Take it like a gift

GTFOArgs
GTFOArgs

Unix binaries that can be manipulated for argument injection.

DeepSecrets
DeepSecrets

Secrets scanner that understands code.

Dshell
Dshell

A network forensic analysis framework.

BurpGPT
BurpGPT

A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan.

SQLMutant
SQLMutant

Searches for automated subdomain enumeration and runs SQLi tests.

Mosca
Mosca

Manual search tool to find bugs like a grep unix command.

Onex
Onex

Hacking tools installer and package manager for hackers.

DOMPurify
DOMPurify

A DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG.

evil-winrm
evil-winrm

The ultimate WinRM shell for hacking/pentesting.

DNSTake
DNSTake

A fast tool to check missing hosted DNS zones that can lead to subdomain takeover.

Infoga
Infoga

Email OSINT.

hakrawler
hakrawler

Simple, fast web crawler designed for discovery of endpoints and assets within a web application.

DNSWatch
DNSWatch

DNS traffic sniffer and analyzer.

JOSEPH
JOSEPH

JavaScript Object Signing and Encryption Pentesting Helper.

JS-Tap
JS-Tap

JavaScript payload and supporting software to be used as XSS payload or post exploitation implant.