Take it like a gift

hardCIDR
hardCIDR

Discover the netblocks or ranges (in CIDR notation) owned by the target organization.

Eyeballer
Eyeballer

Convolutional neural network for analyzing pentest screenshots.

findsecuritycontacts.com
findsecuritycontacts.com

Scans the top 500 sites daily for their security.txt file or DNS records.

ezXSS
ezXSS

An easy way for penetration testers and bug bounty hunters to test (blind) XSS.

flan
flan

A pretty sweet vulnerability scanner.

macchanger
macchanger

Makes the maniputation of MAC addresses of network interfaces easier.

FastFuzz Chrome Extension
FastFuzz Chrome Extension

Site fast fuzzing with chorme extension.

GSAN
GSAN

Extract subdomains from SSL certificates in HTTPS sites.

goreplay
goreplay

Capture and replay live HTTP traffic in order to continuously test your system with real data.

Freddy Deserialization Bug Finder
Freddy Deserialization Bug Finder

A Burp Suite extension to aid in detecting and exploiting serialisation libraries/APIs.

GhostTrack
GhostTrack

Useful tool to track location or mobile number.

GitHunter
GitHunter

A tool for searching a Git repository for interesting content.

h2cSmuggler
h2cSmuggler

HTTP Request Smuggling over HTTP/2 Cleartext.

GoLinkFinder
GoLinkFinder

A fast and minimal JS endpoint extractor.

GodPotato
GodPotato

Privilege escalation tool for Windows.