Take it like a gift

shosubgo
shosubgo

Small tool to grab subdomains using Shodan API.

is-website-vulnerable
is-website-vulnerable

Finds publicly known security vulnerabilities in a website's frontend JavaScript libraries.

XSpear
XSpear

Powerfull XSS Scanning and Parameter analysis tool&gem.

cero
cero

Scrape domain names from SSL certificates of arbitrary hosts.

traitor
traitor

Automatic Linux privilege escalation via exploitation of low-hanging fruit.

Commando VM
Commando VM

Fully customizable Windows-based pentesting virtual machine distribution.

Parsero
Parsero

Robots.txt audit tool.

clair
clair

Vulnerability static analysis for containers.

metasploitable
metasploitable

VM that is built from the ground up with a large amount of security vulnerabilities.

Certipy
Certipy

Active Directory Certificate Services enumeration and abuse.

LibAFL
LibAFL

Advanced fuzzing librar. Slot your fuzzers together and extend their features using Rust.

PowerUpSQL
PowerUpSQL

A PowerShell toolkit for attacking SQL Server.

crithit
crithit

Takes a single wordlist item and tests it one by one over a large collection of websites.

DalFox
DalFox

Powerful open source XSS scanning tool and parameter analyzer.

nipper-ng
nipper-ng

Network infrastructure configuration parser.