A vast collection of security tools for bug bounty, pentest and red teaming
UI-based tool with multiple techniques for attacking and enumerating Azure and AWS environment.
Find multiple types of hardcoded secrets & types of infrastructure-as-code misconfigurations.
Execute padding oracle attacks with support for concurrent network requests and an elegant UI.
Detects JWT algorithm and provides options to generate a new JWT based on another algorithm.
SSH PuTTY login bruteforcer
A wrapper script which uses PuTTY to perform SSH login bruteforce attacks.
Collection of multiple types of lists used during security assessments, collected in one place.
Default Credentials Cheat Sheet
One place for all the default credentials to assist on finding devices with default password.
Wordlist generator where you can specify a character set or any set of characters to be used.
Take screenshots of websites, provide server header info and identify default credentials.