Take it like a gift

Hash Buster
Hash Buster

Crack hashes in seconds.

ATOR
ATOR

Authentication Token Obtain and Replace Extender.

EndPointer
EndPointer

An extension that auto extracts URLs from the current webpage and JS files.

Spoofy
Spoofy

Checks if a list of domains can be spoofed based on SPF and DMARC records.

Certificate Ripper
Certificate Ripper

A CLI tool to extract server certificates.

sshLooter
sshLooter

Script to steal passwords from ssh.

BurpSmartBuster
BurpSmartBuster

A Burp Suite content discovery plugin that add the smart into the Buster.

EyeWitness
EyeWitness

Take screenshots of websites, provide server header info and identify default credentials.

Arsenal
Arsenal

Just a quick inventory, reminder and launcher for pentest commands.

Krakatau
Krakatau

Java decompiler, assembler, and disassembler.

DOMDig
DOMDig

DOM XSS scanner for Single Page Applications.

Security Monkey
Security Monkey

Monitor AWS, GCP, OpenStack, and GitHub orgs for assets and their changes over time.

urlgrab
urlgrab

A golang utility to spider through a website searching for additional links.

TugaRecon
TugaRecon

Subdomains enumeration tool for penetration testers.

SharpCookieMonster
SharpCookieMonster

Extracts cookies from Chrome.