Take it like a gift

nodejsscan
nodejsscan

A static security code scanner for Node.js applications.

Mosint
Mosint

An automated e-mail OSINT tool.

PortSwigger WebSecurity Academy
PortSwigger WebSecurity Academy

Free, online web security training from the creators of Burp Suite.

open-sesame
open-sesame

Contains HackerOne disclosed reports and other bug bounty writeups.

Linux Exploit Suggester
Linux Exploit Suggester

Based on operating system release number.

off-by-slash
off-by-slash

Burp extension to detect alias traversal via NGINX misconfiguration at scale.

ncrack
ncrack

Open source tool for network authentication cracking.

OSX Password Dumper
OSX Password Dumper

Dump users's .plist on a Mac OS system and to convert them into a crackable hash.

ReconNess
ReconNess

Continuous recon and pipeline tools setup.

LocalPotato
LocalPotato

Another local Windows privilege escalation using a new potato technique.

mvt
mvt

Helps with conducting forensics of mobile devices in order to find signs of a potential compromise.

Powermad
Powermad

PowerShell MachineAccountQuota and DNS exploit tools.

qscan
qscan

Quick network scanner library.

TrafficWatch
TrafficWatch

A packet sniffer tool, allows you to monitor and analyze network traffic from PCAP files.

meg
meg

Fetch many paths for many hosts, without killing the hosts.