Take it like a gift

katana
sponsor
katana

A next-generation crawling and spidering framework.

Liffy
Liffy

Local file inclusion exploitation tool.

dnscat2
dnscat2

Create an encrypted command-and-control (C&C) channel over the DNS protocol.

git-dumper
git-dumper

A tool to dump a git repository from a website.

HackTricks
HackTricks

Find trick/technique/whatever learnt from CTFs, real life apps, reading researches, and news.

JSShell
JSShell

An interactive multi-user web JS shell.

capa
capa

The FLARE team's open-source tool to identify capabilities in executable files.

BurpSuiteHTTPSmuggler
BurpSuiteHTTPSmuggler

A Burp Suite extension to bypass WAFs or test their effectiveness using a number of techniques.

HackBrowserData
HackBrowserData

Decrypt passwords/cookies/history/bookmarks from the browser.

AWSGoat
AWSGoat

A damn vulnerable AWS infrastructure.

H1 Report Finder
H1 Report Finder

A burpsuite extension to find security reports published on HackerOne based on the selected host.

Kadimus
Kadimus

Check for and exploit LFI vulnerabilities with a focus on PHP systems.

Arjun
Arjun

HTTP parameter discovery suite.

bbscope
bbscope

Scope gathering tool for multiple Bug Bounty platforms.

GitHunter
GitHunter

A tool for searching a Git repository for interesting content.