Weekly newsletter n°65

offsec.tools

A vast collection of security tools for bug bounty, pentest and red teaming

offsec.tools is a vast listing of security tools designed to help pentesters and bug hunters in their daily task. The list is organized by tags and provide a quick search engine. The list is feeded by the author and the community. Anyone can add a tool and be listed as a contributor, feel free to check the GitHub repository.

Service was down these last 3 days due to technical problems AND vacation ;) It's now fixed and ready to help you as it should ! Sorry guys for being so late. Happy hacking !

Gwen.

Go to offsec.tools

Tools featured this week

crowbar

Brute forcing tool that support several uncommon protocols.

BucketLoot

An automated S3-compatible bucket inspector.

ImHex

Hex editor for reverse engineers, programmers and people who value their retinas when working at 3am.

Osintgram

An interactive shell to perform analysis on Instagram account of any users by its nickname.

gorgo

The vertasile multi-threaded password sprayer built on the shoulders of giants.

Tools added last week

	Security Monkey
	Monitor AWS, GCP, OpenStack, and GitHub orgs for assets and their changes over time.

	Rebind
	Implement the multiple A record DNS rebinding attack.

	Kubernetes Goat
	Vulnerable by design cluster environment to learn and practice Kubernetes security.

	qira
	QEMU Interactive Runtime Analyser.

	magspoof
	A portable device that can spoof/emulate any magnetic stripe, credit card or hotel card wirelessly.

	apk-mitm
	A CLI application that automatically prepares Android APK files for HTTPS inspection.

Want to see more tools?