Take it like a gift

alterx
sponsor
alterx

Fast and customizable subdomain wordlist generator using DSL.

XSStrike
XSStrike

Most advanced XSS scanner.

crithit
crithit

Takes a single wordlist item and tests it one by one over a large collection of websites.

ezXSS
ezXSS

An easy way for penetration testers and bug bounty hunters to test (blind) XSS.

BountyDash
BountyDash

Combine your rewards from platforms giving you insights about your bug hunting progress.

DNSTake
DNSTake

A fast tool to check missing hosted DNS zones that can lead to subdomain takeover.

CRLFsuite
CRLFsuite

The most powerful CRLF injection scanner.

leakScraper
leakScraper

Set of tools to process and visualize huge text files containing credentials.

JSgen
JSgen

Generate javascript code to be injected in case you find a Server Side Javascript Injection.

DivideAndScan
DivideAndScan

Divide full port scan results and use it for targeted Nmap runs.

Gowhois
Gowhois

Whois command implemented by golang with awesome whois servers list.

GitGot
GitGot

Rapidly search through troves of public data on GitHub for sensitive secrets.

Femida
Femida

Automated blind-xss search for Burp Suite.

DVCA
DVCA

Damn vulnerable cloud application.

extract-endpoints
extract-endpoints

Extract endpoints from source files.