View in browser

Weekly newsletter n°38

A vast collection of security tools for bug bounty, pentest and red teaming is a vast listing of security tools designed to help pentesters and bug hunters in their daily task. The list is organized by tags and provide a quick search engine. The list is feeded by the author and the community. Anyone can add a tool and be listed as a contributor, feel free to check the GitHub repository.

Go to

Tools featured this week

Hashcat Web Interface.
SSH server auditing: banner, key exchange, encryption, compatibility, security...
Powershell reverse shell using HTTP/S protocol with AMSI bypass and Proxy Aware.
Perform advanced MiTM attacks on websites with ease.
Command line tool for testing CRLF injection on a list of domains.
Zed Attack Proxy
The world's most widely used web app scanner.
Parse OpenAPI specifications into the BurpSuite for automating RESTful API testing.
Plugin-based tool to scan public version control systems for sensitive information.
Online local vulnerability scanners project.
Improve the active and passive Burp Suite scanner by means of custom rules through GUI.

Tools added last week

Want more to see more tools?

Go to