Take it like a gift

Automation of tokens/api keys testing.

A tool to dump a git repository from a website.

Burp extension to detect alias traversal via NGINX misconfiguration at scale.

Helps to bypass antiviruses by providing an encryption wrapper and loader for your shellcode.

Finds publicly known security vulnerabilities in a website's frontend JavaScript libraries.

Standalone utility for service discovery on open ports!

A PowerShell toolkit for attacking SQL Server.

Enemies Of Symfony - debug mode Symfony looter.

All-in-one plugin for the detection and exploitation of Java deserialization vulnerabilities.

Zip password cracker.

Modular command-line tool to parse, create and manipulate JWT tokens.

Malicious traffic detection system.

Simple JWT token brute force cracker.

Enumerate usernames across many websites.

This extension will help you to detect GET/POST based XSS vulnerability in any website easily.