View in browser

Weekly newsletter n°60

offsec.tools

A vast collection of security tools for bug bounty, pentest and red teaming
offsec.tools is a vast listing of security tools designed to help pentesters and bug hunters in their daily task. The list is organized by tags and provide a quick search engine. The list is feeded by the author and the community. Anyone can add a tool and be listed as a contributor, feel free to check the GitHub repository.

This week a major change occured as I decided to implement advertising. The website now generates a good 10k views/month, which is awesome to me, I didn't expect that. Advertising will help to highlight your tools as sponsors tools are highly promoted in the navigation. Make sure to carefully read the advertise page to understand how it works and the benefits you can get from it.

Thank you guys for your trust and happy hacking!

Gwen.
Go to offsec.tools

Tools featured this week
gateway-finder-imp
Identify routers on the local LAN and paths to the Internet.
domain_hunter
Try to find all subdomains, similar-domains and related-domains of an organization.
ChopChop
Scan endpoints and identify exposition of sensitive services/files/folders.
apkurlgrep
Extract endpoints from APK files.
Second Order
Second-order subdomain takeover scanner.
ScareCrow
Payload creation framework designed around EDR bypass.
Hackvertor
Tag based conversion tool written in Java implemented as a Burp Suite extension.
graphw00f
GraphQL Server Engine Fingerprinting utility for software security professionals.
codeql
Power security researchers around the world as well as code scanning.
Linpmem
The Linux memory acquisition tool.

Tools added last week
OSX Password Dumper
Dump users's .plist on a Mac OS system and to convert them into a crackable hash.
ACLight
Advanced discovery of Privileged Accounts, includes Shadow Admins.
SOAPHound
Enumerate Active Directory environments via the Active Directory Web Services (ADWS) protocol.
CloudRecon
Finding assets and subdomains from certificates! Scan the web!
OFFAT
Autonomously assesses your API for prevalent vulnerabilities.
Ominis OSINT
Perform information gathering from Google for search results related to a user query.
Google Recaptcha Solver
Solve Google reCAPTCHA in less than 5 seconds!
wlgen
Automate building wordlists for AppSec directory/resource bruting.
go-secdump
Tool to remotely dump secrets from the Windows registry.
Shazzer
Automatically create cheat sheets from all relevant vectors on the system.

Want to see more tools?
Go to offsec.tools

Sponsors
You received this email because you signed up on our website.
You can unsubscribe anytime.

Unsubscribe