![](https://assets.offsec.tools/tools/hunter.how-9821.png) |
hunter.how |
Internet search engines for security researchers. |
|
|
![](https://assets.offsec.tools/tools/sslstrip-2622.png) |
sslstrip |
A tool for exploiting Moxie Marlinspike's SSL "stripping" attack. |
|
|
![](https://assets.offsec.tools/tools/splunk-4143.png) |
Splunk |
The unified security and observability platform. |
|
|
![](https://assets.offsec.tools/tools/netwitness-6761.png) |
NetWitness |
Rapidly detect and respond to any threat, anywhere. See Everything. Fear Nothing. |
|
|
![](https://assets.offsec.tools/tools/nagios-9709.png) |
Nagios |
The industry standard in IT infrastructure monitoring. |
|
|
![](https://assets.offsec.tools/tools/invicti-5752.png) |
Invicti |
Web Application Security For Enterprise. |
|
|
![](https://assets.offsec.tools/tools/webinspect-3549.png) |
WebInspect |
An automated dynamic testing solution that provides comprehensive vulnerability detection. |
|
|
![](https://assets.offsec.tools/tools/nipper-ng-6065.png) |
nipper-ng |
Network infrastructure configuration parser. |
|
|
|
|
![](https://assets.offsec.tools/tools/wikto-5237.png) |
wikto |
Nikto for Windows with some extra features. |
|
|
![](https://assets.offsec.tools/tools/p0f-5854.png) |
p0f |
Identify the operating system of a target host simply by examining captured packets. |
|
|
![](https://assets.offsec.tools/tools/sguil-2087.png) |
Sguil |
The analyst console for network security monitoring. |
|
|
![](https://assets.offsec.tools/tools/samurai-wtf-4492.png) |
Samurai WTF |
The best security training environment for developers and AppSec professionals. |
|
|
![](https://assets.offsec.tools/tools/tamper-data-8098.png) |
Tamper Data |
View and modify HTTP requests before they are sent. |
|
|
![](https://assets.offsec.tools/tools/tamper-dev-7229.png) |
Tamper Dev |
Allows you to intercept and edit HTTP/HTTPS requests and responses. |
|
|
![](https://assets.offsec.tools/tools/ratproxy-3213.png) |
ratproxy |
A semi-automated largely passive web application security audit tool. |
|
|
![](https://assets.offsec.tools/tools/kismac-9160.png) |
KisMac |
A free, open source wireless stumbling and security tool for Mac OS X. |
|
|
![](https://assets.offsec.tools/tools/ike-scan-5501.png) |
ike-scan |
Discover and fingerprint IKE hosts. |
|
|
![](https://assets.offsec.tools/tools/amap-2674.png) |
amap |
Identify applications even if they are running on a different port than normal. |
|
|
![](https://assets.offsec.tools/tools/grendel-scan-3269.png) |
Grendel-Scan |
A tool for automated security scanning of web applications. |
|
|
![](https://assets.offsec.tools/tools/dradis-2777.png) |
Dradis |
Collaboration and reporting for infosec teams made simple. |
|
|
![](https://assets.offsec.tools/tools/nbtscan-3484.png) |
nbtscan |
Scan networks searching for NetBIOS information. |
|
|
|
|
![](https://assets.offsec.tools/tools/kali-linux-1058.png) |
Kali Linux |
The most advanced penetration testing distribution. |
|
|
![](https://assets.offsec.tools/tools/upload_bypass-8337.png) |
upload_bypass |
File upload restrictions bypass by using different techniques! |
|
|
![](https://assets.offsec.tools/tools/quickjack-8972.png) |
Quickjack |
Point-and-click tool for producing advanced clickjacking and frame-slicing attacks. |
|
|