domainim Domainim is a Blazing fast domain reconnaissance tool for bounty hunters written in Nim. Features Virtual...
WebApp PenTest
JS-Tap JS-Tap is a generic JavaScript payload and supporting software to help red teamers attack webapps. The...
PeCoReT PeCoReT (Pentest Collaboration and Reporting Tool) is an open-source application to manage your pentest projects. PeCoReT...
LEAKEY LEAKEY is a tool for validation of leaked API tokens/keys found during pentesting and Red Team...
Porch Pirate Porch Pirate started as a tool to quickly uncover Postman secrets, and has slowly begun...
vhostawesome A tool designed to efficiently check for virtual hosts across multiple IP addresses. FunWithVhosts automates the...
MCPTool – Pentesting tool for Minecraft Features See information of a server. View player information. Get information...
GAP This is an evolution of the original getAllParams extension for Burp. Not only does it find...
XnlReveal This is a Chrome Extension that can do the following: Show an alert for any query parameters that...
SBSCAN SBSCAN is a penetration testing tool specifically designed for the Spring framework, capable of scanning specified...
xeol A scanner for end-of-life (EOL) packages in container images, filesystems, and SBOMs What is EOL software?...
FlowMate Have you ever wondered how to consider all input-to-output correlations of a web application during a...
Subdominator Meet Subdominator, your new favorite CLI tool for detecting subdomain takeovers. It’s designed to be fast, accurate,...
Bypass Fuzzer Fuzz 401/403ing endpoints for bypasses This tool performs various checks via headers, path normalization, verbs,...
kanha Kanha is a tool that can help you perform, a variety of attacks based on the...