A vast collection of security tools for bug bounty, pentest and red teaming

#cves

Nuclei templates on offsec.tools
Sponsor
Nuclei templates

Community curated list of templates for the Nuclei engine to find security vulnerabilities.

Nuclei on offsec.tools
Sponsor
Nuclei

Fast and customizable vulnerability scanner based on simple YAML based DSL.

TerminatorZ on offsec.tools
TerminatorZ

Scan for top potential vulnerabilities with known CVEs in your web applications.

#csrf   #cves   #rce   #scanner   #sqli   #xss  

WebInspect on offsec.tools
WebInspect

An automated dynamic testing solution that provides comprehensive vulnerability detection.

Invicti on offsec.tools
Invicti

Web Application Security For Enterprise.

hunter.how on offsec.tools
hunter.how

Internet search engines for security researchers.

RedTeam_toolkit on offsec.tools
RedTeam_toolkit

Open source Django offensive webapp which is keeping the best tools used in the redteaming.

Vulmap on offsec.tools
Vulmap

Online local vulnerability scanners project.

afrog on offsec.tools
afrog

A vulnerability scanning tools for penetration testing.

awesome-cve-poc on offsec.tools
awesome-cve-poc

A collection about Proof of Concepts of Common Vulnerabilities and Exposures.

reapoc on offsec.tools
reapoc

OpenSource Poc && Vulnerable-Target Storage Box.

Qualys Cloud Platform on offsec.tools
Qualys Cloud Platform

The revolutionary architecture that powers Qualys' IT, security, and compliance cloud apps.

Shodan on offsec.tools
Shodan

Search engine for Internet-connected devices.

Netlas.io on offsec.tools
Netlas.io

Netlas.io is the network atlas of Internet. IP, DNS, Web, IoT devices, and etc.

LanGuard on offsec.tools
LanGuard

Patch management, vulnerability scanning, and network auditing.

Nexpose on offsec.tools
Nexpose

Vulnerability scanner which aims to support the entire vulnerability management lifecycle.

Core Impact on offsec.tools
Core Impact

Designed to enable security teams to conduct advanced penetration tests with ease.

Paros Proxy on offsec.tools
Paros Proxy

HTTP(S) proxy for assessing web application vulnerability.

Nessus on offsec.tools
Nessus

The global gold standard in vulnerability assessment built for the modern attack surface.

jok3r on offsec.tools
jok3r

Network and Web Pentest Automation Framework.

Legion on offsec.tools
Legion

Aids in discovery, reconnaissance and exploitation of information systems.

WES-NG on offsec.tools
WES-NG

Windows Exploit Suggester - Next Generation.

Linux Exploit Suggester on offsec.tools
Linux Exploit Suggester

Based on operating system release number.

Windows Exploit Suggester on offsec.tools
Windows Exploit Suggester

Compares target patch levels against the Microsoft vulnerability DB to detect missing patches.

windows-kernel-exploits on offsec.tools
windows-kernel-exploits

A list of Windows kernel exploits.

WinPwn on offsec.tools
WinPwn

Automation for internal Windows pentest / AD-Security.

DependencyCheck on offsec.tools
DependencyCheck

Utility that detects publicly disclosed vulnerabilities in application dependencies.

Acunetix on offsec.tools
Acunetix

Quickly find and fix the vulnerabilities that put your web applications at risk of attack.

OpenVAS on offsec.tools
OpenVAS

This repository contains the scanner component for Greenbone Community Edition.

Exploitalert on offsec.tools
Exploitalert

Exploits found on the INTERNET.

The Exploit Database on offsec.tools
The Exploit Database

Archive of public exploits and corresponding vulnerable software.

burp-vulners-scanner on offsec.tools
burp-vulners-scanner

Vulnerability scanner based on vulners.com search API.

Betterscan on offsec.tools
Betterscan

Code Scanning/SAST/static analysis/linting using many tools/scanners with one report.

Eagle on offsec.tools
Eagle

Vulnerability scanner for mass detection of web-based applications vulnerabilities.

SearchSploit on offsec.tools
SearchSploit

Cli tool for Exploit-DB that also allows you to take a copy of Exploit Database with you.

flan on offsec.tools
flan

A pretty sweet vulnerability scanner.

git-vuln-finder on offsec.tools
git-vuln-finder

Find potential software vulnerabilities from git commit messages.

Faraday security on offsec.tools
Faraday security

Open source sulnerability management and orchestration platform.

As3nt on offsec.tools
As3nt

Another Subdomain ENumeration Tool.

Nmap on offsec.tools
Nmap

The network mapper.

w3af on offsec.tools
w3af

Web Application Attack and Audit Framework.

Metasploit on offsec.tools
Metasploit

The world’s most used penetration testing framework.

detectify-cves on offsec.tools
detectify-cves

Find CVEs that don't have a Detectify modules.

Burp Suite on offsec.tools
Burp Suite

The class-leading vulnerability scanning, penetration testing, and web app security platform.

WPScan on offsec.tools
WPScan

WPScan WordPress Security Scanner