![](https://assets.offsec.tools/tools/barq-2159.png) |
|
barq |
|
The AWS Cloud Post Exploitation framework! |
|
|
![](https://assets.offsec.tools/tools/joomscan-5461.png) |
|
JoomScan |
|
OWASP Joomla Vulnerability Scanner Project. |
|
|
![](https://assets.offsec.tools/tools/waf-bypass-6602.png) |
|
waf-bypass |
|
Check your WAF before an attacker does. |
|
|
![](https://assets.offsec.tools/tools/jwt-hack-2487.png) |
|
jwt-hack |
|
JWT encoding/decoding, generates payloads for JWT attack and very fast cracking. |
|
|
![](https://assets.offsec.tools/tools/xssvalidator-8199.png) |
|
xssValidator |
|
A Burp Intruder extender designed for automation and validation of XSS vulnerabilities. |
|
|
![](https://assets.offsec.tools/tools/sourcegraph-3204.png) |
|
Sourcegraph |
|
Search millions of open source repositories. |
|
|
![](https://assets.offsec.tools/tools/cloudfox-9992.png) |
|
Cloudfox |
|
Automating situational awareness for cloud penetration tests. |
|
|
![](https://assets.offsec.tools/tools/mobsf-7181.png) |
|
MobSF |
|
All-in-one mobile application pentesting, malware analysis and security assessment framework. |
|
|
![](https://assets.offsec.tools/tools/ysoserial-7436.png) |
|
ysoserial |
|
Generates payloads that exploit unsafe Java object deserialization. |
|
|
![](https://assets.offsec.tools/tools/retire.js-8084.png) |
|
Retire.js |
|
Detects the use of JavaScript libraries with known vulnerabilities. |
|
|