View in browser

Weekly newsletter n°9

offsec.tools

A vast collection of security tools for bug bounty, pentest and red teaming
offsec.tools is a vast listing of security tools designed to help pentesters and bug hunters in their daily task. The list is organized by tags and provide a quick search engine. The list is feeded by the author and the community. Anyone can add a tool and be listed as a contributor, feel free to check the GitHub repository.

Hi folks,

We have more and more contributors every week which is great as it adds diversity in the tools. But please take care to carefully read the guidelines or use the issue template created for that purpose. It helps to avoid errors in the parsing, the bot will be thankful for that.

I have been busy hunting in the past days so the features planned to upgrade the website are more or less in a stand by mode... but still in the pipe so stay tuned!

Happy hacking comrades!

Gwen.
Go to offsec.tools

Tools featured this week
unix-privesc-check
Shell script to check for simple privilege escalation vectors on Unix systems.
KeyTabExtract
Extracts Key Values from .keytab files.
git-wild-hunt
A tool to hunt for credentials in GitHub wild AKA git*hunt.
JWT Tool
A toolkit for testing, tweaking and cracking JSON Web Tokens.
Rusty Hog
A suite of secret scanners built in Rust for performance.
bypasswaf
Add headers to all Burp requests to bypass some WAF products.
Shodan
Search engine for Internet-connected devices.
jok3r
Network and Web Pentest Automation Framework.
LDAP Password Hunter
Password Hunter in active directory.
HTTP Request Smuggler
Extension for Burp Suite designed to help you launch HTTP Request Smuggling attacks.

Tools added last week
endext
A tool for extracting all the possible endpoints from the JS files.
GodPotato
Privilege escalation tool for Windows.
gorgo
The vertasile multi-threaded password sprayer built on the shoulders of giants.
LinkedInDumper
Script that dumps employee data from the LinkedIn social networking platform.
LDAPNomNom
Anonymously bruteforce Active Directory usernames by abusing LDAP Ping requests.
SubdomainFinder
Find subdomains by searching public certificate records.
XSS Hunter
The fastest way to set up XSS Hunter to test and find blind cross-site scripting vulnerabilities.
Brute Hacking Framework
A framework including all the tools that work on Windows.

Want more to see more tools?
Go to offsec.tools

Sponsors
You received this email because you signed up on our website.
You can unsubscribe anytime.

Unsubscribe