A work-in-progress deobfuscator for movfuscated binaries.
Steganography program that hides secrets in the least significant bits of a file.
Series of tools for attacking MS Kerberos implementations.
GraphQL security testing tool.
Fetches JavaScript files quickly and comprehensively from a defined list of URLs or domains.
Command line tool for testing CRLF injection on a list of domains.
A fast passive subdomain enumeration tool that uses various sources to gather data.
Agent-less vulnerability scanner.
Attack patterns and primitives for black-box application fault injection and resource discovery.
Escalate a Cross-Site Scripting vulnerability to Remote Code Execution in WordPress.
A friend of SQLmap which will do what you always expected from SQLmap.
Highly configurable script for dictionary/spray attacks against online web applications.
Burp Extension for a passive scanning JS files for endpoint links.
Offensive information and vulnerability scanner.
ExifTool meta information reader/writer.
