A vast collection of security tools for bug bounty, pentest and red teaming


CertCrunchy on offsec.tools

Uses data from SSL Certificates to find potential host names.

CarbonCopy on offsec.tools

Creates a spoofed certificate of any online website and signs an executable for AV evasion.

CertStealer on offsec.tools

A .NET tool for exporting and importing certificates without touching disk.

certSniff on offsec.tools

A certificate transparency log keyword sniffer written in Python.

Bucket Stream on offsec.tools
Bucket Stream

Find interesting Amazon S3 Buckets by watching certificate transparency logs.

Certificate Search on offsec.tools
Certificate Search

Get informations about SSL certificates.

GSAN on offsec.tools

Extract subdomains from SSL certificates in HTTPS sites.

Keyfinder on offsec.tools

Find and analyze private/public key files and Android APK files.

dirhunt on offsec.tools

Find web directories without bruteforce.

IDontSpeakSSL on offsec.tools

Simple tool to scan large scope and provide SSL/TLS vulnerabilities.

CTFR on offsec.tools

Abusing Certificate Transparency logs for getting HTTPS websites subdomains.

Certificate Ripper on offsec.tools
Certificate Ripper

A CLI tool to extract server certificates.

Substr3am on offsec.tools

Passive reconnaissance/enumeration of interesting targets by watching for SSL certificates.

Censys Enumeration on offsec.tools
Censys Enumeration

Extract subdomains/emails for a given domain using SSL/TLS certificate dataset on Censys.

Censys subdomain finder on offsec.tools
Censys subdomain finder

Perform subdomain enumeration using the certificate transparency logs from Censys.