offsec.tools

A vast collection of security tools for bug bounty, pentest and red teaming

Go to offsec.tools

Tools featured this week

OSINT tool used for web crawling or examining JavaScript files for likely useful data.

Zip password cracker.

Turn a Rapsberry Pi Zero W into a flexible, low-cost platform for pentesting, red teaming or PE.

Hunt persistences implanted in Windows machines.

Generate rich wordlists for targeted attacks online.

Enumerate and extract GraphQL APIs.

Toolkit to detect and keep track on Blind XSS, XXE & SSRF.

Combination of evilginx3 and GoPhish.

A dynamic reverse engineering toolkit.

Data exfiltration over DNS request covert channel.

	osintname
	Generate emails and usernames.

	mana
	Wifi rogue AP attacks and MitM.

	x64dbg
	An open-source user mode debugger for Windows for reverse engineering and malware analysis.

	Apktool
	A tool for reverse engineering Android APK files.

	lynis
	Security auditing tool for Linux, macOS, and UNIX-based systems.

	pwntools
	CTF framework and exploit development library.

	Osintgram
	An interactive shell to perform analysis on Instagram account of any users by its nickname.

	twint
	Twitter scraping & OSINT tool allowing you to scrape a user's followers, following, tweets and more.

	tinfoleak
	The most complete open-source tool for Twitter intelligence analysis.

	bore
	A simple CLI tool for making tunnels to localhost.

	pupy
	Opensource, cross-platform C2 and post-exploitation framework written in python and C.

	honggfuzz
	A security oriented software fuzzer.

	changedetection.io
	Page change monitoring with alerts a breezem, the best way to monitor website changes.

	UglifyJS
	A JavaScript parser, minifier, compressor and beautifier toolkit.

Go to offsec.tools