A vast collection of security tools for bug bounty, pentest and red teaming

#ssl

CertCrunchy on offsec.tools
Featured
CertCrunchy

Uses data from SSL Certificates to find potential host names.

sslstrip on offsec.tools
sslstrip

A tool for exploiting Moxie Marlinspike's SSL "stripping" attack.

CertStealer on offsec.tools
CertStealer

A .NET tool for exporting and importing certificates without touching disk.

Legion on offsec.tools
Legion

Aids in discovery, reconnaissance and exploitation of information systems.

Certificate Search on offsec.tools
Certificate Search

Get informations about SSL certificates.

Raccoon on offsec.tools
Raccoon

A high performance offensive security tool for reconnaissance and vulnerability scanning.

GSAN on offsec.tools
GSAN

Extract subdomains from SSL certificates in HTTPS sites.

Keyfinder on offsec.tools
Keyfinder

Find and analyze private/public key files and Android APK files.

IDontSpeakSSL on offsec.tools
IDontSpeakSSL

Simple tool to scan large scope and provide SSL/TLS vulnerabilities.

GyoiThon on offsec.tools
GyoiThon

Growing penetration test tool using Machine Learning.

CTFR on offsec.tools
CTFR

Abusing Certificate Transparency logs for getting HTTPS websites subdomains.

mitmproxy on offsec.tools
mitmproxy

An interactive TLS-capable intercepting HTTP proxy.

#mitm   #proxy   #ssl   #tls  

Certificate Ripper on offsec.tools
Certificate Ripper

A CLI tool to extract server certificates.

Sub3 Suite on offsec.tools
Sub3 Suite

A free, open source, cross platform Intelligence gathering tool.

Substr3am on offsec.tools
Substr3am

Passive reconnaissance/enumeration of interesting targets by watching for SSL certificates.

sslscan on offsec.tools
sslscan

Tests SSL/TLS enabled services to discover supported cipher suites.

#ssl  

SSLyze on offsec.tools
SSLyze

Fast and powerful SSL/TLS scanning library.

#ssl  

cero on offsec.tools
cero

Scrape domain names from SSL certificates of arbitrary hosts.