Take it like a gift

BucketLoot
BucketLoot

An automated S3-compatible bucket inspector.

dnsgen
dnsgen

Generates combination of domain names from the provided input.

Burp WP
Burp WP

Find known vulnerabilities in WordPress plugins and themes, WPScan like plugin for Burp.

403JUMP
403JUMP

HTTP 403 bypass tool.

CloudFail
CloudFail

Utilize misconfigured DNS and old database records to find hidden IPs behind CloudFlare network.

Awesome BugBounty Writeups
Awesome BugBounty Writeups

A curated list of bugbounty writeups (Bug type wise).

DNSRecon
DNSRecon

DNS Enumeration Script.

Tracy
Tracy

Assists with finding all sinks and sources of a webapp and display the results in a nice way.

autochrome
autochrome

A shiny new copy of Chromium that will bring colors in your hunt.

CeWL
CeWL

Custom Word List Generator.

brute ratel
brute ratel

A customized command and control center for red team and adversary simulation.

Atomic Red Team
Atomic Red Team

Small and highly portable detection tests based on MITRE's ATT&CK.

CrossLinked
CrossLinked

LinkedIn enumeration tool to get employee names from an organization using scraping.

B-XSSRF
B-XSSRF

Toolkit to detect and keep track on Blind XSS, XXE & SSRF.

Cuckoo Sandbox
Cuckoo Sandbox

An automated dynamic malware analysis system.