Skipfish : Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursi...
boomerang : boomerang is a piece of javascript that you add to your web pages, where it measures the performance of your website from your end user's point of vie...
Gitleaks : Gitleaks is an open-source SAST (static application security testing) command line tool for detecting and preventing hardcoded secrets like passwords,...
mitmproxy : mitmproxy is your swiss-army knife for debugging, testing, privacy measurements, and penetration testing. It can be used to intercept, inspect, modify...
DOMAssistant : The modular lightweight JavaScript library, with CSS selectors, event handling, AJAX and complete Unicode support
A passive reconnaissance tool inside the DOM (experimental)