Take it like a gift

PurpleOps
PurpleOps

An open-source self-hosted purple team management web application.

CloudGoat
CloudGoat

Vulnerable by design AWS deployment tool.

4-ZERO-3
4-ZERO-3

403/401 Bypass Methods.

Caldera
Caldera

Automated adversary emulation platform.

LEAKEY
LEAKEY

Bash script which checks and validates for leaked credentials.

b374k
b374k

PHP Webshell with handy features.

autochrome
autochrome

A shiny new copy of Chromium that will bring colors in your hunt.

GoAltdns
GoAltdns

A permutation generation tool written in golang.

ATOR
ATOR

Authentication Token Obtain and Replace Extender.

GatherContacts
GatherContacts

Burp Suite extension to pull employee names from Google and Bing LinkedIn search results.

favicon-hashtrick
favicon-hashtrick

Python script implementing the favicon hash trick to find subdomains.

CTFR
CTFR

Abusing Certificate Transparency logs for getting HTTPS websites subdomains.

CloudBrute
CloudBrute

Awesome cloud enumerator.

git-dumper
git-dumper

A tool to dump a git repository from a website.

smap
smap

A drop-in replacement for Nmap powered by shodan.io.