Take it like a gift

Find CVEs that don't have a Detectify modules.

A quick way to generate various basic Meterpreter payloads via MSFvenom.

Android and Java bytecode viewer.

A proxy aware C2 framework used to aid with post-exploitation and lateral movement.

CMS Detection and Exploitation suite that supports over 180 other CMSs.

Helps to identify IoT related dashboards and scan them for default passwords.

Burp extension to decode NTLM SSP headers and extract domain/host information.

Vulnerability scanner based on vulners.com search API.

A tool used to check if a CNAME resolves to the scope address.

Divide full port scan results and use it for targeted Nmap runs.

Subdomains enumeration tool for penetration testers.

Enumerate s3 buckets for a specific target.

Probe endpoints consuming Java serialized objects for fingerprinting.

The Prime Cross Site Request Forgery Audit and Exploitation Toolkit.

Collects informations related to domains whois, history, dns records and more.