|
|
![](https://assets.offsec.tools/tools/sudo_killer-7826.png) |
SUDO_KILLER |
A tool to identify and exploit sudo rules misconfigurations and vulnerabilities. |
|
|
|
|
|
|
|
|
![](https://assets.offsec.tools/tools/phoneinfoga-5481.png) |
PhoneInfoga |
Information gathering framework for phone numbers. |
|
|
![](https://assets.offsec.tools/tools/responder-8805.png) |
Responder |
Responder is a LLMNR, NBT-NS and MDNS poisoner. |
|
|
![](https://assets.offsec.tools/tools/ikeforce-7759.png) |
ikeforce |
Command line IPSEC VPN brute forcing tool for Linux. |
|
|
|
|
![](https://assets.offsec.tools/tools/snaffler-2882.png) |
Snaffler |
A tool to help at finding delicious candy needles in a bunch of horrible boring haystacks. |
|
|
|
|
![](https://assets.offsec.tools/tools/ridrelay-3637.png) |
RidRelay |
Enumerate usernames on a domain where you have no creds by using SMB relay. |
|
|
![](https://assets.offsec.tools/tools/pypykatz-6350.png) |
pypykatz |
Mimikatz implementation in pure Python. |
|
|
|
|
![](https://assets.offsec.tools/tools/wordsmith-7402.png) |
Wordsmith |
Assist with creating tailored wordlists, mostly based on geolocation. |
|
|
![](https://assets.offsec.tools/tools/simplyemail-5967.png) |
SimplyEmail |
Email recon made fast and easy, with a framework to build on. |
|
|
![](https://assets.offsec.tools/tools/rock-on-4547.png) |
Rock-ON |
All in one recon tool that just get a single domain name and do all of the work alone. |
|
|
![](https://assets.offsec.tools/tools/redteam_toolkit-5412.png) |
RedTeam_toolkit |
Open source Django offensive webapp which is keeping the best tools used in the redteaming. |
|
|
|
|
![](https://assets.offsec.tools/tools/smbmap-8969.png) |
smbmap |
A handy SMB enumeration tool. |
|
|
![](https://assets.offsec.tools/tools/celerystalk-6830.png) |
celerystalk |
An asynchronous enumeration & vulnerability scanner. |
|
|
|
|
|
|
![](https://assets.offsec.tools/tools/reduh-8608.png) |
reDuh |
Create a TCP circuit through validly formed HTTP requests. |
|
|
![](https://assets.offsec.tools/tools/regeorg-3340.png) |
reGeorg |
Pwn a bastion webserver and create SOCKS proxies through the DMZ. |
|
|
![](https://assets.offsec.tools/tools/kwetza-3681.png) |
Kwetza |
Infect an existing Android application with a Meterpreter payload. |
|
|
![](https://assets.offsec.tools/tools/adrecon-9223.png) |
ADRecon |
Gather information about the Active Directory and generates a report. |
|
|
![](https://assets.offsec.tools/tools/awsloot-2146.gif) |
AWSloot |
Pull secrets from an AWS environment. |
|
|
![](https://assets.offsec.tools/tools/striker-1997.png) |
Striker |
Offensive information and vulnerability scanner. |
|
|
![](https://assets.offsec.tools/tools/sqlmate-2699.png) |
sqlmate |
A friend of SQLmap which will do what you always expected from SQLmap. |
|
|
![](https://assets.offsec.tools/tools/favirecon-3931.png) |
favirecon |
Use favicon.ico to improve your target recon phase. |
|
|
![](https://assets.offsec.tools/tools/spy-extension-3126.png) |
Spy Extension |
This Chrome extension will read literally everything it can. |
|
|