Take it like a gift

pwndrop
pwndrop

Self-deployable file hosting service allowing to easily upload and share payloads over HTTP and WebD.

Argus-SAF
Argus-SAF

Static analysis framework built in house to do security vetting for Android applications.

Injectify
Injectify

Perform advanced MiTM attacks on websites with ease.

amap
amap

Identify applications even if they are running on a different port than normal.

CORStest
CORStest

A simple CORS misconfiguration scanner.

CloudFail
CloudFail

Utilize misconfigured DNS and old database records to find hidden IPs behind CloudFlare network.

cloud_enum
cloud_enum

Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.

CeWL
CeWL

Custom Word List Generator.

cloudsploit
cloudsploit

Cloud Security Posture Management (CSPM).

APTRS
APTRS

Automated penetration testing reporting system.

H1 Report Finder
H1 Report Finder

A burpsuite extension to find security reports published on HackerOne based on the selected host.

403-bypasser
403-bypasser

A Burp Suite extension made to automate the process of bypassing 403 pages.

airgeddon
airgeddon

This is a multi-use bash script for Linux systems to audit wireless networks.

capa
capa

The FLARE team's open-source tool to identify capabilities in executable files.

evil SSDP
evil SSDP

Spoof SSDP replies to phish for credentials and NetNTLM challenge/response.