Take it like a gift

wgen.io
wgen.io

Generate rich wordlists for targeted attacks online.

httprobe
httprobe

Take a list of domains and probe for working HTTP and HTTPS servers.

BurpJSLinkFinder
BurpJSLinkFinder

Burp Extension for a passive scanning JS files for endpoint links.

dsieve
dsieve

Filter and enrich a list of subdomains by level.

bbot
bbot

OSINT automation for hackers.

DVCA
DVCA

Damn vulnerable cloud application.

GET-ACQ
GET-ACQ

Gather all companies acquired by a given company domain name.

EDD
EDD

Ultimate domain enumeration tool.

cve-search
cve-search

A tool to perform local searches for known vulnerabilities.

jackdaw
jackdaw

Gather gather gather.

Faraday security
Faraday security

Open source sulnerability management and orchestration platform.

Bucket Stream
Bucket Stream

Find interesting Amazon S3 Buckets by watching certificate transparency logs.

headi
headi

Customisable and automated HTTP header injection.

cerbrutus
cerbrutus

Network brute force tool, faster than other existing solutions.

Betterscan
Betterscan

Code Scanning/SAST/static analysis/linting using many tools/scanners with one report.