Fast and customizable subdomain wordlist generator using DSL.
Most advanced XSS scanner.
Takes a single wordlist item and tests it one by one over a large collection of websites.
An easy way for penetration testers and bug bounty hunters to test (blind) XSS.
Combine your rewards from platforms giving you insights about your bug hunting progress.
A fast tool to check missing hosted DNS zones that can lead to subdomain takeover.
The most powerful CRLF injection scanner.
Set of tools to process and visualize huge text files containing credentials.
Generate javascript code to be injected in case you find a Server Side Javascript Injection.
Divide full port scan results and use it for targeted Nmap runs.
Whois command implemented by golang with awesome whois servers list.
Rapidly search through troves of public data on GitHub for sensitive secrets.
Automated blind-xss search for Burp Suite.
Damn vulnerable cloud application.
Extract endpoints from source files.