A vast collection of security tools for bug bounty, pentest and red teaming

#api

Vampi on offsec.tools
Vampi

Vulnerable REST API with OWASP top 10 vulnerabilities for security testing.

Graphicator on offsec.tools
Graphicator

Enumerate and extract GraphQL APIs.

#api   #graphql  

Gorsair on offsec.tools
Gorsair

Gives root access on remote docker containers that expose their APIs.

Covenant on offsec.tools
Covenant

Collaborative C2 framework for red teamers.

#api   #aws   #cloud   #framework   #google   #gui  

OpenAPI on offsec.tools
OpenAPI

Parse OpenAPI specifications into the BurpSuite for automating RESTful API testing.

Burp Extender API on offsec.tools
Burp Extender API

Burp Extender API.

SQLi-Hunter on offsec.tools
SQLi-Hunter

Simple HTTP(S) proxy server and a SQLMAP API wrapper that makes digging SQLi easy.

Race The Web on offsec.tools
Race The Web

Tests for race conditions in web applications.

Fuzzapi on offsec.tools
Fuzzapi

Used for REST API pentesting and provide UI solution for gem.