Take it like a gift

proxify
sponsor
proxify

Swiss Army knife Proxy tool for HTTP(S) traffic capture, manipulation, and replay on the go.

httpx
sponsor
httpx

HTTP toolkit that allows running multiple probes using the retryablehttp library.

pphack
pphack

The most advanced client-side prototype pollution scanner.

Dismap
Dismap

Asset discovery and identification tool.

bbradar.io
bbradar.io

Fetches latest bug bounty programs from many platforms and consolidates them in one place.

DVRF
DVRF

The Damn Vulnerable Router Firmware project.

bXSS
bXSS

bXSS is a utility which can be used identify Blind Cross-Site Scripting.

SecretMagpie
SecretMagpie

Secret Detection Tool.

favirecon
favirecon

Use favicon.ico to improve your target recon phase.

BugBountyScanner
BugBountyScanner

A Bash script and Docker image for Bug Bounty reconnaissance, intended for headless use.

PyCript
PyCript

Bypass client-side encryption using custom logic for testing with Python and NodeJS.

HostileSubBruteforcer
HostileSubBruteforcer

Bruteforce existing subdomains and provide informations about them.

XSSRocket
XSSRocket

Written by Black Hat Ethical Hacking and #ChatGPT for offensive security and XSS attacks.

Venom
Venom

Popular Pentesting scanner for SQLi/XSS/LFI/RFI and other Vulns.

AWSloot
AWSloot

Pull secrets from an AWS environment.