Take it like a gift

dnsX
sponsor
dnsX

Fast and multi-purpose DNS toolkit designed for running DNS queries.

LaZagne
LaZagne

Credentials recovery project.

JSgen
JSgen

Generate javascript code to be injected in case you find a Server Side Javascript Injection.

Kadimus
Kadimus

Check for and exploit LFI vulnerabilities with a focus on PHP systems.

BFAC
BFAC

Check for backup artifacts that may disclose the web-application's source code.

Kerbeus-BOF
Kerbeus-BOF

Beacon Object Files for Kerberos abuse.

json-web-tokens
json-web-tokens

JSON Web Tokens Support for Burp Suite.

Velociraptor
Velociraptor

Endpoint visibility and collection tool.

RacePWN
RacePWN

Race Condition framework.

PyCript
PyCript

Bypass client-side encryption using custom logic for testing with Python and NodeJS.

RecurseBuster
RecurseBuster

Rapid content discovery tool for recursively querying webservers.

qsreplace
qsreplace

Accept URLs on stdin, replace all query string values with a user-supplied value.

Requests-Racer
Requests-Racer

Exploit race conditions in web apps with Requests.

ScreenShooter
ScreenShooter

Convert your masscan/subdomain-scan results into screenshots for better analysis.

ScanCannon
ScanCannon

Combines the speed of masscan with the reliability and detailed enumeration of nmap.