Take it like a gift

DTD Finder
DTD Finder

List DTDs and generate XXE payloads using those local DTDs.

RsaCtfTool
RsaCtfTool

RSA multi-attacks tool: uncypher data from a weak public key and try to recover a private key.

Agartha
Agartha

Burp Suite extension for dynamic payload generation to detect injection flaws.

Ciphey
Ciphey

Automates decryptions & decodings with encodings, classical ciphers, hashes, or more.

JNDI-Injection-Exploit
JNDI-Injection-Exploit

Generates JNDI links can start several servers to exploit JNDI Injection vulnerabilities.

Runtime Mobile Security
Runtime Mobile Security

A powerful web interface that helps you to manipulate Android and iOS Apps at Runtime.

dufflebag
dufflebag

Search exposed EBS volumes for secrets.

plution
plution

Prototype pollution scanner using headless chrome.

ScanCannon
ScanCannon

Combines the speed of masscan with the reliability and detailed enumeration of nmap.

Built With
Built With

Find out what websites are Built With.

Kwetza
Kwetza

Infect an existing Android application with a Meterpreter payload.

big-list-of-naughty-strings
big-list-of-naughty-strings

A list of strings which have a high probability of causing issues when used as user-input data.

pyfiscan
pyfiscan

Free web-application vulnerability and version scanner.

Invoke-ACLPwn
Invoke-ACLPwn

Automates the discovery and pwnage of ACLs in Active Directory that are unsafe configure.

SayHello
SayHello

Improved version of SayCheese, designed to capture images via social engineering.