Take it like a gift

Chaos
sponsor
Chaos

Collect and maintain internet-wide assets data for public Bug Bounty programs.

Burp WP
Burp WP

Find known vulnerabilities in WordPress plugins and themes, WPScan like plugin for Burp.

bxss.net
bxss.net

Web service that allows for detection Blind XSS vulnerabilities within web applications.

Lookyloo
Lookyloo

Allows users to capture a website page and then display a tree of domains that call each other.

JNDI-Injection-Exploit
JNDI-Injection-Exploit

Generates JNDI links can start several servers to exploit JNDI Injection vulnerabilities.

Certipy
Certipy

Active Directory Certificate Services enumeration and abuse.

BinDiff
BinDiff

Quickly find differences and similarities in disassembled code.

burp-exporter
burp-exporter

Copy a Burp Suite request to a file or the clipboard as multiple programming languages functions.

brakeman
brakeman

Static analysis security vulnerability scanner for Ruby on Rails applications.

bbrf
bbrf

Help you coordinate your reconnaissance workflows across multiple devices.

Burp-AnonymousCloud
Burp-AnonymousCloud

Performs passive scan to identify buckets and test them for publicly accessible vulnerabilities.

Canvas
Canvas

Assessment tool that allows penetration testing and hostile attack simulations.

BurpSentinel
BurpSentinel

GUI Burp Plugin to ease discovering of security holes in web applications.

clairvoyance
clairvoyance

Obtain GraphQL API Schema even if the introspection is not enabled.

BurpSuiteHTTPSmuggler
BurpSuiteHTTPSmuggler

A Burp Suite extension to bypass WAFs or test their effectiveness using a number of techniques.