51. RedsnarfRedSnarf is a pen-testing / red-teaming tool for Windows environments
52. SobelowSecurity-focused static analysis for the Phoenix Framework
54. ConmachiContainer Blackbox Security Auditing Tool: enumerates security configuration from within the target container
59. ScenesterA tool to visually snapshot a website by supplying multiple user-agent. Designed to aid in discovery of different entry points into an application.
61. HouseA runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.
62. FeatherdusterAn automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction
66. BurpsuitehttpsmugglerA Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques
68. FreddyAutomatically identify deserialisation issues in Java and .NET applications by using active and passive scans
69. PmapperA tool for quickly evaluating IAM permissions in AWS.
70. AbpttsTCP tunneling over HTTP/HTTPS for web application servers
72. DirbleFast directory scanning and scraping tool
73. TracyA tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.
74. SocksoverrdpSocks5/4/4a Proxy support for Remote Desktop Protocol / Terminal Services / Citrix / XenApp / XenDesktop
75. PhantapPhantom Tap (PhanTap) - an ‘invisible’ network tap aimed at red teams
76. NccfsasInformation released publicly by NCC Group's Full Spectrum Attack Simulation (FSAS) team.
77. Fuzzowski the Network Protocol Fuzzer that we will want to use.
79. Cyber DefenceInformation released publicly by NCC Group's Cyber Incident Response Team
81. VcgVisualCodeGrepper - Code security scanning tool.
82. WssipApplication for capturing, modifying and sending custom WebSocket data from client to server and vice versa.
83. AzucarSecurity auditing tool for Azure environments
85. AutopwnSpecify targets and run sets of tools against them
86. AutochromeThis tool downloads, installs, and configures a shiny new copy of Chromium.
88. ShockerA tool to find and exploit servers vulnerable to Shellshock
90. DriverbuddyDriverBuddy is an IDA Python script to assist with the reverse engineering of Windows kernel drivers.
91. SadcloudA tool for standing up (and tearing down!) purposefully insecure cloud infrastructure
92. ExtractorExtension adds a new tab in Burp Suite called Extractor
95. cmakererGenerates CMakeLists.txt files from arbitrary C/C++ codebases
96. depthchargeA U-Boot hacking toolkit for security researchers and tinkerers
97. exploit mitigationsKnowledge base of exploit mitigations available across numerous operating systems, architectures and applications and versions.
98. requests-racerSmall Python library that makes it easy to exploit race conditions in web apps with Requests.
99. BLEBoyBLEBoy is a training tool to teach users about BLE security by providing a single BLE peripheral that can be used to experiment with each BLE pairing method and demonstrates GATT security concepts.