A vast collection of security tools for bug bounty, pentest and red teaming

#last7days

25 results
ffufPostprocessing on offsec.tools
ffufPostprocessing

Golang tool which helps dropping the irrelevant entries from your ffuf result file.

#endpoints   #utils  

h8mail on offsec.tools
h8mail

Powerful and user-friendly password hunting tool.

#emails   #leaks   #passwords   #usernames  

ScareCrow on offsec.tools
ScareCrow

Payload creation framework designed around EDR bypass.

#api   #dll   #edr   #framework   #memory   #payloads   #permissions   #privesc  

LDAP Password Hunter on offsec.tools
LDAP Password Hunter

Password Hunter in active directory.

#activedirectory   #ldap   #passwords   #windows  

NMapify on offsec.tools
NMapify

Quickly and accurately create a visual representation of their Nmap output.

#images   #network   #utils  

sub404 on offsec.tools
sub404

A fast tool to check subdomain takeover vulnerability.

#subdomains   #subto  

mimikittenz on offsec.tools
mimikittenz

A post-exploitation powershell tool for extracting juicy info from memory.

#exploits   #memory   #secrets   #windows  

Dumpert on offsec.tools
Dumpert

LSASS memory dumper using direct system calls and API unhooking.

#api   #lsass   #memory  

WiFi-Pumpkin on offsec.tools
WiFi-Pumpkin

Framework for rogue Wi-Fi access point attack.

#framework   #mitm   #network   #sniffing   #spoofing   #wifi  

FindUncommonShares on offsec.tools
FindUncommonShares

Quickly find uncommon shares in vast Windows domains.

#activedirectory   #ldap   #samba   #shares   #windows  

Invoke-TmpDavFS on offsec.tools
Invoke-TmpDavFS

Memory Backed Powershell WebDav Server.

#webdav   #windows  

Invoke-SocksProxy on offsec.tools
Invoke-SocksProxy

Socks proxy, and reverse socks server using powershell.

#network   #pivot   #privesc   #proxy  

PowerShdll on offsec.tools
PowerShdll

Run PowerShell with rundll32 in order to bypass software restrictions.

#exploits   #payloads   #powershell   #windows  

PSByPassCLM on offsec.tools
PSByPassCLM

Bypass for PowerShell Constrained Language Mode.

#exploits   #payloads   #powershell   #windows  

CarbonCopy on offsec.tools
CarbonCopy

Creates a spoofed certificate of any online website and signs an executable for AV evasion.

#certificates  

DNSTracer on offsec.tools
DNSTracer

Trace the path of a DNS query.

#dms   #utils  

Invoke-BSOD on offsec.tools
Invoke-BSOD

For when you want a computer to be done - without admin!.

#bsod   #exploits   #windows  

Invoke-WCMDump on offsec.tools
Invoke-WCMDump

PowerShell script to dump Windows credentials from the Credential Manager.

#passwords   #windows  

Invoke-PSImage on offsec.tools
Invoke-PSImage

Encodes a PowerShell script in the pixels of a PNG file and generates a oneliner to execute.

#exploits   #images   #payloads  

SDBF on offsec.tools
SDBF

Smart DNS Brute Forcer.

#domains   #subdomains  

Ciphey on offsec.tools
Ciphey

Automates decryptions & decodings with encodings, classical ciphers, hashes, or more.

#cryptography   #hash   #passwords  

ScopeHunter on offsec.tools
ScopeHunter

Command-line tool for finding in-scope targets for bug bounty programs.

#bugbounty   #bugcrowd   #hackerone   #intigriti   #utils   #yeswehack  

SSRFPwned on offsec.tools
SSRFPwned

Checks for SSRF using custom payloads after fetching URLs from sources & applying complex patterns.

#payloads   #ssrf  

TerminatorZ on offsec.tools
TerminatorZ

Scan for top potential vulnerabilities with known CVEs in your web applications.

#csrf   #cves   #rce   #scanner   #sqli   #xss  

SQLMutant on offsec.tools
SQLMutant

Searches for automated subdomain enumeration and runs SQLi tests.

#sqli   #subdomains