Take it like a gift

hakoriginfinder
hakoriginfinder

Discover the origin host behind a reverse proxy, useful for bypassing cloud WAFs!.

fingerprintjs
fingerprintjs

Browser fingerprinting library.

DataExtractor
DataExtractor

A Burp Suite extension to extract data from source code while browsing.

Go365
Go365

Go365 performs user enumeration and password guessing attacks on organizations that use Office365.

403-bypasser
403-bypasser

A Burp Suite extension made to automate the process of bypassing 403 pages.

Shelling
Shelling

A comprehensive OS command injection payload generator.

XSSRocket
XSSRocket

Written by Black Hat Ethical Hacking and #ChatGPT for offensive security and XSS attacks.

BugBountyScanner
BugBountyScanner

A Bash script and Docker image for Bug Bounty reconnaissance, intended for headless use.

subtake
subtake

Extension of sublister tool to check for subdomain takeovers.

twint
twint

Twitter scraping & OSINT tool allowing you to scrape a user's followers, following, tweets and more.

GAP
GAP

A Burp Suite extension to find potential endpoints and parameters.

ghidra
ghidra

Software reverse engineering (SRE) framework.

GOAD
GOAD

Game of Active Directory.

DSStoreView
DSStoreView

DS_Store file parser/viewer.

assetfinder
assetfinder

Find domains and subdomains related to a given domain.