Take it like a gift

keyhacks.sh
keyhacks.sh

Automation of tokens/api keys testing.

git-dumper
git-dumper

A tool to dump a git repository from a website.

off-by-slash
off-by-slash

Burp extension to detect alias traversal via NGINX misconfiguration at scale.

DVenom
DVenom

Helps to bypass antiviruses by providing an encryption wrapper and loader for your shellcode.

is-website-vulnerable
is-website-vulnerable

Finds publicly known security vulnerabilities in a website's frontend JavaScript libraries.

fingerprintx
fingerprintx

Standalone utility for service discovery on open ports!

PowerUpSQL
PowerUpSQL

A PowerShell toolkit for attacking SQL Server.

eos
eos

Enemies Of Symfony - debug mode Symfony looter.

Java Deserialization Scanner
Java Deserialization Scanner

All-in-one plugin for the detection and exploitation of Java deserialization vulnerabilities.

fcrackzip
fcrackzip

Zip password cracker.

jwtear
jwtear

Modular command-line tool to parse, create and manipulate JWT tokens.

maltrail
maltrail

Malicious traffic detection system.

jwt-cracker
jwt-cracker

Simple JWT token brute force cracker.

WhatsMyName
WhatsMyName

Enumerate usernames across many websites.

s3cXSSer
s3cXSSer

This extension will help you to detect GET/POST based XSS vulnerability in any website easily.