A vast collection of security tools for bug bounty, pentest and red teaming


Tamper Dev on offsec.tools
Tamper Dev

Allows you to intercept and edit HTTP/HTTPS requests and responses.

Tamper Data on offsec.tools
Tamper Data

View and modify HTTP requests before they are sent.

Spy Extension on offsec.tools
Spy Extension

This Chrome extension will read literally everything it can.

Fiddler Everywhere on offsec.tools
Fiddler Everywhere

Web debugging proxy for MacOS, Windows, and Linux.

autochrome on offsec.tools

A shiny new copy of Chromium that will bring colors in your hunt.

PwnFox on offsec.tools

A Firefox/Burp Suite extension that provide usefull tools for your security audit.

DotGit on offsec.tools

An extension for checking if .git is exposed in visited websites.

S3BucketList on offsec.tools

Firefox plugin that lists Amazon S3 Buckets found in requests.

PostMessage_Fuzz_Tool on offsec.tools

A PostMessage fuzzing extension for Chrome.

postMessage-tracker on offsec.tools

A Chrome Extension to track postMessage usage (url, domain and stack).

DOM based XSS finder on offsec.tools
DOM based XSS finder

Chrome extension that finds DOM based XSS vulnerabilities.

XSS Radar on offsec.tools
XSS Radar

A Chrome extension for fast and easy XSS fuzzing.

Tracy on offsec.tools

Assists with finding all sinks and sources of a webapp and display the results in a nice way.

BeEF on offsec.tools

The Browser Exploitation Framework is a penetration testing tool that focuses on the web browser.

KNOXSS on offsec.tools

Online XSS tool with demonstration of vulnerability.