Take it like a gift

owasp MASTG
owasp MASTG

Comprehensive manual for mobile application security testing and reverse engineering.

linx
linx

Reveals invisible links within JavaScript files.

dsieve
dsieve

Filter and enrich a list of subdomains by level.

autochrome
autochrome

A shiny new copy of Chromium that will bring colors in your hunt.

certs.io
certs.io

Search the entire internet by data in TLS certificates.

clair
clair

Vulnerability static analysis for containers.

Bypass-403
Bypass-403

A simple script just made for self use for bypassing 403.

clairvoyance
clairvoyance

Obtain GraphQL API Schema even if the introspection is not enabled.

Certificate Search
Certificate Search

Get informations about SSL certificates.

cero
cero

Scrape domain names from SSL certificates of arbitrary hosts.

github-subdomains
github-subdomains

Find subdomains on GitHub.

FridaAndroidTracer
FridaAndroidTracer

Android application tracer powered by Frida.

flan
flan

A pretty sweet vulnerability scanner.

BurpJSLinkFinder
BurpJSLinkFinder

Burp Extension for a passive scanning JS files for endpoint links.

cloudsploit
cloudsploit

Cloud Security Posture Management (CSPM).