![](https://assets.offsec.tools/tools/harpwn-6866.png) |
HARpwn |
Designed to streamline the extraction and sanitization of HARTokens from HTTP archives. |
|
|
![](https://assets.offsec.tools/tools/js-tap-6121.png) |
JS-Tap |
JavaScript payload and supporting software to be used as XSS payload or post exploitation implant. |
|
|
![](https://assets.offsec.tools/tools/gsec-2774.png) |
Gsec |
Web security scanner. |
|
|
![](https://assets.offsec.tools/tools/localpotato-8523.png) |
LocalPotato |
Another local Windows privilege escalation using a new potato technique. |
|
|
![](https://assets.offsec.tools/tools/mosint-7925.png) |
Mosint |
An automated e-mail OSINT tool. |
|
|
![](https://assets.offsec.tools/tools/leakey-1954.png) |
LEAKEY |
Bash script which checks and validates for leaked credentials. |
|
|
![](https://assets.offsec.tools/tools/dvenom-6470.png) |
DVenom |
Helps to bypass antiviruses by providing an encryption wrapper and loader for your shellcode. |
|
|
![](https://assets.offsec.tools/tools/metadetective-9608.png) |
MetaDetective |
Unleash metadata intelligence, bridging the chasm in metadata extraction and analysis. |
|
|
|
|
![](https://assets.offsec.tools/tools/porch-pirate-2088.png) |
Porch-Pirate |
The most comprehensive Postman recon / OSINT client and framework. |
|
|
![](https://assets.offsec.tools/tools/secbutler-2392.png) |
secbutler |
The perfect butler for pentesters, bug-bounty hunters and security researchers. |
|
|
![](https://assets.offsec.tools/tools/moonwalk-back-2923.png) |
moonwalk-back |
Cover your tracks during Linux exploitation by leaving zero traces on the exploited system. |
|
|
![](https://assets.offsec.tools/tools/gtfonow-1697.png) |
GTFONow |
Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins. |
|
|
![](https://assets.offsec.tools/tools/moriarty-4792.png) |
Moriarty |
Designed to enumerate missing KBs, detect various vulnerabilities, and suggest potential. |
|
|
![](https://assets.offsec.tools/tools/webcopilot-3958.png) |
WebCopilot |
Automation tool designed to enumerate subdomains and detect bugs using different open-source tools. |
|
|
|
|
|
|