A secure PDF management tool that scans, sanitizes, and protects your documents. Upload your PDFs, and PDFVault ensures they’re virus-free, free of hidden scripts or attachments, stripped of sensit…

Repeats selected HTTP requests multiple times, automatically extracting updated cookie values (default _shopping_session) and injecting them into subsequent requests.

RSSBot Elite delivers real-time RSS and YouTube feed notifications across multiple Discord channels, each with custom categories and smart webhook routing.

BurpJSLinkFinder-Enhanced is a Burp Suite extension (Jython 2.7) that extracts endpoints from JavaScript files, performs optional HEAD probing, and provides an interactive UI with live search, filt…

Convert Burp requests into ready-to-run ffuf commands.

A small Burp Suite extension (Jython 2.7) that tests a target URL with multiple HTTP methods and shows results in a table

A small Flask web app for writing vulnerability reports with a live Markdown editor and preview. It ships with two built-in presentation styles a spooky Halloween theme and a clean HackerOne-style …

This tool is designed to automate the discovery of subdomains for a given domain

BurpyCollector is a Jython Burp Suite extension that automatically collects and deduplicates unique HTTP endpoints from Proxy traffic. It respects Burp’s Target scope (or a custom host list), norma…

A Swagger/OpenAPI enumerator and lightweight endpoint probing tool. Automatically parses Swagger/OpenAPI specifications, lists all API endpoints, applies optional filters (HTTP methods, limits)

Lightweight Jython Burp extension that spins up a self-contained Swing UI inside Extender to test path & header payloads against 403 responses, no Burp Pro active scanner required. Fast to drop in,…

IDOR Hunter is a Burp Suite extension designed to automate the detection of Insecure Direct Object Reference (IDOR) vulnerabilities by replaying captured requests with different authentication cont…

GeminiTerminal: A command-line interface (CLI) tool for seamless interaction with Google’s Gemini AI. Easily chat, troubleshoot, and receive helpful responses directly from your terminal. Powered b…

A one-click JavaScript beautifier and syntax highlighter right in your browser. Built as a bookmarklet for hackers, devs, and code auditors who need instant clarity.

This Python script automates web application fuzzing using ffuf, with Gemini AI-powered file extension suggestions. It detects technologies on the target website with httpx, uses Gemini's AI to sug…

This tool is a command-line based network reconnaissance tool with various functionalities useful for information gathering and vulnerability assessment in the context of cybersecurity.

PowerShell tool for interactive Windows Event Log analysis. Extracts, highlights, and flags suspicious activity from .evtx files with export support. Built for threat hunters, SOC analysts, and DFI…

BaseAuthBreaker is a Python tool that brute forces Basic Authentication using raw HTTP requests. It supports proxies like Burp Suite and provides clear, colorful terminal output for easy debugging.

Some of these templates come from https://cloud.projectdiscovery.io/, and some are my own.

This tool is designed to monitor the targets of your bug bounty programs, For example, it will alert you if new domains appear. It does this by running scans on the domains you specify, comparing t…

FTPHunter is a powerful and efficient tool designed for FTP server enumeration and vulnerability assessment. It allows security professionals and penetration testers to quickly discover key informa…

This script is designed to bypass PHP-based whitelisting mechanisms.

These tools are used for penetration testing.

This Python script provides a command-line interface for creating reverse SSH tunnels. It utilizes the Paramiko library to establish secure connections and forward remote ports back to your local m…

A simple SSH server for Windows, with integrated Windows Firewall management.

Myownshell is a web-based terminal emulator with a sleek. It allows users to execute commands directly from their browser, complete with a Discord webhook-based authentication system for secure acc…

This Python script extracts words from a webpage, analyzes their frequency, generates password mutations, and supports web crawling with customizable depth.