Tag

Unified exposure management platform for automated vulnerability scanning, attack surface monitoring, and cloud security posture management.

JWT Debugger is a web application to create, encode, decode, and debug JWT (JSON Web Tokens). It helps developers inspect claims and test token integrity.

John the Ripper jumbo is an advanced password cracker supporting hundreds of hash types and running on various platforms.

Kiterunner is a contextual content discovery tool for modern web applications and APIs, excelling in route/endpoint bruteforcing.

Modlishka is a MITM proxy to bypass 2FA, enabling transparent multi-domain TLS traffic over a single domain without client certificates.

Moxy is an open-source DAST tool with agentic AI for modern web application security testing and automated pentesting workflows.

Nikto is an open-source web server scanner that performs comprehensive tests against web servers for multiple vulnerabilities.

Nuclei is a fast, customizable vulnerability scanner using YAML templates to detect vulnerabilities in applications, networks, and cloud.

Community-curated templates for the Nuclei scanner to find security vulnerabilities in applications. Enhance your security testing.

A comprehensive guide to testing the security of web applications and web services, providing a framework of best practices.

OSINT.ly is a specialized intelligence engine that helps red teams discover subdomains, exposed assets, and digital footprints for advanced target recon.

Osmedeus is a workflow engine for offensive security, designed to build customizable reconnaissance systems for large-scale targets.