Take it like a gift

katana
sponsor
katana

A next-generation crawling and spidering framework.

LinkFinder
LinkFinder

A python script that finds endpoints in JavaScript files.

EndPointer
EndPointer

An extension that auto extracts URLs from the current webpage and JS files.

changeme
changeme

A default credential scanner.

BitBlinder
BitBlinder

Injects custom XSS payloads on every form/request submitted to detect blind XSS.

autochrome
autochrome

A shiny new copy of Chromium that will bring colors in your hunt.

Kismet
Kismet

Remote capture for all capture types over TCP sockets or websockets.

DOMDig
DOMDig

DOM XSS scanner for Single Page Applications.

Arjun
Arjun

HTTP parameter discovery suite.

APKEnum
APKEnum

Passive enumeration utility For Android applications.

CRLFsuite
CRLFsuite

The most powerful CRLF injection scanner.

JSShell
JSShell

An interactive multi-user web JS shell.

HostileSubBruteforcer
HostileSubBruteforcer

Bruteforce existing subdomains and provide informations about them.

H1 Report Finder
H1 Report Finder

A burpsuite extension to find security reports published on HackerOne based on the selected host.

Damn Vulnerable RESTaurant
Damn Vulnerable RESTaurant

An intentionally vulnerable web API game for learning and training purposes.