Take it like a gift

localdataHog
featured
localdataHog

String-based secret-searching tool, high entropy and regexes.

jadx
jadx

Dex to Java decompiler.

Trishul
Trishul

Burp Suite Extension to hunt for common vulnerabilities found in websites.

Payloads All The Things
Payloads All The Things

A list of useful payloads and bypass for Web Application Security.

Retire.js
Retire.js

Detects the use of JavaScript libraries with known vulnerabilities.

postMessage-tracker
postMessage-tracker

A Chrome Extension to track postMessage usage (url, domain and stack).

NoSQLMap
NoSQLMap

Automated NoSQL database enumeration and web application exploitation tool.

mksub
mksub

Generate tens of thousands of subdomain combinations in a matter of seconds.

PowerMayhem
PowerMayhem

Powershell payload generator In Bash !

NimPlant
NimPlant

A light-weight first-stage C2 implant written in Nim.

lorsrf
lorsrf

Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load.

PowerMeta
PowerMeta

Searches for publicly available files hosted on various websites for a particular domain.

Prenum
Prenum

The perils of the pre-Windows 2000 compatible access group in a Windows domain.

Maigret
Maigret

Collect a dossier on a person by username from thousands of sites.

Offensive-Azure
Offensive-Azure

Collection of offensive tools targeting Microsoft Azure written in Python to be platform agnostic.