Here’s a detailed cheat sheet on John the Ripper that you can use

Official Black Hat Arsenal Security Tools Repository

A simple script just made for self use for bypassing 403

MetaInjector is a tool designed to test security by injecting malicious payloads (such as XSS, SQL Injection, remote code execution, etc.) into image metadata. The tool supports image formats such…

Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, Th…

A fast tool to scan CRLF vulnerability written in Go

a list of disposable and temporary email address domains

Fetch all the URLs that the Wayback Machine knows about for a domain

Most advanced XSS scanner.

Firefox privacy, security and anti-tracking: a comprehensive user.js template for configuration and hardening

Subdomain takeover vulnerability checker

An easy-to-setup version of XSS Hunter. Sets up in five minutes and requires no maintenance!

MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs

Android application to brute force WiFi passwords without requiring a rooted device.

A web server, written in plain English.

Detect and bypass web application firewalls and protection systems

A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests

httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.

reverse engineered and improved BSQLi script from Coffinxp

Community curated list of search queries for various products across multiple search engines.

Uncover the true IP address of websites safeguarded by Cloudflare & Others

Fast passive subdomain enumeration tool.

AI Chatbots in terminal without needing API keys

Community curated list of nuclei templates for finding "unknown" security vulnerabilities.

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …

NucleiFuzzer is a robust automation tool designed for efficiently detecting web application vulnerabilities, including XSS, SQLi, SSRF, and Open Redirects, leveraging advanced scanning and URL enum…

A next-generation crawling and spidering framework.

Store files and directory in an archive. Like tar, but faster and with direct random access.

🙌 OpenHands: Code Less, Make More