Infosec Tools

Below you’ll find a list of information security tools I use for assessments, investigations and other cybersecurity tasks. Also worth checking out is CISA’s list of free cybersecurity services and tools.

OSINT / Reconnaissance

• AbuseIPDB - Check IP address, domain name or subnet.
• American Registry for Internet Numbers (ARIN) - Nonprofit, member-based organization that administers IP addresses & ASNs in support of the operation and growth of the Internet.
• Better Whois - The whois domain search that works with all registrars.
• CertDB - A searcheable database of the internet’s SSL/TLS certificate names.
• Crunchbase - Discover innovative companies and the people behind them.
• Cylect.io - Ultimate OSINT searching tool.
• DataBreaches.net - Information on corporate security breaches.
• DomainTools - Whois lookup, domain availability and IP search tools.
• DorkSearch.com - Faster Google Dorking.
• DNSDumpster - DNS recon & research, find & lookup dns records.
• DNSViz - Tool for visualizing the status of a DNS zone.
• dnsqueries.com - Collection of online network tools.
• Google Advanced Search Operators - A resource for doing advanced Google searches.
• grep.app - Search across a half million git repos.
• GSA eLibrary - Source for the latest GSA contract award information.
• Have I Been Squatted? - Check if your domain has been squatted.
• Hunter - Search for professional email addresses.
• Hurricane Electric BGP Toolkit
• IntelligenceX - Search Tor, I2P, data leaks, domains, and emails.
• IPSpy.net
• LeakIX - Search publicly indexed information.
• LexisNexis® Academic & Library Solutions - Search tool for academic documents.
• merox.io - DNS security and DMARC
• MetaOSINT - Aggregation of “top” tools & resources intended to help jumpstart OSINT investigations.
• MX Lookup Tool - Check your DNS MX records online.
• Netcraft - Collection of internet security services.
• Network Solutions - Whois lookup for domain registration information.
• NetworkScan - IP Lookups for Open Ports
• NsLookup - Online tool for querying DNS servers.
• Online Whois Tool
• OSINT Framework
• PublicWWW - Find any alphanumeric snippet, signature or keyword in the web pages HTML, JS and CSS code.
• Ransomwhere - Open, crowdsourced ransomware payment tracker.
• RIPE Network Coordination Centre - Organization that allocates and registers blocks of Internet number resources to ISPs and other organizations.
• searchcode - Search 75 billion lines of code from 40 million projects.
• SEC eFilings (EDGAR) - Electronic Data Gathering, Analysis and Retrieval system.
• Wayback Machine - The archive for the Internet and a time machine for the web.
• who.is - Whois search, domain name, website and IP tools.
• Wigle.net - Database of wireless networks.
• Worldwide OSINT tools map - Phonebooks, cadastral maps, vehicle numbers databases, business registries, passengers lists, court records and much more.
• ZoomEye - Target information search.

Scanning / Enumeration

• Censys Search - Search IP address, name, protocol or field.
• CriminalIP - Search for information about assets connected to the public Internet.
• crt.sh - Certificate search.
• CRXcavator - Chrome extension scanning.
• FullHunt - Attack Surface Enumerator.
• GreyNoise - Internet-connected devices.
• ꓘamerka and ꓘamerka lite - Public ICS identification
• MX Toolbox
• Netlas - Search and monitor internet connected assets.
• Security Headers | Probely - Analyze HTTP headers.
• SecurityTrails - Attack surface scanning.
• Shodan - Search engine for internet-connected devices.
• Shodan | InternetDB - Fast way to see the open ports for an IP address.
• SSL Checker - SSL certificate verification.
• SSL Server Test - Tool from Qualys to perform deep analysis of the configuration of an SSL web server.
• urlscan.io - Scan and analyze websites.
• Wappalyzer - Identify technologies on websites.

Phishing

• ExpiredDomains.net - Expired domain name search engine.

Exploits

• Bug Bounty Hunting Search Engine - Search for writeups, payloads, bug bounty tips, and more…
• CP-R Evasion Techniques
• DROPS - Dynamic CheatSheet/Command Generator
• ExploitDB - Huge repository of exploits from Offensive Security.
• files.ninja - Upload any file and find similar files.
• Google Hacking Database (GHDB) - A list of Google search queries used in the OSINT phase of penetration testing.
• GTFOBins - Curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems.
• Hijack Libs - Curated list of DLL Hijacking candidates.
• Living Off Trusted Sites (LOTS) Project - Repository of popular, legitimate domains that can be used to conduct phishing, C², exfiltration & tool downloading while evading detection.
• LOLBAS - Curated list of Windows binaries that can be used to bypass local security restrictions in misconfigured systems.
• SPLOITUS - Exploit search database.
• XSSed - Information on and an archive of Cross-Site-Scripting (XSS) attacks.

Password

• Have I been pwned? - Check if you have an account that has been compromised in a data breach.
• Ultra High Security Password Generator - Generate long, high-quality, random passwords.

Vulnerability Catalogs & Tools

• BugTraq - formerly SecurityFocus
• CISA Alerts - Providing information on current security issues, vulnerabilities and exploits.
• CPR-Zero - Check Point Research Vulnerability Repository
• CVE - Common Vulnerabilities and Exposures (CVE) - CVE respository from MITRE.
• CVE Search - National Vulnerability Database.
• CVE Trends - crowdsourced CVE intel.
• CVSS Version 2 Calculator - Calculate CVSS risk scores.
• Designer Vulnerabilities | Shellsharks - Named vulnerabilities.
• inTheWild - A database of actively exploited vulnerabilities.
• Nessus Plugin Search - A search tool for Nessus plugins.
• OSV | Open Source Vulnerabilities - Vulnerability database for open source projects.
• Packet Storm
• Vulners - Search engine for security intelligence.
• Wordfence Intelligence - Threat intelligence data platform which currently consists of an incredibly comprehensive database of WordPress vulnerabilities.

Red Team

• C2 Matrix

Malware Analysis / Investigation / Intelligence / Forensics

• Alien Vault OTX - Open threat intelligence community.
• Binary Edge - Real-time threat intelligence streams.
• Compiler Explorer - Emulated compilation environment for a variety of assembly languages.
• Control Validation Compass - Threat modeling aide & purple team content repository.
• CyberChef - The cyber swiss army knife.
• CyberOwl - Stay informed on the latest cyber threats.
• EchoTrail - Threat hunting resource used to search for a Windows filename or hash.
• EML analyzer - Heroku-ified, online instance of EML analyzer.
• Ghiro - Forensic analysis
• InQuest Labs - Indicator Lookup.
• MalAPI.io - MalAPI.io maps Windows APIs to common techniques used by malware.
• Malware-Traffic-Analysis.net - A source for pcap files and malware samples.
• Onyphe - Cyber defense search engine.
• ORKL - Library of collective past achievements in the realm of CTI reporting.
• Pulsedive - Threat intelligence.
• Simple Email Reputation - Checks reputation for emails.
• ThreatBook TI - Search for IP address, domain.
• urlquery.net - Free URL scanner that performs analysis for web-based malware.
• VERGILIUS - Take a look into the depths of Windows kernels and reveal more than 60000 undocumented structures.
• VirusTotal - Analyze suspicious files and URLs to detect malware.
• WTFBINS - Catalog benign applications that exhibit suspicious behavior.

Cloud

• Grayhat Warfare - Public Bucket Finder
• OSINT.SH Public Buckets - Public Bucket Finder
• Public Cloud Services Comparison
• S3 Bucket Scanner | purpleleaf - Checks S3 bucket-level permissions that may allow data exposure.

OS / Scripting

• Command line reference - Command line references for Linux, macOS, CMD, PowerShell, Databases, VB Script, ASCII, etc…
• explainshell.com - write down a command-line to see the help text that matches each argument.
• Microsoft MIB Database - A database of SNMP MIBs.

Regex

• RegExr - Learn, build and test RegEx.
• regex101

Sec Blogs

Check out this huge list of infosec blogs.

Programming

• carbon - Create and share beautiful images of source code.
• W3 Validator - Check HTML to see if it is W3 compliant.

Assembly / Reverse Engineering

• Decimal/Two’s Complement Converter
• Disasm.pro
• IEEE 754 Converter - Convert between decimal representation and binary format used by modern CPUs.
• IEEE-754 Floating-Point Conversion - Convert from decimal floating-point to 32-bit and 64-bit hex representations along with their binary equivalents.
• MIPS Converter - Convert from MIPS instructions to hex and back again.
• Terminus Project - Automatically generated diff of Windows structures.

Other

• 2FA day
• Assetnote Wordlists | Commonspeak2 - Assorted automatically generated wordlists.
• Engineering Festivus - The only thing 2020 needed is Seinfeld making a career change and getting into tech.
• EPSS Calculator | Kenna - EPSS calculator.
• Hacker Strategies - Inspiration for when you’re stuck.
• HTTP Cats
• Infosec Blogs List | Shellsharks - An Expansive Collection of Cybersecurity Content from Across the Web
• LIVEDOM.NG
• offsec.tools - A vast collection of security tools.
• Open Source Security Index - The Most Popular & Fastest Growing Open Source Security Projects on GitHub
• Passkeys.directory - Websites, apps and services using passkeys for authentication
• policymaker | disclose.io - Policy generator for anyone launching a vulnerability disclosure program (VDP).
• Rawsec’s CyberSecurity Inventory - An inventory of tools and resources about CyberSecurity.
• ShittySecrets.dev - Real stories from real developers that are dealing with hardcoded secrets in source code.
• The SSO Wall of Shame - A list of vendors that treat single sign-on as a luxury feature, not a core security requirement.
• What’s My IP Address? - A number of interesting tools including port scanners, traceroute, ping, whois, DNS, IP identification and more.
• WPHash - Indexing over 75 million WordPress plugin hashes.