Take it like a gift

CrossLinked
CrossLinked

LinkedIn enumeration tool to get employee names from an organization using scraping.

LaZagne
LaZagne

Credentials recovery project.

FlowMate
FlowMate

A Burp Suite extension that brings taint analysis to web applications, by tracking all parameters.

MultiDump
MultiDump

Post-exploitation tool for dumping and extracting LSASS memory discreetly.

Java Deserialization Scanner
Java Deserialization Scanner

All-in-one plugin for the detection and exploitation of Java deserialization vulnerabilities.

ikeforce
ikeforce

Command line IPSEC VPN brute forcing tool for Linux.

extract-endpoints
extract-endpoints

Extract endpoints from source files.

Havoc
Havoc

Modern and malleable post-exploitation command and control framework.

graphql-armor
graphql-armor

The missing GraphQL security security layer.

Have i been pwned?
Have i been pwned?

Check if your email or phone is in a data breach.

lyncsmash
lyncsmash

Locate and attack Lync and Skype for Business.

SSRFTest
SSRFTest

SSRF testing tool.

reconFTW
reconFTW

Runs the best set of tools to perform scanning and finding out vulnerabilities on a target domain.

httprebind
httprebind

Automatic tool for DNS rebinding-based SSRF attacks.

PortSwigger WebSecurity Academy
PortSwigger WebSecurity Academy

Free, online web security training from the creators of Burp Suite.