Production-grade Web Application Firewall testing tool. Detects Cloudflare, AWS WAF, Akamai & more. Identifies bypass vectors via URL normalization. Perfect for bug bounty & pentesting.

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

A security system to protect your vibecoded apps

Load a Telegram channel containing coordinates of geolocations and filter into a csv for loading into Google Earth.

bring shodan facets into your terminal with Shodan api key.

CVE-2025-49844 (RediShell)

Security analysis toolkit for proprietary car protocols

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

CLI tool that fetches resolved & disclosed HackerOne reports by vulnerability and exports them to CSV.

Autoswagger by Intruder - detect API auth weaknesses

Hide secrets with invisible characters in plain text securely using passwords 🧙🏻‍♂️⭐

Searches through git repositories for high entropy strings and secrets, digging deep into commit history

Frontpage and Sharepoint fingerprinting and attack tool.

An advanced web directory & file scanning tool that will be more powerful than DirBuster, Dirsearch, cansina, and Yu Jian.一个高级web目录、文件扫描工具，功能将会强于DirBuster、Dirsearch、cansina、御剑。

[NEW] : Mega Bot ☣ Scanner & Auto Exploiter

XSS-Freak is an xss scanner fully written in python3 from scratch. it is one of its kind since it crawls the website for all possible links and directories to expand its attack scope. then it searc…

Find leaked secrets via github search

Web path scanner