View in browser

Weekly newsletter n°37

offsec.tools

A vast collection of security tools for bug bounty, pentest and red teaming
offsec.tools is a vast listing of security tools designed to help pentesters and bug hunters in their daily task. The list is organized by tags and provide a quick search engine. The list is feeded by the author and the community. Anyone can add a tool and be listed as a contributor, feel free to check the GitHub repository.

Go to offsec.tools

Tools featured this week
John Hammond
John Hammond YouTube channel.
Hashcat
World's fastest and most advanced password recovery utility
web2shell
Automate converting webshells into reverse shells.
TokenTactics
Azure JWT token manipulation toolset.
Gowhois
Whois command implemented by golang with awesome whois servers list.
HEKATOMB
Connects to LDAP directory to retrieve all computers and users informations.
ADRecon
Gather information about the Active Directory and generates a report.
jwt-heartbreaker
Burp Suite extension to check JWT for using keys from known from public sources.
Fiddler Everywhere
Web debugging proxy for MacOS, Windows, and Linux.
SubScraper
Perform subdomain enumeration through various techniques and retrieve detailed output.

Tools added last week
BBstats
Displays stats and graphs about your Bug Bounty activity.
WinPmem
The Windows memory acquisition tool.
Linpmem
The Linux memory acquisition tool.
graphql-armor
The missing GraphQL security security layer.
LibAFL
Advanced fuzzing librar. Slot your fuzzers together and extend their features using Rust.
ParrotSec
The ultimate framework for your cyber security operations.

Want more to see more tools?
Go to offsec.tools

Sponsors
You received this email because you signed up on our website.
You can unsubscribe anytime.

Unsubscribe