Take it like a gift

interactsh
sponsor
interactsh

An OOB interaction gathering server and client library

sslscan
sslscan

Tests SSL/TLS enabled services to discover supported cipher suites.

403JUMP
403JUMP

HTTP 403 bypass tool.

DOMDig
DOMDig

DOM XSS scanner for Single Page Applications.

DNSTracer
DNSTracer

Trace the path of a DNS query.

ShuckNT
ShuckNT

Dowgrade, convert, dissect and shuck authentication token based on Data Encryption Standard.

ShadowSpray
ShadowSpray

Spray shadow credentials across an entire domain.

Words Scraper
Words Scraper

Selenium based web scraper to generate passwords list.

Security Monkey
Security Monkey

Monitor AWS, GCP, OpenStack, and GitHub orgs for assets and their changes over time.

webscreenshot
webscreenshot

A simple script to screenshot a list of websites.

xxeserv
xxeserv

A mini webserver with FTP support for XXE payloads.

SQLiScanner
SQLiScanner

Automatic SQL injection with Charles and sqlmap API.

GraphQL Threat Matrix
GraphQL Threat Matrix

Threat framework to research security gaps in GraphQL implementations.

archaeologit
archaeologit

Scans the history of GitHub repositories to find sensitive things.

cookie_crimes
cookie_crimes

Read local Chrome cookies without root or decrypting.