Burpsuite plugin for Interact.sh

The fastest and complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, subdomain monitoring, alerts via Discord, Slack and Telegram, …

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static a…

Find, verify, and analyze leaked credentials

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

Burp plugin able to find reflected XSS on page in real-time while browsing on site

Quick SQLMap Tamper Suggester

Signatures for jaeles scanner by @j3ssie

Fetch & Filter Known URLs

A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.

Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.

🍪 CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.

🐙 Cross-document messaging security research tool powered by https://enso.security

List of Google Dorks for sites that have responsible disclosure program / bug bounty program

declutters url lists for crawling/pentesting

Community curated list of templates for the nuclei engine to find security vulnerabilities.

Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Monitor subdomains with certstream

A cross-platform python based utility to download courses from udemy for personal offline use.

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

Ninjref is a fast & light tool for finding urls with reflected parameters from wayback & CommonCrawl it's use threads in threads to optimize it's speed and use Wayback resumption key to divide scan…

Collection of methodology and test case for various web vulnerabilities.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep

A wrapper around grep, to help you grep for things

XRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing. This tool was built to test (XSS|SSRF|CORS|SSTI|IDOR|RCE|LFI|SQLI) vulnerabilities