View in browser

Weekly newsletter n°29

A vast collection of security tools for bug bounty, pentest and red teaming is a vast listing of security tools designed to help pentesters and bug hunters in their daily task. The list is organized by tags and provide a quick search engine. The list is feeded by the author and the community. Anyone can add a tool and be listed as a contributor, feel free to check the GitHub repository.

You may have noticed a few changes in the design recently as I'm trying to make the site more pleasant to use and more efficient at the same time. Last week I moved many assets on AWS to improve the loading.
The template for contributions has been updated a bit to make it easier to parse, so please take care to use the new format!

Happy hunting!
Go to

Tools featured this week

Android application to brute force WiFi passwords without requiring a rooted device.
A tool to make socks connections through HTTP agents.
Automation for internal Windows pentest / AD-Security.
Easy and customisable pentest report creator based on simple web technologies.
Provides view with filtering capabilities for all requests from all Burp Suite tools.
Python utility to takeover domains vulnerable to AWS NS Takeover.
Tests a list of s3 buckets to see if they have dir listings enabled or if they are uploadable.
Simple Basic Malware Scanner
Simple Malware Scanner based on file hash scan.
Quickly and accurately create a visual representation of their Nmap output.
Malicious shortcut generator for collecting NTLM hashes from insecure file shares.

Tools added last week

A simple script just made for self use for bypassing 403.

CyberSec Quizzes
Test your knowledge on cyber security and practice for industry recognised certifications.

Tool WPXStrike
Escalate a Cross-Site Scripting vulnerability to Remote Code Execution in WordPress.

Built With
Find out what websites are Built With.

Checks and hardens your Windows configuration.

Want more to see more tools?

Go to