Take it like a gift

angr
angr

A powerful and user-friendly binary analysis platform.

Certify
Certify

Active Directory certificate abuse.

vbscan
vbscan

A black box vBulletin vulnerability scanner.

AWS Extender CLI
AWS Extender CLI

Command-line script to test cloud storage for common misconfiguration issues.

bxss.net
bxss.net

Web service that allows for detection Blind XSS vulnerabilities within web applications.

hakip2host
hakip2host

Takes a list of IP addresses then does a series of checks to return associated domain names.

Hash Buster
Hash Buster

Crack hashes in seconds.

gowitness
gowitness

A golang, web screenshot utility using Chrome Headless.

DNSExfiltrator
DNSExfiltrator

Data exfiltration over DNS request covert channel.

hakfindinternaldomains
hakfindinternaldomains

Feed it a list of subdomains, it will resolve them and tell you which ones are internal.

Fluxion
Fluxion

Fluxion is the future of MITM WPA attacks.

BaRMIe
BaRMIe

Enumerating and attacking Java Remote Method Invocation services.

HARpwn
HARpwn

Designed to streamline the extraction and sanitization of HARTokens from HTTP archives.

Gopherus
Gopherus

Generates gopher link for exploiting SSRF and gaining RCE in various servers.

detect-secrets
detect-secrets

An enterprise friendly way of detecting and preventing secrets in code.