Kiterunner is a contextual content discovery tool for modern web applications and APIs, excelling in route/endpoint bruteforcing.
Modlishka is a MITM proxy to bypass 2FA, enabling transparent multi-domain TLS traffic over a single domain without client certificates.
NetExec is a network service exploitation tool designed to automate security assessments of large networks.
Nikto is an open-source web server scanner that performs comprehensive tests against web servers for multiple vulnerabilities.
Nuclei is a fast, customizable vulnerability scanner using YAML templates to detect vulnerabilities in applications, networks, and cloud.
Community-curated templates for the Nuclei scanner to find security vulnerabilities in applications. Enhance your security testing.
A comprehensive guide to testing the security of web applications and web services, providing a framework of best practices.
Osintly is an OSINT (Open Source Intelligence) platform designed to empower your searches with precision and accuracy. Unlock the world’s information using our advanced OSINT tools and techniques.
Osmedeus is a workflow engine for offensive security, designed to build customizable reconnaissance systems for large-scale targets.
A comprehensive collection of payloads and bypasses for web application security testing and exploitation.
Postman: The leading API platform for building and using APIs. Streamline collaboration and simplify the API lifecycle.
Qualys SSL Labs provides a free online service to perform deep analysis of the configuration of any SSL web server on the public Internet.
