A damn vulnerable AWS infrastructure.
Automatic SSTI detection tool with interactive interface.
Simple JWT token brute force cracker.
Contextual content discovery tool.
Find exploits in local and online databases instantly.
Try to find all subdomains, similar-domains and related-domains of an organization.
Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.
Scans the history of GitHub repositories to find sensitive things.
A CLI tool to extract server certificates.
Interactive CTF exploration tool.
Create vulnerable instrumented local or cloud environments to simulate attacks.
Automated All-in-One OS Command Injection Exploitation Tool.
Adaption of tomnomnom's kxss tool with a different output format.
Locally checks for signs of a rootkit.
Power security researchers around the world as well as code scanning.