View in browser

Weekly newsletter n°10

offsec.tools

A vast collection of security tools for bug bounty, pentest and red teaming
offsec.tools is a vast listing of security tools designed to help pentesters and bug hunters in their daily task. The list is organized by tags and provide a quick search engine. The list is feeded by the author and the community. Anyone can add a tool and be listed as a contributor, feel free to check the GitHub repository.



Hi guys,

I created a small page dedicated to the newsletter, you have now access to the full history.

I recently have been questioned by peoples about the homepage. For now it's all random, 10 new tools are randomly selected every week. But since some of you are interested to get their tools listed there, I'll think about something fair so everyone could easily promote his tool for cheap.

Happy hunting guys!

Gwen
Go to offsec.tools

Tools featured this week
t14m4t
Automated brute-forcing attack tool.
autopwn
Specify targets and run sets of tools against them.
web-hacking-toolkit
A web hacking toolkit.
CDN Proxy
Create a copy of a targeted website with CDN and WAF restrictions disabled.
Linux Exploit Suggester
Based on operating system release number.
Awesome Bug Bounty
A comprehensive curated list of available Bug Bounty & disclosure programs and writeups.
PowerSploit
A PowerShell Post-Exploitation Framework.
h1-search
Request the public disclosures on a specific HackerOne program.
Sudomy
Collects subdomains and analyzes domains performing automated reconnaissance.
DVWA
Damn Vulnerable Web Application.

Tools added last week
swagroutes
Extract and list API routes from Swagger files in YAML/JSON format.
DomLink
Link a domain with registered organisation names and emails, to other domains.
DNSCewl
A DNS bruteforcing wordlist generator.
fastsub
A DNS bruteforcer with multi-threading, and handling of bad resolvers.
subtake
Extension of sublister tool to check for subdomain takeovers.
IAMagic
Advanced AWS access credentials scanner.
Kubestroyer
Exploit Kubernetes clusters misconfigurations and be the swiss army knife of your pentests.
GhostTrack
Useful tool to track location or mobile number.
wildcrawl
Crawls URL to get a better image of what is tied to a website.
Kraken
A modular multi-language webshell.
ReverseKit
A dynamic reverse engineering toolkit.
dorky
Quickly do keyword searches over GitLab and GitHub for OSINT & bug bounty recon.
KeePwn
A python script to help red teamers discover KeePass instances and extract secrets.
PyShell
Multiplatform Python webshell.
svn-extractor
Simple script to extract all web resources by means of .SVN folder exposed over network.
PowerMeUp
A small library of powershell scripts for post exploitation that you may need or use!

Want more to see more tools?
Go to offsec.tools

Sponsors
You received this email because you signed up on our website.
You can unsubscribe anytime.

Unsubscribe