![](https://assets.offsec.tools/tools/kscan-2040.png) |
Kscan |
Kscan is an all-round scanner developed purely in Go, with functions such as port scanning, protocol. |
|
|
![](https://assets.offsec.tools/tools/klyda-5560.png) |
Klyda |
Highly configurable script for dictionary/spray attacks against online web applications. |
|
|
|
|
|
|
![](https://assets.offsec.tools/tools/nuclei-wordfence-cve-2152.jpg) |
nuclei-wordfence-cve |
Collection of Nuclei templates dedicated to WordPress core, plugins and themes vulnerabilities. |
|
|
![](https://assets.offsec.tools/tools/socialhunter-2887.png) |
socialhunter |
Crawls the website and finds broken social media links that can be hijacked |
|
|
![](https://assets.offsec.tools/tools/haylxon-1540.png) |
Haylxon |
Blazing-fast tool to grab screenshots of your domain list right from terminal. |
|
|
![](https://assets.offsec.tools/tools/deps.dev-7123.png) |
deps.dev |
Better understand the structure, construction, and security of open source software packages. |
|
|
![](https://assets.offsec.tools/tools/bbrf-4892.png) |
bbrf |
Help you coordinate your reconnaissance workflows across multiple devices. |
|
|
![](https://assets.offsec.tools/tools/octosql-5888.gif) |
octosql |
CLI tool which lets you query a plethora of databases and file formats. |
|
|
![](https://assets.offsec.tools/tools/bugbountyscanner-4752.png) |
BugBountyScanner |
A Bash script and Docker image for Bug Bounty reconnaissance, intended for headless use. |
|
|
![](https://assets.offsec.tools/tools/scopein-5443.png) |
Scopein |
A Go tool for scope management. |
|
|
|
|
![](https://assets.offsec.tools/tools/gowhois-9525.png) |
Gowhois |
Whois command implemented by golang with awesome whois servers list. |
|
|
![](https://assets.offsec.tools/tools/hbsqli-1445.png) |
HBSQLI |
Automated tool for testing header based blind SQL injection. |
|
|
![](https://assets.offsec.tools/tools/nimbo-c2-8244.png) |
Nimbo-C2 |
Yet another (simple and lightweight) C2 framework. |
|
|
![](https://assets.offsec.tools/tools/api-fuzzer-5098.png) |
API fuzzer |
Fuzz request attributes using common pentesting techniques and lists vulnerabilities. |
|
|
![](https://offsec.tools/img/tools/de3fae37dbfbd161f5e2e63926c96fe5.png) |
evilginx2 |
Standalone MITM attack framework allowing for the bypass of 2-factor authentication. |
|
|
![](https://assets.offsec.tools/tools/invoke-adenum-2833.png) |
Invoke-ADEnum |
Automate Active Directory Enumeration using PowerView. |
|
|