View in browser

Weekly newsletter n°17

offsec.tools

A vast collection of security tools for bug bounty, pentest and red teaming
offsec.tools is a vast listing of security tools designed to help pentesters and bug hunters in their daily task. The list is organized by tags and provide a quick search engine. The list is feeded by the author and the community. Anyone can add a tool and be listed as a contributor, feel free to check the GitHub repository.
Go to offsec.tools

Tools featured this week
CDN Proxy
Create a copy of a targeted website with CDN and WAF restrictions disabled.
backslash-powered-scanner
Finds unknown classes of injection vulnerabilities.
XSS Hunter
The fastest way to set up XSS Hunter to test and find blind cross-site scripting vulnerabilities.
Arjun
HTTP parameter discovery suite.
pypykatz
Mimikatz implementation in pure Python.
backslash-powered-scanner
Finds unknown classes of injection vulnerabilities.
sentrySSRF
Searching for Sentry config on page or in Javascript files and check blind SSRF.
smbcrawler
No-nonsense tool that takes credentials and a list of hosts and crawls through those shares.
CloudBrute
Awesome cloud enumerator.
ssh-auditor
The best way to scan for weak ssh passwords on your network.

Tools added last week
smbcrawler
No-nonsense tool that takes credentials and a list of hosts and crawls through those shares.
Prenum
The perils of the pre-Windows 2000 compatible access group in a Windows domain.
PS2
A port scanner written purely in PowerShell.
OSINT-SPY
Perform OSINT scan on email/domain/ip address/organization.
AndroSet
Manage Burp Suite certificate in Android to redirect all traffic to Burp Suite.
passiveDNS
A network sniffer that logs all DNS server replies for use in a passive DNS setup.
pywerview
A (partial) Python rewriting of PowerSploit's PowerView.

Want more to see more tools?
Go to offsec.tools

Sponsors
You received this email because you signed up on our website.
You can unsubscribe anytime.

Unsubscribe