificate Ripper
Certificate Ripper

A CLI tool to extract server certificates.

pmd
pmd

An extensible multilanguage static code analyzer.

BucketLoot
BucketLoot

An automated S3-compatible bucket inspector.

Canvas
Canvas

Assessment tool that allows penetration testing and hostile attack simulations.

js-beautify
js-beautify

Beautifier for JavaScript.

EAPHammer
EAPHammer

Targeted attacks against WPA2-Enterprise networks, wireless pivots using hostile portal attacks.

BurpSuiteHTTPSmuggler
BurpSuiteHTTPSmuggler

A Burp Suite extension to bypass WAFs or test their effectiveness using a number of techniques.

bountyplz
bountyplz

Automated security reporting from markdown templates.

hoaxshell
hoaxshell

Windows reverse shell payload generator and handler that abuses the http(s) protocol.

hakip2host
hakip2host

Takes a list of IP addresses then does a series of checks to return associated domain names.

FDsploit
FDsploit

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

bbradar.io
bbradar.io

Fetches latest bug bounty programs from many platforms and consolidates them in one place.

hcxdumptool
hcxdumptool

Small tool to capture packets from wlan devices.