View in browser

Weekly newsletter n°35

offsec.tools

A vast collection of security tools for bug bounty, pentest and red teaming
offsec.tools is a vast listing of security tools designed to help pentesters and bug hunters in their daily task. The list is organized by tags and provide a quick search engine. The list is feeded by the author and the community. Anyone can add a tool and be listed as a contributor, feel free to check the GitHub repository.


This week I created 2 RSS feeds, one contains all tools recorded and the other one contains the tools added in the last 7 days.

All issues on GitHub has also been reviewed to be more clear on the status of the tools proposed by the community. The following tags are available: enhancement, pending, accepted, refused.

Happy hacking !

Gwen.
Go to offsec.tools

Tools featured this week
fingerprintx
Standalone utility for service discovery on open ports!
JWT Key ID Injector
Simple python script to check against hypothetical JWT vulnerability.
secret-bridge
Monitors Github for leaked secrets.
AzureADLateralMovement
Lateral movement graph for Azure Active Directory.
Paros Proxy
HTTP(S) proxy for assessing web application vulnerability.
nuclei-wordfence-cve
Collection of Nuclei templates dedicated to WordPress core, plugins and themes vulnerabilities.
JWT cracker
JWT brute force cracker written in C.
espionage
Collects informations related to domains whois, history, dns records and more.
SpiderFoot
Automates OSINT for threat intelligence and mapping your attack surface.
off-by-slash
Burp extension to detect alias traversal via NGINX misconfiguration at scale.

Tools added last week
OSS-Fuzz
Continuous Fuzzing for Open Source Software.
Charles
HTTP proxy / monitor / reverse proxy that allows to view all of the HTTP(S) traffic.
Csper
The most advance set of Content Security Policy tools.
Astra
Automated Security Testing For REST API's.
GSIL
GitHub Sensitive Information Leakage.
a2sv
Auto Scanning to SSL Vulnerability.
Acra
Database protection suite with field level encryption and intrusion detection.

Want more to see more tools?
Go to offsec.tools

Sponsors
You received this email because you signed up on our website.
You can unsubscribe anytime.

Unsubscribe