Take it like a gift

bundler-audit
bundler-audit

Patch-level verification for Bundler.

Eyeballer
Eyeballer

Convolutional neural network for analyzing pentest screenshots.

toxssin
toxssin

Open-source penetration testing tool that automates the process of exploiting XSS.

DSStoreView
DSStoreView

DS_Store file parser/viewer.

HasMySecretLeaked
HasMySecretLeaked

Search across 20 million exposed secrets in public GitHub repositories, gists, issues and comments.

bypasswaf
bypasswaf

Add headers to all Burp requests to bypass some WAF products.

CertCrunchy
CertCrunchy

Uses data from SSL Certificates to find potential host names.

Firefly
Firefly

Black box fuzzer for web applications.

FireShodanMap
FireShodanMap

Realtime map that integrates Firebase, Google Maps and Shodan.

Freeze-rs
Freeze-rs

Payload toolkit for bypassing EDRs using suspended processes, direct syscalls written.

harpoon
harpoon

CLI tool for open source and threat intelligence.

Censys Enumeration
Censys Enumeration

Extract subdomains/emails for a given domain using SSL/TLS certificate dataset on Censys.

Canvas
Canvas

Assessment tool that allows penetration testing and hostile attack simulations.

Tool WPXStrike
Tool WPXStrike

Escalate a Cross-Site Scripting vulnerability to Remote Code Execution in WordPress.

0d1n
0d1n

Tool for automating customized attacks against web applications.