🛡️ Open-source and next-generation Web Application Firewall (WAF)

DDos Ripper a Distributable Denied-of-Service (DDOS) attack server that cuts off targets or surrounding infrastructure in a flood of Internet traffic

A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.

🕷️ A `.git` folder exploiting tool that is able to restore the entire Git repository, including stash, common branches and common tags.

Making Favicon.ico based Recon Great again !

🎯 Fast CORS misconfiguration vulnerabilities scanner

Lightweight modern Python library to add security headers (CSP, HSTS, etc.) to Django, Flask, FastAPI, and more. Secure defaults or fully customizable.

Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other.

Raven-Storm is a powerful DDoS toolkit for penetration tests, including attacks for several protocols written in python. Takedown many connections using several exotic and classic protocols.

A Python Hacking Library consisting of network scanner, arp spoofer and detector, dns spoofer, code injector, packet sniffer, network jammer, email sender, downloader, wireless password harvester credential harvester, keylogger, download&execute, ransomware, data harvestors, etc.

java source code static code analysis and danger function identify prog

Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).

Security Testing Scripts for JWT

Roadmap for Web Application Penetration Testing | FREE Resources (Not Pirated)

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

🔨 A multiple reverse shell session/client manager via terminal

Python library and CLI for the Bug Bounty Recon API

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

Human and machine readable web vulnerability testing format

A guided mutation-based fuzzer for ML-based Web Application Firewalls