Take it like a gift

discover
discover

Custom bash scripts used to automate various penetration testing tasks.

LOOBins
LOOBins

Living Off the Orchard: macOS Binaries.

Second Order
Second Order

Second-order subdomain takeover scanner.

al-khaser
al-khaser

Public malware techniques used in the wild: virtual machine, emulation, debuggers.

smbmap
smbmap

A handy SMB enumeration tool.

SharpCookieMonster
SharpCookieMonster

Extracts cookies from Chrome.

Agartha
Agartha

Burp Suite extension for dynamic payload generation to detect injection flaws.

SSRF Detector
SSRF Detector

Server-side request forgery detector.

TruffleHog
TruffleHog

Find credentials all over the place.

Scopify
Scopify

Netify.ai reconnaissance tool.

TugaRecon
TugaRecon

Subdomains enumeration tool for penetration testers.

APKLeaks
APKLeaks

Scanning APK file for URIs, endpoints & secrets.

Amass
Amass

In-depth Attack Surface Mapping and Asset Discovery.

ScoutSuite
ScoutSuite

Multi-cloud security auditing tool.

bbscope
bbscope

Scope gathering tool for multiple Bug Bounty platforms.