Take it like a gift

demovfuscator
demovfuscator

A work-in-progress deobfuscator for movfuscated binaries.

steghide
steghide

Steganography program that hides secrets in the least significant bits of a file.

kerberoast
kerberoast

Series of tools for attacking MS Kerberos implementations.

ShapeShifter
ShapeShifter

GraphQL security testing tool.

jsfinder
jsfinder

Fetches JavaScript files quickly and comprehensively from a defined list of URLs or domains.

CRLF-Injection-Scanner
CRLF-Injection-Scanner

Command line tool for testing CRLF injection on a list of domains.

subnerium
subnerium

A fast passive subdomain enumeration tool that uses various sources to gather data.

Vuls
Vuls

Agent-less vulnerability scanner.

FuzzDB
FuzzDB

Attack patterns and primitives for black-box application fault injection and resource discovery.

Tool WPXStrike
Tool WPXStrike

Escalate a Cross-Site Scripting vulnerability to Remote Code Execution in WordPress.

sqlmate
sqlmate

A friend of SQLmap which will do what you always expected from SQLmap.

Klyda
Klyda

Highly configurable script for dictionary/spray attacks against online web applications.

BurpJSLinkFinder
BurpJSLinkFinder

Burp Extension for a passive scanning JS files for endpoint links.

Striker
Striker

Offensive information and vulnerability scanner.

ExifTool
ExifTool

ExifTool meta information reader/writer.