Take it like a gift

DVCA
featured
DVCA

Damn vulnerable cloud application.

domain_hunter
domain_hunter

Try to find all subdomains, similar-domains and related-domains of an organization.

gf
gf

A wrapper around grep to avoid typing common patterns.

dnscat2
dnscat2

Create an encrypted command-and-control (C&C) channel over the DNS protocol.

goreplay
goreplay

Capture and replay live HTTP traffic in order to continuously test your system with real data.

KICS
KICS

Find vulnerabilities, compliance issues and infrastructure misconfigurations in your IAC.

dirsearch
dirsearch

Web path scanner.

ReverseKit
ReverseKit

A dynamic reverse engineering toolkit.

egressbuster
egressbuster

Check egress filtering and identify if ports are allowed to automatically spawn a shell.

dufflebag
dufflebag

Search exposed EBS volumes for secrets.

Collaborator Everywhere
Collaborator Everywhere

Burp Suite extension which injects non-invasive headers to reveal backend systems.

Eagle
Eagle

Vulnerability scanner for mass detection of web-based applications vulnerabilities.

evilgophish
evilgophish

Combination of evilginx3 and GoPhish.

Faraday security
Faraday security

Open source sulnerability management and orchestration platform.

dorky
dorky

Quickly do keyword searches over GitLab and GitHub for OSINT & bug bounty recon.