Take it like a gift
param-miner
Identifies hidden, unlinked parameters, useful for finding web cache poisoning vulnerabilities.
padding-oracle-attacker
Execute padding oracle attacks with support for concurrent network requests and an elegant UI.