Take it like a gift

Crlfi
Crlfi

CRLF bug scanner for WebPentesters and Bugbounty Hunters.

zsteg
zsteg

Detect stegano-hidden data in PNG & BMP.

DefaultPassword
DefaultPassword

Default passwords database sorted by manufacturers.

PyExfil
PyExfil

Set as many exfiltration, techniques that CAN be used to bypass various.

keyhacks.sh
keyhacks.sh

Automation of tokens/api keys testing.

CloudScraper
CloudScraper

Tool to enumerate targets in search of cloud resources.

Scapy
Scapy

Powerful and interactive packet manipulation program and library.

S3 Objects Check
S3 Objects Check

Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.

OFFAT
OFFAT

Autonomously assesses your API for prevalent vulnerabilities.

BFAC
BFAC

Check for backup artifacts that may disclose the web-application's source code.

Arachni
Arachni

Web Application Security Scanner Framework.

CorsMe
CorsMe

CORS misconfiguration scanner tool with speed and precision in mind!

phpsploit
phpsploit

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor.

OrbitalDump
OrbitalDump

A simple multi-threaded distributed SSH brute-forcing tool.

Aranea
Aranea

OSINT tool used for web crawling or examining JavaScript files for likely useful data.