Take it like a gift

web-hacking-toolkit
web-hacking-toolkit

A web hacking toolkit.

mentalist
mentalist

Graphical tool for custom wordlist generation.

Rusty Hog
Rusty Hog

A suite of secret scanners built in Rust for performance.

Rebind
Rebind

Implement the multiple A record DNS rebinding attack.

PortSwigger Cross-Site Scripting cheatsheet data
PortSwigger Cross-Site Scripting cheatsheet data

All the XSS cheatsheet data to allow contributions from the community.

postleaks
postleaks

Search for sensitive data in Postman public library.

PostMessage_Fuzz_Tool
PostMessage_Fuzz_Tool

A PostMessage fuzzing extension for Chrome.

OpenCanary
OpenCanary

Modular and decentralised honeypot.

NodeGoat
NodeGoat

Learn how OWASP Top 10 security risks apply to web applications developed using Node.js.

orpheus
orpheus

Bypass Kerberoast detections with modified KDC options and encryption types.

Nozaki
Nozaki

HTTP fuzzer engine security oriented.

P4wnP1 A.L.O.A.
P4wnP1 A.L.O.A.

Turn a Rapsberry Pi Zero W into a flexible, low-cost platform for pentesting, red teaming or PE.

ParamPamPam
ParamPamPam

This tool for brute discover GET and POST parameters.

smbcrawler
smbcrawler

No-nonsense tool that takes credentials and a list of hosts and crawls through those shares.

Oculus
Oculus

OSINT tool used to discover environments, directories, and subdomains of a particular domain.