Take it like a gift

SSRFire
SSRFire

An automated SSRF finder. Just give the domain name and your server and chill!

cheat.sh
cheat.sh

The only cheat sheet you need.

HTTP-revshell
HTTP-revshell

Powershell reverse shell using HTTP/S protocol with AMSI bypass and Proxy Aware.

Freeze-rs
Freeze-rs

Payload toolkit for bypassing EDRs using suspended processes, direct syscalls written.

GatherContacts
GatherContacts

Burp Suite extension to pull employee names from Google and Bing LinkedIn search results.

cero
cero

Scrape domain names from SSL certificates of arbitrary hosts.

bountyplz
bountyplz

Automated security reporting from markdown templates.

FuzzDB
FuzzDB

Attack patterns and primitives for black-box application fault injection and resource discovery.

ghidra
ghidra

Software reverse engineering (SRE) framework.

CDN Proxy
CDN Proxy

Create a copy of a targeted website with CDN and WAF restrictions disabled.

bXSS
bXSS

bXSS is a utility which can be used identify Blind Cross-Site Scripting.

Burp NTLM Challenge Decoder
Burp NTLM Challenge Decoder

Burp extension to decode NTLM SSP headers and extract domain/host information.

BucketLoot
BucketLoot

An automated S3-compatible bucket inspector.

Fuzzilli
Fuzzilli

A JavaScript Engine Fuzzer.

Fiddler Everywhere
Fiddler Everywhere

Web debugging proxy for MacOS, Windows, and Linux.