Take it like a gift

ADReaper
ADReaper

Enumerate an Active Directory environment with LDAP queries.

JWT Tool
JWT Tool

A toolkit for testing, tweaking and cracking JSON Web Tokens.

hauditor
hauditor

Analyze the security headers returned by a web page and report dangerous configurations.

creepyCrawler
creepyCrawler

Crawl a site and extract useful informations for recon.

adPEAS
adPEAS

Powershell tool to automate Active Directory enumeration.

RacePWN
RacePWN

Race Condition framework.

ike-scan
ike-scan

Discover and fingerprint IKE hosts.

SUID3NUM
SUID3NUM

Standalone script to enumerate SUID binaries, separate default binaries from customs.

JSONBee
JSONBee

A ready to use JSONP endpoints/payloads to help bypass Content Security Policy.

CorsMe
CorsMe

CORS misconfiguration scanner tool with speed and precision in mind!

skipfish
skipfish

Active web application security reconnaissance tool.

cstc
cstc

Burp Suite extension that allows request/response modification using a GUI.

Highlighter and Extractor
Highlighter and Extractor

Collect, categorize and highlight requests and/or responses according to their content.

H1 Report Finder
H1 Report Finder

A burpsuite extension to find security reports published on HackerOne based on the selected host.

PsMapExec
PsMapExec

A PowerShell tool heavily inspired by the popular tool CrackMapExec/NetExec.