Take it like a gift

Chaos
sponsor
Chaos

Collect and maintain internet-wide assets data for public Bug Bounty programs.

Shadow Workers
Shadow Workers

C2 and proxy designed to help in the exploitation of XSS and malicious Service Workers.

getsploit
getsploit

Command line utility for searching and downloading exploits.

BurpSentinel
BurpSentinel

GUI Burp Plugin to ease discovering of security holes in web applications.

Invoke-ACLPwn
Invoke-ACLPwn

Automates the discovery and pwnage of ACLs in Active Directory that are unsafe configure.

Atomic Red Team
Atomic Red Team

Small and highly portable detection tests based on MITRE's ATT&CK.

Bypass URL Parser
Bypass URL Parser

Tool that tests MANY url bypasses to reach a 40X protected page.

BurpJSLinkFinder
BurpJSLinkFinder

Burp Extension for a passive scanning JS files for endpoint links.

Hash Muncher
Hash Muncher

Grab NetNTLMv2 hashes using ETW with administrative rights on Windows.

AutoRepeater
AutoRepeater

Automated HTTP request repeating with Burp Suite.

ja3
ja3

Create SSL client fingerprints in an easy to produce and shareable way.

AWS Sensitive Permissions
AWS Sensitive Permissions

This script enumerates the permissions of all the AWS principals of an account.

CUPP
CUPP

Common User Passwords Profiler.

NoSQLMap
NoSQLMap

Automated NoSQL database enumeration and web application exploitation tool.

pingcastle
pingcastle

Get Active Directory security at 80% in 20% of the time.