Subdomain takeover tool for attackers, bug bounty hunters and the blue team!
Comprehensive manual for mobile application security testing and reverse engineering.
This extension will help you to detect GET/POST based XSS vulnerability in any website easily.
A Python script for AWS S3 bucket enumeration.
Black box fuzzer for web applications.
Powershell tool to automate Active Directory enumeration.
Virtual machine for adversary emulation and threat hunting.
Fast and simple-to-use open-source/cross-platform network scanner.
403/401 Bypass Methods.
A security oriented software fuzzer.
Web Application Security Scanner Framework.
Burp Suite plugin that extracts keywords from response using and test for reflected XSS.
Automatic authorization enforcement detection extension for Burp Suite.
Scan for open S3 buckets and dump the contents.
Post-exploitation framework designed to assist with lateral movement within Active Directory.