Find, verify, and analyze leaked credentials

Find secrets with Gitleaks 🔑

Fast web fuzzer written in Go

🪄 Interactive Diagrams for Code

Presentation Slides for Developers

Debug Adapter Protocol client implementation for Neovim

Pocket Flow: Codebase to Tutorial

Extract JavaScript source trees from Sourcemap files

Most advanced XSS scanner.

📝 A text file containing 479k English words for all your dictionary/word-based projects e.g: auto-completion / autosuggestion

Typed interactions with the GitHub API v3

Find And Replace plugin for neovim

Performant, batteries-included completion plugin for Neovim

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

Take a list of domains and probe for working HTTP and HTTPS servers

Fetch all the URLs that the Wayback Machine knows about for a domain

🍿 A collection of QoL plugins for Neovim

A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)

Generates permutations, alterations and mutations of subdomains and then resolves them

Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable SSRF candidates.

An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability

Quickstart configs for Nvim LSP

Content-Type Research

A cheatsheet for exploiting server-side SVG processors.

A list of interesting payloads, tips and tricks for bug bounty hunters.

Chat with GitHub Copilot in Neovim

A ready to use JSONP endpoints/payloads to help bypass content security policy (CSP) of different websites.

Investigates optimizing 'wc', the Unix word count program

IPFuscator - A tool to automatically generate alternative IP representations

A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests