260 tools and resources
Showcase your innovative cybersecurity solution to our dedicated audience of security professionals.
Reach out!
Automated blind-xss search for Burp Suite
A Python script that finds endpoints in JavaScript files to identify potential security vulnerabilities.
A Burp intruder extender for automating and validating XSS vulnerabilities
A tool that recovers passwords from pixelized screenshots
A command-line tool for identifying NoSQL injection vulnerabilities in MongoDB databases
A better version of my xssfinder tool that scans for different types of XSS on a list of URLs.
A tool to help exploit XXE vulnerabilities by sending a crafted XML file to the server and parsing it to extract the data.
Fuzzilli is a JavaScript engine fuzzer that helps identify vulnerabilities in JavaScript engines.
A tool for identifying sensitive secrets in public GitHub repositories
A tool that automates the process of testing for SQL injection vulnerabilities in Burp Suite bulk requests using SQLMap.
A deserialization payload generator for .NET formatters
Command line tool for testing CRLF injection on a list of domains.
Interactive .NET SQL console client with enhanced SQL Server discovery, access, and data exfiltration features
A wordlist to bruteforce for Local File Inclusion (LFI) vulnerabilities
A toolkit for detecting and tracking Blind XSS, XXE, and SSRF vulnerabilities
A simple Python script to test for a hypothetical JWT vulnerability
An open-source binary debugger for Windows with a comprehensive plugin system for malware analysis and reverse engineering.
A command line utility for searching and downloading exploits
VMCloak is a tool for creating and preparing Virtual Machines for Cuckoo Sandbox.
Interactive malware hunting service with live access to the heart of an incident.