Tool of the day

Auto Scanning SSL Vulnerability which does auto Scanning to SSL Vulnerability. (HeartBleed, CCS Injection, SSLv3 POODLE, FREAK...etc).

Uniscan is a simple Remote File Include, Local File Include and Remote Command Execution vulnerability scanner.

FridaLoader is an Android app to setup frida and launch in quick way.

MassBleed is a SSL Vulnerability Scanner that checks for TLS/SSL related vulnerabilities like Drown, POODLE, Heart Bleed, Winshock.

karen is tools for web application vulnerability scanner build in python3

A bash script to bypass "403 Forbidden" responses with well-known methods discussed in #bugbountytips

Web Application Vulnerability Scanners are automated tools that scan web applications.

WhatWaf is an advanced firewall detection tool which works by detecting a firewall on a web application.

Frida IPA/iOS dump is an instrument whose primary point is to download IPA files from an jailbroken device

SUDO_KILLER is a tool that can be used for privilege escalation on linux environment by abusing SUDO in several ways

A pentesting tool designed to assist with finding all sinks and sources of a web application

ParamSpider a parameter discovery suite. It finds parameters from web archives of the entered domain

Network Spoofing is a simple website hacking tool which can scan a website and can also perform attack using this tool.

peepdf is a Python tool to explore PDF files in order to find out if the file can be harmful or not

Scilla is a information gathering tool (DNS/Subdomain/Port Enumeration).

Raccoon is a tool made for reconnaissance and information gathering with an emphasis on simplicity

Skull Generate a bunch of malicious pdf files with phone-home functionality.

Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect

Domain name permutation engine for detecting homograph phishing attacks

Vulmap Online Local Vulnerability Scanners Project

File Inclusion & Directory Traversal fuzzing