3. TarnishA Chrome extension static analysis tool to help aide in security reviews.
5. RageA hacked together PHP shell designed to be stealthy and portable
6. XsshunterThe XSS Hunter service - a portable version of XSSHunter.com
7. PersA passive scanning tool for finding expired domain vulnerabilities while you browse.
8. Signal BotA Signal bot that utilizes the Chrome DevTools protocol to hook the Signal Electron Desktop app for automation.
9. Lambda IntruderAn example of high-QPS requesting Burp Intruder style on AWS Lambda via self-invocation.
10. CursedchromeChrome-extension implant that turns victim Chrome browsers into fully-functional HTTP proxies, allowing you to browse sites as your victims.
11. Sonar.jsA framework for identifying and launching exploits against internal network hosts. Works via WebRTC IP enumeration combined with WebSockets and external resource fingerprinting.
12. TldrTLDR (TLD Records) is a continually updated DNS archive of zone transfer attempts again all existing TLD nameservers as well as the root servers.
16. XsslessAn automated XSS payload generator written in python.
17. Metafid-BaseThe base classes that are used by Metafid (a private piece of software that generates web bot code from Fiddler archives)
18. droidbruteA statistically optimized USB rubber ducky payload to brute force 4-digit Android PINs.
21. xsshunter-expressAn easy-to-setup version of XSS Hunter. Sets up in five minutes and requires no maintenance!