A vast collection of security tools for bug bounty, pentest and red teaming

#browser

Tamper Dev on offsec.tools
Tamper Dev

Allows you to intercept and edit HTTP/HTTPS requests and responses.

Tamper Data on offsec.tools
Tamper Data

View and modify HTTP requests before they are sent.

Spy Extension on offsec.tools
Spy Extension

This Chrome extension will read literally everything it can.

Fiddler Everywhere on offsec.tools
Fiddler Everywhere

Web debugging proxy for MacOS, Windows, and Linux.

autochrome on offsec.tools
autochrome

A shiny new copy of Chromium that will bring colors in your hunt.

PwnFox on offsec.tools
PwnFox

A Firefox/Burp Suite extension that provide usefull tools for your security audit.

DotGit on offsec.tools
DotGit

An extension for checking if .git is exposed in visited websites.

S3BucketList on offsec.tools
S3BucketList

Firefox plugin that lists Amazon S3 Buckets found in requests.

PostMessage_Fuzz_Tool on offsec.tools
PostMessage_Fuzz_Tool

A PostMessage fuzzing extension for Chrome.

postMessage-tracker on offsec.tools
postMessage-tracker

A Chrome Extension to track postMessage usage (url, domain and stack).

DOM based XSS finder on offsec.tools
DOM based XSS finder

Chrome extension that finds DOM based XSS vulnerabilities.

XSS Radar on offsec.tools
XSS Radar

A Chrome extension for fast and easy XSS fuzzing.

Tracy on offsec.tools
Tracy

Assists with finding all sinks and sources of a webapp and display the results in a nice way.

BeEF on offsec.tools
BeEF

The Browser Exploitation Framework is a penetration testing tool that focuses on the web browser.

KNOXSS on offsec.tools
KNOXSS

Online XSS tool with demonstration of vulnerability.