Take it like a gift

extract-endpoints
extract-endpoints

Extract endpoints from source files.

Sudomy
Sudomy

Collects subdomains and analyzes domains performing automated reconnaissance.

hakrevdns
hakrevdns

Small, fast tool for performing reverse DNS lookups en masse.

Osintgram
Osintgram

An interactive shell to perform analysis on Instagram account of any users by its nickname.

Kwetza
Kwetza

Infect an existing Android application with a Meterpreter payload.

J2EEScan
J2EEScan

Improve the test coverage during web application penetration tests on J2EE applications.

mitmproxy
mitmproxy

An interactive TLS-capable intercepting HTTP proxy.

jsluice
jsluice

Extract URLs, paths, secrets, and other interesting bits from JavaScript.

haktldextract
haktldextract

Extract domains/subdomains from URLs en masse.

0d1n
0d1n

Tool for automating customized attacks against web applications.

certs.io
certs.io

Search the entire internet by data in TLS certificates.

enum4linux-ng
enum4linux-ng

A Windows/Samba enumeration tool with additional features like JSON/YAML export.

metasploitable
metasploitable

VM that is built from the ground up with a large amount of security vulnerabilities.

Zed Attack Proxy
Zed Attack Proxy

The world's most widely used web app scanner.

Apidor
Apidor

Tool for automating the search for IDOR vulnerabilities in web applications and APIs.