View in browser

Weekly newsletter n°9

A vast collection of security tools for bug bounty, pentest and red teaming is a vast listing of security tools designed to help pentesters and bug hunters in their daily task. The list is organized by tags and provide a quick search engine. The list is feeded by the author and the community. Anyone can add a tool and be listed as a contributor, feel free to check the GitHub repository.

Hi folks,

We have more and more contributors every week which is great as it adds diversity in the tools. But please take care to carefully read the guidelines or use the issue template created for that purpose. It helps to avoid errors in the parsing, the bot will be thankful for that.

I have been busy hunting in the past days so the features planned to upgrade the website are more or less in a stand by mode... but still in the pipe so stay tuned!

Happy hacking comrades!

Go to

Tools featured this week

Shell script to check for simple privilege escalation vectors on Unix systems.
Extracts Key Values from .keytab files.
A tool to hunt for credentials in GitHub wild AKA git*hunt.
JWT Tool
A toolkit for testing, tweaking and cracking JSON Web Tokens.
Rusty Hog
A suite of secret scanners built in Rust for performance.
Add headers to all Burp requests to bypass some WAF products.
Search engine for Internet-connected devices.
Network and Web Pentest Automation Framework.
LDAP Password Hunter
Password Hunter in active directory.
HTTP Request Smuggler
Extension for Burp Suite designed to help you launch HTTP Request Smuggling attacks.

Tools added last week

A tool for extracting all the possible endpoints from the JS files.

Privilege escalation tool for Windows.

The vertasile multi-threaded password sprayer built on the shoulders of giants.

Script that dumps employee data from the LinkedIn social networking platform.

Anonymously bruteforce Active Directory usernames by abusing LDAP Ping requests.

Find subdomains by searching public certificate records.

XSS Hunter
The fastest way to set up XSS Hunter to test and find blind cross-site scripting vulnerabilities.

Brute Hacking Framework
A framework including all the tools that work on Windows.

Want more to see more tools?

Go to