A vast collection of security tools for bug bounty, pentest and red teaming


Vampi on offsec.tools

Vulnerable REST API with OWASP top 10 vulnerabilities for security testing.

Autowasp on offsec.tools

A one-stop pentesting checklist and logger tool.

BlackWidow on offsec.tools

Web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

IntruderPayloads on offsec.tools

Payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.

Zed Attack Proxy on offsec.tools
Zed Attack Proxy

The world's most widely used web app scanner.

Amass on offsec.tools

In-depth Attack Surface Mapping and Asset Discovery.