A vast collection of security tools for bug bounty, pentest and red teaming

#bypass

upload_bypass on offsec.tools
upload_bypass

File upload restrictions bypass by using different techniques!

bypass-url-parser on offsec.tools
bypass-url-parser

Tool that tests MANY url bypasses to reach a 40X protected page.

undetected-chromedriver on offsec.tools
undetected-chromedriver

Optimized Selenium Chromedriver patch which does not trigger anti-bot services.

XFFenum on offsec.tools
XFFenum

X-Forwarded-For [403 forbidden] enumeration.

Payloads All The Things on offsec.tools
Payloads All The Things

A list of useful payloads and bypass for Web Application Security.

JSONBee on offsec.tools
JSONBee

A ready to use JSONP endpoints/payloads to help bypass Content Security Policy.

wafw00f on offsec.tools
wafw00f

Identify and fingerprint Web Application Firewall products protecting a website.

4-ZERO-3 on offsec.tools
4-ZERO-3

403/401 Bypass Methods.