Link | Description |
---|---|
CRT.sh | Subdomain Lookup via Certificate Transparency |
WebhookSite | POST GET Request Listener |
POSTMAN | POST GET Request Listener |
MS Portals | Microsoft_ Administrator Sites, Training, and Licensing Resources |
Google URLS | Google Routes / Services |
REQBIN | API Requester |
GoLogin | Clean Browser for Configuring Clean Request |
Shodan | Mass Online Device Scanner |
DNS Dumpster | DNS Records |
WHOIS | WHOIS Lookup |
10 Min Mail | 10 Min Email |
Min Mail | Temp Email |
Where Goes | URL Tracer |
Discord Account Lookup | Discord Account Lookup |
Domain Glass | DNS Domain Lookup |
SQL Sandbox | SQL Sandbox |
ConvertJson | JSON to XML |
Paste C | Pastebin |
TermBin | Pastebin |
Pastebin | Pastebin |
GhostPaste | Pastebin |
GhostBin | Pastebin |
JWT.io | JSON Web Token Analyzer |
Web Content Types | Variety of Different Web Content Types |
Known API | Known API Endpoints in Wild |
User Agents | Different user Agent Types |
GET POST PUT DELETE | Plus Many More PLUS Status Codes {200, 400...} |
Header Injections | X-Forwarded-For and Such |
Status Codes | Status Code Cheat Sheet |
Link | Description |
---|---|
Any Run | Interactive Online Malware Sandbox |
Bazaar Abuse | Malware Tracker |
Virus Total | Malware Tracker |
Aperi Solve | Image Investigations |
Meta Data 2 Go | Image MetaData |
Exif Tool Online | Image MetaData |
List for OSINT Tools | List for OSINT Tools |
Flare | Threat Intelligence |
Data Tracker | Document Scraper |
Site Report | Site Report |
Way Back Time Machine | Internet / Webpage Archives |
File Info | Compressed File Types |
Wiki | File Signatures AKA Magic Bytes |
Network Investigations | Network Investigations |
Rapid Save | Reddit Video Download |
Rocket Reach | Company Scraper |
Thats Them | Phone Puller |
Code Beautify | IP to Hex |
IP Convert | IP Convert |
String Length Calculator | String Length Calculator |
ViperMonkey | VBA Emulation Engine with Docker |
SNYK Code Checker | Check Code for Known Vulnerabilities |
Joes | Malware Sandbox |
Link | Description |
---|---|
Hashes | Decrypt Hashes |
Crack Station | Decrypt Hashes |
Hash Cat | Hash Types for Cracking |
DeHashed | De-Hash Passwords |
Hash Rules | Mutation! |
wlm | Word List Manipulator |
WordList | Massive Collection of Wordlist |
Link | Description |
---|---|
Decode Fr | Cipher Identification |
Cyber Chef | Mass Decoder |
Link | Description |
---|---|
AWS EC2 Login | AWS EC2 Login |
EC2 Logs | EC2 Logs |
Event History | Event History |
Cloaking Firewall | Cloaking Firewall |
Public Bucket Data Scraper | Public Bucket Data Scraper |
AWS Price Calc | AWS Price Calc |
Cloudflare | Cloudflare Login |
Link | Description |
---|---|
AI Voice Maker | AI Voice Maker |
ChatGPT | ChatGPT |
Co-Pilot | Co-Pilot |
Bard / Gemini | Bard / Gemini |
Top 10 Exploits on LLMs | Top 10 Exploits on LLMs |
LLM Injections | LLM Injections |
QuilBot | Paraphrasing Tool |
OpenAI Platform | OpenAI Platform |
OpenAI API Keys | OpenAI API Keys |
Raw Image Generator | Just Mofidy the URL Encoding to Bypass Limitations |
Link | Description |
---|---|
EtherScan | Code/Contract Reader |
EVM Bytecode Decompiler | EVM Bytecode Decompiler |
Infura | APIs for Data Scraping |
Link | Description |
---|---|
Jodies Calculator | IP Range Finder |
Hex Packet Decoder | Hex Packet Decoder |
Online Port Scanner | Online Port Scanner |
Online Port Scanner | Online Port Scanner |
Online Port Scanner | Online Port Scanner |
Nmap Cheat Sheet | Nmap Cheat Sheet |
Zone Transfers | Zone Transfers |
Best IP Tracker | Best IP Tracker |
IPs Per Country Tracker | IPs Per Country Tracker |
Ports + Proto | Protocols and Networking Port Cheat Sheet |
Ports + Proto | Massive List with Examples on How to Communicate With Desired Protos/Ports |
Hping3 | NOT ICMP Host Discovery |
tcpdump | Cheat Sheet |
Link | Description |
---|---|
Microsoft Graph API | Pillaging of data from a Microsoft Entra ID (Azure AD) account |
Hack Tricks TTY | Full TTY Shells |
NoPhish | Phish ToolKit |
ZPhisher | ANOTHER Phish Kit |
RevShells | Reverse Shell Generator |
WpScan | Wordpress Exploit Scanner |
XXS Filter Evasion | XXS Filter Evasion |
SQL Injections | SQL Injections |
Login Bypasses | Login Bypasses |
Attacking JSON Web Tokens | Attacking JSON Web Tokens |
GTFOBins | Priv Esc Tactics |
Hack Tricks LFI | Local File Inclusion Attacks |
Hack Tricks SSTI | Server Side Template Injections |
Hack Tricks Command Injections | Command Injections |
Hack Tricks XSS Injections | XSS Injections |
Malicious PDF Generator | Malicious PDF Generator |
Macro Rev Shells | Macro Rev Shells |
VBA Macro RevShell | VBA Macro RevShell |
List of Security Tools | List of Security Tools |
List of Security Tools | List of Security Tools |
Grabify | IP Grabber |
PowerShell Gallery | PowerShell Gallery |
PowerShell Obfuscation | The "Bible" |
CVE Details | CVE Details |
WebShells | WebShells |
WebShell Collection | WebShell Collection |
Exploit DB | Exploit DB for known exploits and details |
Living off the Land Binaries | Stealthy System Enumeration and "living off the land" styles |
PowerShell Injections | PowerShell Injections |
Google Dork Cheat Sheet | Google Dork Cheat Sheet |
Default Credentials | Default Credentials to Many Services |
PayLoadsAllThings | Massive Amount of Pre-Configured Payloads |
Havok | Post Exploitation C2C Framework |
Villian | Post Exploitation C2C Framework + Multi Shell |
ShellCode Storm | Shell Code Injection Payload |
Have I Been PWND? | Email Checker / Data Leak Info |
SMS Bombers | Soooo Many to Pick From! |
Code Cheats | Massive List of Cheats for Many Code Frameworks |
AutoRecon | Network Reconnaissance Tool |
BloodHound | Cheat Sheet for Lookups |
Dystopia | Backdoor Generator "Our goal is to prove that anything can be a C2, if you want to :) " |
Link | Description |
---|---|
View RansomWare Chat Logs | View RansomWare Chat Logs |
RansomWare Attacks and Groups | RansomWare Attacks and Groups |
Groups and Status | Groups and Status |
Group Onion URLS. | Group Onion URLS. |
Ransom Tracker | Tracker and Data |
Tracker Recent | Tracker Recent |
Focused Group Data | Focused Group Data |
Free Decrypt Tools | Free Decrypt Tools for Ransom Malware |
Link | Description |
---|---|
Ahmia Search Engine | Ahmia Search Engine |
Torch Search Engine | Torch Search Engine |
HayStak Search Engine | HayStak Search Engine |
TOR Recorded Links | TOR Recorded Links |
Link | Description |
---|---|
DogBolt | Online Decompile |
PyLingual | PyLingual Python Decompiler |
Decompiler.com | Java Decompiler |
Online Python | Run Python Code |
Programiz | Run Python Code |
RetDec | pen-source decompiler that can convert binary executables back into readable source code. |
Ghidra | Binary Analyzer |
Binary Ninja | Binary Analyzer |
IDA Free | FREE IDA |
GEF | GDB on Roids |
PYDecompile | Decompile PYC Files |
Link | Description |
---|---|
Decode RSA | RSA Factorization |
AES Emoji | AES Emojis |
Decode BrainFuck | Esoteric Programming Language |
Decode Malbolge | Esoteric Programming Language |
Decode COW | Esoteric Programming Language |
Cyber Chef AES Decrypt/Encrypt | Advanced Encryption Standard |
CTF Crypto Challenges | HTB Crypto Solves 50+ |
3 Can Keep A Secret | Håstad's Broadcast Attack |
Attacking RSA | Numerous Attack Vectors on RSA |
Link | Description |
---|---|
Ngrok | Tunneling Service |
Chisel | Reverse Proxy Tunnel |
FRP | Fast Reverse Proxy |
SSH | SSH Tunnel |
LocalExpose | nodejs Binding for LocalXpose |
Link | Description |
---|---|
Notepad ++ | Note Taking |
Obsidian | Note Taking + Canvas Documents |
Cherry Tree | Note Taking |
GhostWriter | PenTest Reporting |
WriteHat | PenTest Reporting |
VECTR | PenTest Reporting |
Link | Description |
---|---|
OSCP Cheat Sheet | OSCP Cheat Sheet |
Vulnerability Scoring System | Vulnerability Scoring System |
Vulnerability Scoring Calc | Vulnerability Scoring Calc |
MITRE ATTACK | MITRE ATTACK |
PTES Technical Guidelines | PTES Technical Guidelines |
Online FlowCharts | Online FlowCharts |
Mural CoTeam Working Environments | CoTeam Working Environments |
Heat Network Map | Heat Network Map |
ISC2 | ISC2 |
Gov Jobs | "Where intelligence goes to work" |
N8N | Process Flow Automation |
Lucid | Flow Charts |
Lucid | Flow Charts |