Updated, thanks @Nahamsec. Sorry for the delay in getting that added 
This is pretty useful (sqlmap is awesome and this plugin saves time imo):
I have a plethora of tools i can link and talk about, maybe a tools subforum would be appropriate instead of s thread?
1 Like
Yeah, that may be something that we do eventually as the forum grows and this thread grows along with it. In these early stages of the forumās launch Iād like to keep things relatively consolidated and then spread out as the need arises.
For now, please feel free to start new threads discussing particular tools and sets of tools. You can use the āSecurity Researchā category for those threads. Then from those threads we can start consolidating lists and pull them into this master thread 
I highly recommend people use the latest scans.io data to find additional hosts that may be in scope for those *.target.com targets!
4 Likes
This + grep is your friend.
1 Like
Iāll toss in R & (when your data gets HUGE) Spark as some āout of the boxā thinking when it comes to ātoolsā. Donāt get me wrong, I 
a great deal of the infosec-specific ones listed, but we also need more statistical analysis & better visuals coming out of our space. There are many, many packages in R that can help in the infosec domain. We post alot on dds.ec and talk abt them quite a bit on the twitterz.
Also, donāt forget PhantomJS (unless I missed seeing it in the lists above) [canāt post a third link, too n00b here].
1 Like
Great, thanks @hrbrmstr! I just added those to the list. I also bumped up your user privs
As demonstrated at Shmoocon this year, httpscreenshot is a fantastic tool to quickly and visually identify targets.
1 Like
Great add! httpscreenshot is awesome 
Thanks @jstnkndy
1 Like
99% built by @breenmachine, just sayinā
1 Like
Hi All,
I am not an expert for web app security but trying to improve my skills on web security. These days i am focusing on burpsuite.I am a beginner for burpsuite and i know its a very good tool but requires lot of tuning.It will be highly appreciable if someone can guide me for burpsuite. plz reach me at fuzzsqlb0f@gmail.com
Thanks
At the office this morning we had a micro-ctf, two challenges required de-obsfucating javascript. Many used http://jsbeautifier.org/ and https://hackvertor.co.uk/public =)
3 Likes
iOS App Security Assessment Tool : idb
http://www.idbtool.com/
Comprehensive security and attack framework for Android : drozer
https://labs.mwrinfosecurity.com/tools/drozer/
3 Likes
hello everyone
I have a question ā¦
what configuration do you have on Brup ? something to enable/disable or default setting ?
what it is the best config of Brup so go smoothly?
and what kind version do u use !!
I use 1.6.0387 pro version and it seems to go slow ā¦and crash and now i use something like 1.6.027
thank you
Itās great and awesome knowledgeable contentā¦
Thanks for all that amazing tools! and special thanks to the bug crowd team
Hereā¦ My open redirect scannerā¦ works like a charmā¦
https://github.com/ak1t4/open-redirect-scanner
regards!
1 Like
You should add pen test box. (http://pentestbox.org)
Thank u for the post. Itāll be useful for newbies like me.