Infosec Tools
Below you’ll find a list of information security tools I use for assessments, investigations and other cybersecurity tasks. Also worth checking out is CISA’s list of free cybersecurity services and tools.
OSINT / Reconnaissance
- AbuseIPDB - Check IP address, domain name or subnet.
- American Registry for Internet Numbers (ARIN) - Nonprofit, member-based organization that administers IP addresses & ASNs in support of the operation and growth of the Internet.
- Better Whois - The whois domain search that works with all registrars.
- CertDB - A searcheable database of the internet’s SSL/TLS certificate names.
- Crunchbase - Discover innovative companies and the people behind them.
- Cylect.io - Ultimate OSINT searching tool.
- DataBreaches.net - Information on corporate security breaches.
- DomainTools - Whois lookup, domain availability and IP search tools.
- DorkGenius - Generate custom dorks for Google, Bing, DuckDuckGo, & more!
- DorkSearch.com - Faster Google Dorking.
- DNSDumpster - DNS recon & research, find & lookup dns records.
- DNSViz - Tool for visualizing the status of a DNS zone.
- dnsqueries.com - Collection of online network tools.
- Google Advanced Search Operators - A resource for doing advanced Google searches.
- grep.app - Search across a half million git repos.
- GSA eLibrary - Source for the latest GSA contract award information.
- Have I Been Squatted? - Check if your domain has been squatted.
- Hunter - Search for professional email addresses.
- Hurricane Electric BGP Toolkit
- IntelligenceX - Search Tor, I2P, data leaks, domains, and emails.
- IPSpy.net
- LeakIX - Search publicly indexed information.
- LexisNexis® Academic & Library Solutions - Search tool for academic documents.
- Map IPs - Paste up to 500,000 IPs below to see where they’re located on a map.
- merox.io - DNS security and DMARC
- MetaOSINT - Aggregation of “top” tools & resources intended to help jumpstart OSINT investigations.
- MX Lookup Tool - Check your DNS MX records online.
- Netcraft - Collection of internet security services.
- Network Solutions - Whois lookup for domain registration information.
- NetworkScan - IP Lookups for Open Ports
- NsLookup - Online tool for querying DNS servers.
- Online Whois Tool
- OSINT Framework
- OSINT Industries - Gateway to email-based research.
- PublicWWW - Find any alphanumeric snippet, signature or keyword in the web pages HTML, JS and CSS code.
- Ransomwhere - Open, crowdsourced ransomware payment tracker.
- RIPE Network Coordination Centre - Organization that allocates and registers blocks of Internet number resources to ISPs and other organizations.
- searchcode - Search 75 billion lines of code from 40 million projects.
- SEC eFilings (EDGAR) - Electronic Data Gathering, Analysis and Retrieval system.
- SnusBase - Data breach search engine.
- Wayback Machine - The archive for the Internet and a time machine for the web.
- WhatsMyName - Enumerate usernames across many websites
- who.is - Whois search, domain name, website and IP tools.
- Wigle.net - Database of wireless networks.
- Worldwide OSINT tools map - Phonebooks, cadastral maps, vehicle numbers databases, business registries, passengers lists, court records and much more.
- ZoomEye - Target information search.
Scanning / Enumeration
- Censys Search - Search IP address, name, protocol or field.
- CensysGPT Beta - CensysGPT beta simplifies building queries and empowers users to conduct efficient and effective reconnaissance operations.
- CriminalIP - Search for information about assets connected to the public Internet.
- crt.sh - Certificate search.
- CRXcavator - Chrome extension scanning.
- FullHunt - Attack Surface Enumerator.
- GreyNoise - Internet-connected devices.
- ꓘamerka and ꓘamerka lite - Public ICS identification
- MX Toolbox
- Netlas - Search and monitor internet connected assets.
- Security Headers | Probely - Analyze HTTP headers.
- SecurityTrails - Attack surface scanning.
- Shodan - Search engine for internet-connected devices.
- Shodan | InternetDB - Fast way to see the open ports for an IP address.
- SSL Checker - SSL certificate verification.
- SSL Server Test - Tool from Qualys to perform deep analysis of the configuration of an SSL web server.
- urlscan.io - Scan and analyze websites.
- Wappalyzer - Identify technologies on websites.
Phishing
- ExpiredDomains.net - Expired domain name search engine.
Exploits
- Bug Bounty Hunting Search Engine - Search for writeups, payloads, bug bounty tips, and more…
- CP-R Evasion Techniques
- DROPS - Dynamic CheatSheet/Command Generator
- ExploitDB - Huge repository of exploits from Offensive Security.
- files.ninja - Upload any file and find similar files.
- Google Hacking Database (GHDB) - A list of Google search queries used in the OSINT phase of penetration testing.
- GTFOArgs - Curated list of Unix binaries that can be manipulated for argument injection.
- GTFOBins - Curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems.
- Hijack Libs - Curated list of DLL Hijacking candidates.
- Living Off Trusted Sites (LOTS) Project - Repository of popular, legitimate domains that can be used to conduct phishing, C2, exfiltration & tool downloading while evading detection.
- LOLBAS - Curated list of Windows binaries that can be used to bypass local security restrictions in misconfigured systems.
- LOOBins - Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in macOS binaries and how they can be used by threat actors for malicious purposes.
- SPLOITUS - Exploit search database.
- XSSed - Information on and an archive of Cross-Site-Scripting (XSS) attacks.
Password
- Have I been pwned? - Check if you have an account that has been compromised in a data breach.
- Ultra High Security Password Generator - Generate long, high-quality, random passwords.
Vulnerability Catalogs & Tools
- BugTraq - formerly SecurityFocus
- CISA Alerts - Providing information on current security issues, vulnerabilities and exploits.
- CPR-Zero - Check Point Research Vulnerability Repository
- CVE - Common Vulnerabilities and Exposures (CVE) - CVE respository from MITRE.
- CVE Search - National Vulnerability Database.
- CVE Trends - crowdsourced CVE intel.
- CVSS Version 2 Calculator - Calculate CVSS risk scores.
- Designer Vulnerabilities | Shellsharks - Named vulnerabilities.
- inTheWild - A database of actively exploited vulnerabilities.
- Nessus Plugin Search - A search tool for Nessus plugins.
- OSV | Open Source Vulnerabilities - Vulnerability database for open source projects.
- Packet Storm
- Vulners - Search engine for security intelligence.
- Wordfence Intelligence - Threat intelligence data platform which currently consists of an incredibly comprehensive database of WordPress vulnerabilities.
Red Team
- Atomic Red Team
- C2 Matrix
- Living Off The Land Drivers - Curated list of Windows drivers used by adversaries to bypass security controls and carry out attacks.
- Unprotect Project - Search Evasion Techniques.
- WADComs - Curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.
Malware Analysis / Investigation / Intelligence / Forensics
- Alien Vault OTX - Open threat intelligence community.
- Binary Edge - Real-time threat intelligence streams.
- Compiler Explorer - Emulated compilation environment for a variety of assembly languages.
- Control Validation Compass - Threat modeling aide & purple team content repository.
- CyberChef - The cyber swiss army knife.
- CyberOwl - Stay informed on the latest cyber threats.
- EchoTrail - Threat hunting resource used to search for a Windows filename or hash.
- EML analyzer - Heroku-ified, online instance of EML analyzer.
- filesec.io - Latest file extensions being used by attackers.
- Ghiro - Forensic analysis
- InQuest Labs - Indicator Lookup.
- MalAPI.io - MalAPI.io maps Windows APIs to common techniques used by malware.
- Malware-Traffic-Analysis.net - A source for pcap files and malware samples.
- Onyphe - Cyber defense search engine.
- ORKL - Library of collective past achievements in the realm of CTI reporting.
- Pulsedive - Threat intelligence.
- Simple Email Reputation - Checks reputation for emails.
- ThreatBook TI - Search for IP address, domain.
- urlquery.net - Free URL scanner that performs analysis for web-based malware.
- VERGILIUS - Take a look into the depths of Windows kernels and reveal more than 60000 undocumented structures.
- VirusTotal - Analyze suspicious files and URLs to detect malware.
- WTFBINS - Catalog benign applications that exhibit suspicious behavior.
- YaraDbg - Web-based Yara debugger to help security analysts to write hunting or detection rules.
Cloud
- Grayhat Warfare - Public Bucket Finder
- OSINT.SH Public Buckets - Public Bucket Finder
- Public Cloud Security Breaches
- Public Cloud Services Comparison
- S3 Bucket Scanner | purpleleaf - Checks S3 bucket-level permissions that may allow data exposure.
OS / Scripting
- Command line reference - Command line references for Linux, macOS, CMD, PowerShell, Databases, VB Script, ASCII, etc…
- explainshell.com - write down a command-line to see the help text that matches each argument.
- Microsoft MIB Database - A database of SNMP MIBs.
Regex
Sec Blogs
Check out this huge list of infosec blogs.
Programming
- carbon - Create and share beautiful images of source code.
- W3 Validator - Check HTML to see if it is W3 compliant.
Assembly / Reverse Engineering
- Decimal/Two’s Complement Converter
- Disasm.pro
- IEEE 754 Converter - Convert between decimal representation and binary format used by modern CPUs.
- IEEE-754 Floating-Point Conversion - Convert from decimal floating-point to 32-bit and 64-bit hex representations along with their binary equivalents.
- Linux kernel syscall tables
- MIPS Converter - Convert from MIPS instructions to hex and back again.
- Terminus Project - Automatically generated diff of Windows structures.
- WinDiff
Other
- 1x Engineer
- 2FA day
- Assetnote Wordlists | Commonspeak2 - Assorted automatically generated wordlists.
- Audit Logs Wall of Shame - A list of vendors that don’t prioritize high-quality, widely-available audit logs for security and operations teams.
- bbradar.io - Latest Bug Bounty Programs.
- ChatGPT
- Cyber Threat Name Generator
- Diceware Password Generator - Generate high-entropy passwords the easy way!
- Dumb Password Rules - A compilation of sites with dumb password rules.
- EDR Telemetry - List of telemetry features from EDR products and other endpoint agents.
- Engineering Festivus - The only thing 2020 needed is Seinfeld making a career change and getting into tech.
- EPSS Calculator | Kenna - EPSS calculator.
- Hacker Strategies - Inspiration for when you’re stuck.
- hackerstoolkit - CTF Assistant
- HowFuckedIsMyDatabase
- HTTP Cats
- Infosec Blogs List | Shellsharks - An Expansive Collection of Cybersecurity Content from Across the Web
- infosec-jobs
- InfoSecMap - Mapping out the best InfoSec events and groups!
- Kenny Log-ins
- LIVEDOM.NG
- Nmap in the Movies
- offsec.tools - A vast collection of security tools.
- Open Source Security Index - The Most Popular & Fastest Growing Open Source Security Projects on GitHub
- Passkeys.directory - Websites, apps and services using passkeys for authentication
- policymaker | disclose.io - Policy generator for anyone launching a vulnerability disclosure program (VDP).
- Privacy Guides
- Ransomeware Control Matrix - Cybersecurity framework designed to help organizations defend against ransomware attacks by providing a comprehensive set of controls that can be implemented to reduce the risk of such attacks.
- Ransomware.live
- Rawsec’s CyberSecurity Inventory - An inventory of tools and resources about CyberSecurity.
- ShittySecrets.dev - Real stories from real developers that are dealing with hardcoded secrets in source code.
- The SSO Wall of Shame - A list of vendors that treat single sign-on as a luxury feature, not a core security requirement.
- State Cybercrime Laws : Definitions and Defenses | Sheets
- Stop Silly Security Awards
- Talkback - Smart infosec resource aggregator, designed to help security enthusiasts, practitioners and researchers be more productive.
- What’s My IP Address? - A number of interesting tools including port scanners, traceroute, ping, whois, DNS, IP identification and more.
- WPHash - Indexing over 75 million WordPress plugin hashes.