Take it like a gift

Aranea
Aranea

OSINT tool used for web crawling or examining JavaScript files for likely useful data.

Cr3dOv3r
Cr3dOv3r

Know the dangers of credential reuse attacks.

SynapsInt
SynapsInt

Consulting different intelligence services, search engines and datasets for OSINT.

h2cSmuggler
h2cSmuggler

HTTP Request Smuggling over HTTP/2 Cleartext.

dirhunt
dirhunt

Find web directories without bruteforce.

Betterscan
Betterscan

Code Scanning/SAST/static analysis/linting using many tools/scanners with one report.

ike-scan
ike-scan

Discover and fingerprint IKE hosts.

crtndtry
crtndtry

Yet another subdomain finder.

Apidor
Apidor

Tool for automating the search for IDOR vulnerabilities in web applications and APIs.

Damn Vulnerable RESTaurant
Damn Vulnerable RESTaurant

An intentionally vulnerable web API game for learning and training purposes.

Dismap
Dismap

Asset discovery and identification tool.

airgeddon
airgeddon

This is a multi-use bash script for Linux systems to audit wireless networks.

infer
infer

A static analyzer for Java, C, C++, and Objective-C.

autoSubTakeover
autoSubTakeover

A tool used to check if a CNAME resolves to the scope address.

DVCA
DVCA

Damn vulnerable cloud application.