Take it like a gift

CORS Scanner
CORS Scanner

A multi-threaded scanner that helps identify CORS flaws/misconfigurations.

Tamper Dev
Tamper Dev

Allows you to intercept and edit HTTP/HTTPS requests and responses.

Wordsmith
Wordsmith

Assist with creating tailored wordlists, mostly based on geolocation.

clairvoyance
clairvoyance

Obtain GraphQL API Schema even if the introspection is not enabled.

MetaDetective
MetaDetective

Unleash metadata intelligence, bridging the chasm in metadata extraction and analysis.

API fuzzer
API fuzzer

Fuzz request attributes using common pentesting techniques and lists vulnerabilities.

CMSeek
CMSeek

CMS Detection and Exploitation suite that supports over 180 other CMSs.

SSH PuTTY login bruteforcer
SSH PuTTY login bruteforcer

A wrapper script which uses PuTTY to perform SSH login bruteforce attacks.

sshLooterC
sshLooterC

It's the C version of sshLooter.

Dangerous Methods
Dangerous Methods

A Burp Suite extension for finding the use of potentially dangerous methods/functions.

cloudflare-origin-ip
cloudflare-origin-ip

Try to find the origin IP of a webapp protected by Cloudflare.

objection
objection

Runtime mobile exploration.

sns
sns

IIS shortname scanner written in Go.

boofuzz
boofuzz

Network protocol fuzzing for humans.

XSSwagger
XSSwagger

A simple Swagger-ui scanner that can detect old versions vulnerable to various XSS attacks.