Take it like a gift

Vulnerable REST API with OWASP top 10 vulnerabilities for security testing.

Tool to enumerate targets in search of cloud resources.

Bypass IP source restrictions using HTTP headers.

The ultimate Vulnerability Disclosure Policy and Bug Bounty list!

Designed to streamline the extraction and sanitization of HARTokens from HTTP archives.

Generates JNDI links can start several servers to exploit JNDI Injection vulnerabilities.

Crack Windows passwords from hashes.

Modern tool for Windows kernel exploration and tracing with a focus on security.

An easy way for penetration testers and bug bounty hunters to test (blind) XSS.

All-in-one plugin for the detection and exploitation of Java deserialization vulnerabilities.

All In One Web Recon.

Bruteforce and enumerate Active Directory accounts through Kerberos pre-authentication.

Interactive .NET SQL console client with enhanced SQL Server discovery/access/exfiltration features.

Ultimate domain enumeration tool.

Detect misconfigurations and security risks across GitHub and GitLab assets.