Tool of the day

SSLyze is a fast and powerful SSL/TLS scanning library.It allows you to analyze the SSL/TLS configuration of a server by connecting to it.

Runtime Mobile Security (RMS), powered by FRIDA, is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime.

Simple script to test if a page is vulnerable to clickjacking.

Lynis is a security auditing tool for systems based on UNIX like Linux, macOS, BSD, and others.

xsssniper is an handy xss discovery tool with mass scanning functionalities. 

GoSpider is a Fast web spider written in Go. It has lot of features to find the subdomains, JS files, AWS details, etc. 

Parth is a Heuristic Vulnerable Parameter Scanner. Some HTTP parameter names are commonly associated with one functionality.

Domain name permutation engine for detecting homograph phishing attacks

Network Spoofing is a simple website hacking tool which can scan a website and can also perform attack using this tool.

peepdf is a Python tool to explore PDF files in order to find out if the file can be harmful or not

Scilla is a information gathering tool (DNS/Subdomain/Port Enumeration).

Raccoon is a tool made for reconnaissance and information gathering with an emphasis on simplicity

Skull Generate a bunch of malicious pdf files with phone-home functionality.

Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect

GraphQL is a query language for APIs and a runtime for fulfilling those queries

A toolkit for testing, tweaking and cracking

It performs XSS, SQL Injection, Crawling, Hash Type finding

CMS Detection and Exploitation suite - Scan WordPress, Joomla

ParamSpider a parameter discovery suite. It finds parameters from web archives of the entered domain

File Inclusion & Directory Traversal fuzzing

Vulmap Online Local Vulnerability Scanners Project