A Chrome browser extension to show alerts for several hidden elements.
Find out what websites are Built With.
A lightweight web security auditing toolkit.
Extracts cookies from Chrome.
Read local Chrome cookies without root or decrypting.
Decrypt passwords/cookies/history/bookmarks from the browser.
Credentials recovery project.
This extension will help you to detect GET/POST based XSS vulnerability in any website easily.
An Internet Explorer post exploitation library.
View and modify HTTP requests before they are sent.
Allows you to intercept and edit HTTP/HTTPS requests and responses.
This Chrome extension will read literally everything it can.
Web debugging proxy for MacOS, Windows, and Linux.
A Firefox/Burp Suite extension that provide usefull tools for your security audit.
A shiny new copy of Chromium that will bring colors in your hunt.
An extension for checking if .git is exposed in visited websites.
A Chrome Extension to track postMessage usage (url, domain and stack).
A PostMessage fuzzing extension for Chrome.
Firefox plugin that lists Amazon S3 Buckets found in requests.
Chrome extension that finds DOM based XSS vulnerabilities.
Assists with finding all sinks and sources of a webapp and display the results in a nice way.
A Chrome extension for fast and easy XSS fuzzing.
Identify technologies on websites.
The Browser Exploitation Framework is a penetration testing tool that focuses on the web browser.
Online XSS tool with demonstration of vulnerability.