Take it like a gift

nuclei-burp-plugin
sponsor
nuclei-burp-plugin

A Burp Suite plugin intended to help with Nuclei template generation.

Kadimus
Kadimus

Check for and exploit LFI vulnerabilities with a focus on PHP systems.

ppfuzz
ppfuzz

A fast tool to scan client-side prototype pollution vulnerability written in Rust.

Shellcrypt
Shellcrypt

A QoL tool to obfuscate shellcode.

Sourcegraph
Sourcegraph

Search millions of open source repositories.

PsMapExec
PsMapExec

A PowerShell tool heavily inspired by the popular tool CrackMapExec/NetExec.

smbcrawler
smbcrawler

No-nonsense tool that takes credentials and a list of hosts and crawls through those shares.

gitpillage
gitpillage

Extract data from a .git directory.

findsecuritycontacts.com
findsecuritycontacts.com

Scans the top 500 sites daily for their security.txt file or DNS records.

BitBlinder
BitBlinder

Injects custom XSS payloads on every form/request submitted to detect blind XSS.

WhatRuns
WhatRuns

Discover what runs a website.

DVWS
DVWS

Vulnerable application with a web service and an API.

pwnagotchi
pwnagotchi

Deep reinforcement learning instrumenting bettercap for WiFi pwning.

Autorize
Autorize

Automatic authorization enforcement detection extension for Burp Suite.

s3-buckets-finder
s3-buckets-finder

Find AWS S3 buckets and test their permissions.