The Cloud Native Application Proxy

A tool for exploring each layer in a docker image

The lazier way to manage everything docker

A node.js version management utility for Windows. Ironically written in Go.

The most customisable and low-latency cross platform/shell prompt renderer

⬆️ ☠️ 🔥 Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

Cameradar hacks its way into RTSP videosurveillance cameras

🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.

Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.

Fetch all the URLs that the Wayback Machine knows about for a domain

A collection of hacks and one-off scripts

a recon tool that allows searching on URLs that are exposed via shortener services

OSINT tools and more but without API key

A wordlist framework to fullfill your kinks with your wordlists. For security researchers, bug bounty and hackers.

Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!

Accept URLs on stdin, replace all query string values with a user-supplied value

Find subdomains on GitHub.

Golang client for querying SecurityTrails API data

A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.

gup - Update binaries installed by "go install" with goroutines.

The Fairly Fast Fetcher. Requests a bunch of URLs provided on stdin fairly quickly.

secretz, minimizing the large attack surface of Travis CI

Return domains in CSP headers in http response

Extract most frequent words in a list of subdomains