View in browser

Weekly newsletter n°30

offsec.tools

A vast collection of security tools for bug bounty, pentest and red teaming
offsec.tools is a vast listing of security tools designed to help pentesters and bug hunters in their daily task. The list is organized by tags and provide a quick search engine. The list is feeded by the author and the community. Anyone can add a tool and be listed as a contributor, feel free to check the GitHub repository.

Go to offsec.tools

Tools featured this week
Invoke-WCMDump
PowerShell script to dump Windows credentials from the Credential Manager.
changeme
A default credential scanner.
LDAPNomNom
Anonymously bruteforce Active Directory usernames by abusing LDAP Ping requests.
Medusa
Medusa is a speedy, parallel, and modular, login brute-forcer.
GadgetProbe
Probe endpoints consuming Java serialized objects for fingerprinting.
Censys subdomain finder
Perform subdomain enumeration using the certificate transparency logs from Censys.
RecurseBuster
Rapid content discovery tool for recursively querying webservers.
meg
Fetch many paths for many hosts, without killing the hosts.
subHijack
Hijacking forgotten & misconfigured subdomains.
BurpSentinel
GUI Burp Plugin to ease discovering of security holes in web applications.

Tools added last week
ppfuzz
A fast tool to scan client-side prototype pollution vulnerability written in Rust.
graphql-voyager
Represent any GraphQL API as an interactive graph.
XnlReveal
A Chrome browser extension to show alerts for several hidden elements.
IPFuscator
A tool to automatically generate alternative IP representations.
sourcemapper
Extract JavaScript source trees from source map files.
DNSWatch
DNS traffic sniffer and analyzer.
TrafficWatch
A packet sniffer tool, allows you to monitor and analyze network traffic from PCAP files.
HackingHub
Join the front line of the internet, learn applicable cyber security skills.
certs.io
Search the entire internet by data in TLS certificates.
cvecrowd.com
Lists CVEs that are currently being discussed on the social network Mastodon.

Want more to see more tools?
Go to offsec.tools

Sponsors
You received this email because you signed up on our website.
You can unsubscribe anytime.

Unsubscribe