Take it like a gift

Core Impact
Core Impact

Designed to enable security teams to conduct advanced penetration tests with ease.

sqlipy
sqlipy

Python plugin for Burp Suite that integrates SQLMap using the SQLMap API.

BlueHound
BlueHound

Pinpoint the security issues that actually matter.

cvecrowd.com
cvecrowd.com

Lists CVEs that are currently being discussed on the social network Mastodon.

Dangerous Methods
Dangerous Methods

A Burp Suite extension for finding the use of potentially dangerous methods/functions.

BugBountyScanner
BugBountyScanner

A Bash script and Docker image for Bug Bounty reconnaissance, intended for headless use.

archaeologit
archaeologit

Scans the history of GitHub repositories to find sensitive things.

tko-subs
tko-subs

A tool that can help detect and takeover subdomains with dead DNS records.

Hawkeye
Hawkeye

Filesystem analysis tool/directory looking for interesting stuff.

SiteBroker
SiteBroker

Utility for information gathering and penetration testing automation.

SharPersist
SharPersist

Windows persistence toolkit written in C#.

XFFenum
XFFenum

X-Forwarded-For [403 forbidden] enumeration.

kerbrute
kerbrute

Bruteforce and enumerate Active Directory accounts through Kerberos pre-authentication.

Spoofy
Spoofy

Checks if a list of domains can be spoofed based on SPF and DMARC records.

SQLninja
SQLninja

Exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server.