Google Maps Scraper can extract business names and phone numbers from any business type and location.

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous …

apk.sh makes reverse engineering Android apps easier, automating some repetitive tasks like pulling, decoding, rebuilding and patching an APK.

Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist

Find broken links, missing images, etc within your HTML.

💥 A curated list of Terminal frameworks, plugins & resources for CLI lovers.

A tool for adding new lines to files, skipping duplicates

Unleash the power of cloud

Detector for Log4Shell exploitation attempts

A script that checks for vulnerable Log4j (CVE-2021-44228) systems using injection of the payload in common HTTP headers.

Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URLs with multithreading

Simple local scanner for vulnerable log4j instances

Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3

YesWeHack Api Extension for Burp

Generates target specific word lists for Fuzzing with fuff

Automation for javascript recon in bug bounty.

HTTP parameter discovery suite.

Tool for catching and logging different types of requests.

A handy DNS service written in Go to aid in the detection of several types of blind vulnerabilities. It monitors a pentester's server for out-of-band DNS interactions and sends lookup notifications…

The Serverless Blind XSS App

Docker image that provides features similar to Burp Collaborator

A fast, simple, recursive content discovery tool written in Rust.

Unpack a JavaScript Source Map back into filesystem structure

An HTTP toolkit for security research.

this contain the burp pack

DNS rebinding toolkit

PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.

Extract endpoints from APK files

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!