Take it like a gift

kube-bench
kube-bench

Checks whether Kubernetes is deployed according to security best practices.

Built With
Built With

Find out what websites are Built With.

a2sv
a2sv

Auto Scanning to SSL Vulnerability.

hakoriginfinder
hakoriginfinder

Discover the origin host behind a reverse proxy, useful for bypassing cloud WAFs!.

Bug Bounty Reports Explained
Bug Bounty Reports Explained

Bug Bounty Reports Explained channel.

broken-link-hijacking
broken-link-hijacking

Broken Link Hijacking Burp Suite extension.

bore
bore

A simple CLI tool for making tunnels to localhost.

hakfindinternaldomains
hakfindinternaldomains

Feed it a list of subdomains, it will resolve them and tell you which ones are internal.

APKiD
APKiD

Android application identifier for packers, protectors, obfuscators and oddities.

haktldextract
haktldextract

Extract domains/subdomains from URLs en masse.

BaRMIe
BaRMIe

Enumerating and attacking Java Remote Method Invocation services.

Hash Buster
Hash Buster

Crack hashes in seconds.

brutesubs
brutesubs

Automation framework for running multiple open sourced subdomain bruteforcing tools in parallel.

HackTools
HackTools

The all-in-one browser extension for offensive security professionals.

Invoke-WCMDump
Invoke-WCMDump

PowerShell script to dump Windows credentials from the Credential Manager.