A vast collection of security tools for bug bounty, pentest and red teaming


Spy Extension on offsec.tools
Spy Extension

This Chrome extension will read literally everything it can.

autochrome on offsec.tools

A shiny new copy of Chromium that will bring colors in your hunt.

DotGit on offsec.tools

An extension for checking if .git is exposed in visited websites.

PostMessage_Fuzz_Tool on offsec.tools

A PostMessage fuzzing extension for Chrome.

postMessage-tracker on offsec.tools

A Chrome Extension to track postMessage usage (url, domain and stack).

DOM based XSS finder on offsec.tools
DOM based XSS finder

Chrome extension that finds DOM based XSS vulnerabilities.

XSS Radar on offsec.tools
XSS Radar

A Chrome extension for fast and easy XSS fuzzing.

Tracy on offsec.tools

Assists with finding all sinks and sources of a webapp and display the results in a nice way.