OSINT Tool: GooFuzz
GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target’s server.
Recon Tool: Sniffer
Sniffer is a network troubleshooting tool that lets you analyze network traffic and processes without loading any kernel modules. With a user-friendly TUI interface, Sniffer captures and records packet information using gopacket.
Malware Analysis Tool: retoolkit
Retoolkit is a Reverse Engineering and Malware Analysis collection of tools on x86 and x64 Windows systems. It aims to provide a set of useful utilities for binary analysis and reverse engineering which includes various tools such as disassemblers, debuggers, and more.
Offensive Security Tool: Go365
Go365 is an Office365 user attack tool and its designed to help security professionals and researchers perform user enumeration and password guessing attacks on organizations that use Office365.
OSINT Tool: wholeaked
wholeaked is designed to help individuals and organizations identify if their email addresses have been exposed in a data breach. The tool works by searching through a database of leaked email addresses and cross-referencing them with the email addresses provided by the user.
Offensive Security Tool: dontgo403
DontGo403 is a tool designed to help Pentesters and Red Teams identify vulnerabilities in web servers that could be exploited to gain unauthorized access to resources. The tool does this by bypassing HTTP error code 403 responses, which are typically used to indicate that a user is not authorized to access a particular resource or webpage.
Offensive Security Tool: Mythic
Mythic is a cross-platform, post-exploit, red teaming framework built with python3, docker, docker-compose, and a web browser UI. It’s designed to provide a collaborative and user friendly interface for operators, managers, and reporting.
Recon Tool: Bad Secrets
Bad Secrets its a pure python library for identifying the use of known or very weak cryptographic secrets across a variety of platforms.
Offensive Security Tool: Nginxpwner
Nginxpwner is a tool to look for common Nginx misconfigurations and vulnerabilities.