View in browser

Weekly newsletter n°36

offsec.tools

A vast collection of security tools for bug bounty, pentest and red teaming
offsec.tools is a vast listing of security tools designed to help pentesters and bug hunters in their daily task. The list is organized by tags and provide a quick search engine. The list is feeded by the author and the community. Anyone can add a tool and be listed as a contributor, feel free to check the GitHub repository.

Go to offsec.tools

Tools featured this week
csrf-scanner
CSRF Scanner Extension for Burp Suite Pro.
GoAltdns
A permutation generation tool written in golang.
Knoxnl
This is a python wrapper around the amazing KNOXSS.
JSgen
Generate javascript code to be injected in case you find a Server Side Javascript Injection.
API fuzzer
Fuzz request attributes using common pentesting techniques and lists vulnerabilities.
takeover
A tool for testing subdomain takeover possibilities at a mass scale.
co2
A collection of enhancements for Portswigger's popular Burp Suite web penetration testing tool.
GSAN
Extract subdomains from SSL certificates in HTTPS sites.
headi
Customisable and automated HTTP header injection.
See-SURF
Detect Vulnerable SSRF parameters.

Tools added last week
Sort++
The next generation Snort Intrusion Prevention System.
Kerbeus-BOF
Beacon Object Files for Kerberos abuse.
sliver
Adversary emulation framework.
bounty-targets
Crawls bug bounty platform scopes.
BountyDash
Combine your rewards from platforms giving you insights about your bug hunting progress.
brakeman
Static analysis security vulnerability scanner for Ruby on Rails applications.
codeql
Power security researchers around the world as well as code scanning.
Swagger Jacker
Designed to assist with auditing of exposed Swagger/OpenAPI) definition files.

Want more to see more tools?
Go to offsec.tools

Sponsors
You received this email because you signed up on our website.
You can unsubscribe anytime.

Unsubscribe