Take it like a gift

Post-exploitation tools to gather credentials from various password managers and Windows utilities.

Small script to check a list of domains against open redirect vulnerability.

A Burp Suite extension that brings taint analysis to web applications, by tracking all parameters.

Automated tool for testing header based blind SQL injection.

Payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.

Automatic tool for DNS rebinding-based SSRF attacks.

An ICMP reverse shell written in Python3 and scapy.

User-friendly OSINT tool that allows you to quickly and easily gather informations.

Check if the mail is used on different sites and retrieve informations on sites.

Hex editor for reverse engineers, programmers and people who value their retinas when working at 3am.

Simple, fast web crawler designed for discovery of endpoints and assets within a web application.

Adaption of tomnomnom's kxss tool with a different output format.

Remote capture for all capture types over TCP sockets or websockets.

Automated attack simulation in the cloud, complete with detection use cases.

Automated HTTP request repeating with Burp Suite.