Dalfox
XSS scanner and utility focused on automation.
OWASP Noir
Attack surface detector via static analysis.
Security Tools
Dalfox
XSS scanner and utility · Go · 4.8k+ ★
OWASP Noir
Attack surface detector via static analysis · Crystal · 1.1k+ ★
JWT-HACK
JWT analysis and attack toolkit · Rust · 970+ ★
Authz0
Automated authorization testing · Go · 420+ ★
Urx
URL collector from OSINT archives · Rust · 170+ ★
Deadfinder
Dead link finder · Crystal · 170+ ★
SmuggleX
HTTP request smuggling scanner · Rust · 115+ ★
Mzap
Multiple target ZAP scanning · Crystal · 100+ ★
Hack-pet
Command snippets for hackers · Go · 100+ ★
S3reverse
S3 bucket format converter · Go · 85+ ★
Gee
Pipe stdin to files and stdout · Go · 85+ ★
WS-Smuggler
WebSocket connection smuggling · Go · 45+ ★
XSSMaze
XSS vulnerability test service · Crystal · 30+ ★
MCP-Hack
MCP (Model Context Protocol) hack toolkit · Rust
Archived
XSpear
XSS scanning and parameter analysis · Ruby · 1.3k+ ★
A2SV
Auto scanning to SSL vulnerability · Python · 630+ ★
Collections & Resources
WebHackersWeapons
Curated tools for web hackers · 4.5k+ ★
DevSecOps
DevSecOps roadmap and resources · 2.1k+ ★
MobileHackersWeapons
Tools for mobile security testing · 1k+ ★
Mad-Metasploit
Custom Metasploit modules and plugins · 400+ ★
RegexPassive
Regexp patterns for passive scanning · 115+ ★
XSS-Payload-without-Anything
XSS payload research and bypass techniques · 100+ ★
Caido Plugins
OmniOAST
Unified OAST provider management
Hex
Hex viewer and editor
Midnight in Seoul
Midnight blue theme for Caido
Crystal Ecosystem
Hwaro
Lightweight static site generator
CycloneDX-cr
CycloneDX SBOM generator for Crystal
Eoyc
Data processing utility chain
fm.cr
Crystal bindings for Apple FoundationModels.framework
acp.cr
Crystal implementation of Agent Client Protocol (ACP)
caido.cr
Caido SDK implementation for Crystal
sarif.cr
SARIF format implementation for Crystal
purl.cr
Package URL (purl) implementation for Crystal
spdx.cr
SPDX license list implementation for Crystal
zap.cr
ZAP API client for Crystal