View in browser

Weekly newsletter n°55

offsec.tools

A vast collection of security tools for bug bounty, pentest and red teaming
offsec.tools is a vast listing of security tools designed to help pentesters and bug hunters in their daily task. The list is organized by tags and provide a quick search engine. The list is feeded by the author and the community. Anyone can add a tool and be listed as a contributor, feel free to check the GitHub repository.

Go to offsec.tools

Tools featured this week
Seela
Boost the cybersecurity skills of your teams with the cyber knowledge library.
kerberoast
Series of tools for attacking MS Kerberos implementations.
AWS Sensitive Permissions
This script enumerates the permissions of all the AWS principals of an account.
OSS-Fuzz
Continuous Fuzzing for Open Source Software.
PostMessage_Fuzz_Tool
A PostMessage fuzzing extension for Chrome.
mvt
Helps with conducting forensics of mobile devices in order to find signs of a potential compromise.
Mosint
An automated e-mail OSINT tool.
Amass
In-depth Attack Surface Mapping and Asset Discovery.
Empire
Post-exploitation and adversary emulation framework that is used to aid Red Teams and pentesters.
Scout
Discover a web server's undisclosed files, directories and VHOSTs.

Tools added last week
Pop
Send emails from your terminal.
MultiDump
Post-exploitation tool for dumping and extracting LSASS memory discreetly.
CVEMap
Navigate the CVE jungle with ease using CLI tool designed to provide a structured interface.
ThievingFox
Post-exploitation tools to gather credentials from various password managers and Windows utilities.
Certify
Active Directory certificate abuse.
hauditor
Analyze the security headers returned by a web page and report dangerous configurations.
De4py
toolkit for python reverse engineering.
WhatRuns
Discover what runs a website.

Want to see more tools?
Go to offsec.tools

Sponsors
You received this email because you signed up on our website.
You can unsubscribe anytime.

Unsubscribe