View in browser

Weekly newsletter n°26

offsec.tools

A vast collection of security tools for bug bounty, pentest and red teaming
offsec.tools is a vast listing of security tools designed to help pentesters and bug hunters in their daily task. The list is organized by tags and provide a quick search engine. The list is feeded by the author and the community. Anyone can add a tool and be listed as a contributor, feel free to check the GitHub repository.

Go to offsec.tools

Tools featured this week
Autorize
Automatic authorization enforcement detection extension for Burp Suite.
certmon
A simple certificate expiration monitor script.
SubBrute
A DNS meta-query spider that enumerates DNS records, and subdomains.
Highlighter and Extractor
Collect, categorize and highlight requests and/or responses according to their content.
badsecrets
A library for detecting known secrets across many web frameworks.
airgeddon
This is a multi-use bash script for Linux systems to audit wireless networks.
jsfinder
Fetches JavaScript files quickly and comprehensively from a defined list of URLs or domains.
Extended XSS Searcher and Finder
Scans for different types of XSS on a list of urls.
talisman
Validate the outgoing changeset for things that look suspicious such as tokens, passwords and keys.
linuxprivchecker
A Linux privilege escalation check script.

Tools added last week
cerbrutus
Network brute force tool, faster than other existing solutions.
slither
Static analyzer for Solidity.
waf-bypass
Check your WAF before an attacker does.
PurpleOps
An open-source self-hosted purple team management web application.
dot
The Deepfake Offensive Toolkit.

Want more to see more tools?
Go to offsec.tools

Sponsors
You received this email because you signed up on our website.
You can unsubscribe anytime.

Unsubscribe