View in browser

Weekly newsletter n°42

offsec.tools

A vast collection of security tools for bug bounty, pentest and red teaming
offsec.tools is a vast listing of security tools designed to help pentesters and bug hunters in their daily task. The list is organized by tags and provide a quick search engine. The list is feeded by the author and the community. Anyone can add a tool and be listed as a contributor, feel free to check the GitHub repository.

Go to offsec.tools

Tools featured this week
PortBender
A TCP port redirection utility that allows inbound traffic redirection.
SSH PuTTY login bruteforcer
A wrapper script which uses PuTTY to perform SSH login bruteforce attacks.
cvecrowd.com
Lists CVEs that are currently being discussed on the social network Mastodon.
egressbuster
Check egress filtering and identify if ports are allowed to automatically spawn a shell.
XSSer
Automatic framework to detect, exploit and report XSS vulnerabilities in web-based applications.
Feroxbuster
A fast, simple, recursive content discovery tool written in Rust.
DorkGPT
Generate Google dorks with AI.
GraphQLmap
Scripting engine to interact with a graphql endpoint for pentesting purposes.
Reverse Shell Generator
A tool to generate various ways to do a reverse shell.
Awesome-CobaltStrike
List of awesome CobaltStrike resources.

Tools added last week
Semgrep
Lightweight static analysis for many languages.
mvt
Helps with conducting forensics of mobile devices in order to find signs of a potential compromise.
Havoc
Modern and malleable post-exploitation command and control framework.
metasploitable
VM that is built from the ground up with a large amount of security vulnerabilities.
GOAD
Game of Active Directory.
CMSScan
Scan Wordpress, Drupal, Joomla, vBulletin websites for security issues.
vbscan
A black box vBulletin vulnerability scanner.
merlin
Cross-platform post-exploitation HTTP/2 Command & Control server and agent.
Zphisher
An automated phishing tool with 30+ templates.

Want to see more tools?
Go to offsec.tools

Sponsors
You received this email because you signed up on our website.
You can unsubscribe anytime.

Unsubscribe