A vast collection of security tools for bug bounty, pentest and red teaming
#vulnerabilities

Nuclei templates
Community curated list of templates for the Nuclei engine to find security vulnerabilities.






WebInspect
An automated dynamic testing solution that provides comprehensive vulnerability detection.



RedTeam_toolkit
Open source Django offensive webapp which is keeping the best tools used in the redteaming.



Pentest Mapper
Burp Suite extension for application pentest to write test cases and map flows and vulnerabilities.





Qualys Cloud Platform
The revolutionary architecture that powers Qualys' IT, security, and compliance cloud apps.

















DependencyCheck
Utility that detects publicly disclosed vulnerabilities in application dependencies.


BurpSuiteHTTPSmuggler
A Burp Suite extension to bypass WAFs or test their effectiveness using a number of techniques.































xssValidator
A Burp Intruder extender designed for automation and validation of XSS vulnerabilities.



XSSer
Automatic framework to detect, exploit and report XSS vulnerabilities in web-based applications.






Ground control
A collection of scripts mainly for debugging SSRF, blind XSS, and XXE vulnerabilities.










Extended SSRF search
Smart SSRF scanner using different methods like parameter brute forcing in POST and GET.
























BeEF
The Browser Exploitation Framework is a penetration testing tool that focuses on the web browser.







reconFTW
Runs the best set of tools to perform scanning and finding out vulnerabilities on a target domain.













