Sponsored by
CredMaster
Launch a password spray / brute force attach via Amazon AWS passthrough proxies, shifting the requesting IP address for every authentication attempt
Tools
Visit site
Any.Run
Run interactive malware analysis, download samples shared in our community, and organize retro hunting
Amass
Performs DNS subdomain enumeration by scraping the largest number of disparate data sources, recursive brute forcing, crawling of web archives, permuting and altering names, reverse DNS sweeping and other techniques
Anevicon
The most powerful UDP-based load generator, written in Rust
Sublist3r
Fast subdomains enumeration tool for penetration testers
Suricata
Suricata is a high performance Network IDS, IPS and Network Security Monitoring engine. Open Source and owned by a community run non-profit foundation, the Open Information Security Foundation (OISF).
Merlin
Merlin is a cross-platform post-exploitation Command & Control server and agent written in Go.
ThreatFox IOCs
Sharing indicators of compromise (IOCs) with the community and threat intelligence providers
URLHaus
Sharing malware distribution sites with the community, AV vendors and threat intelligence providers
MalwareBazaar
Sharing malware samples with the community, AV vendors and threat intelligence providers
AbuseIPDB
Report and find IP addresses that have been associated with malicious activity online
MITRE Caldera
Platform designed to easily automate adversary emulation, assist manual red-teams, and automate incident response
WiGLE
Submission-based catalog of wireless networks
DNSTwist (Repo)
Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
DNSTwist
Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
Domain Wildcarder
A commandline tool to wildcard domain registrations against the RIPE database (com/net only) by @littl3field
Tails
Portable operating system that protects against surveillance and censorship
Kali Linux
Open source Linux distribution geared towards various information security tasks such as Penetration Testing, Security Research, Computer Forensics and Reverse Engineering.
Wireshark
Wireshark is the world’s foremost and widely-used network protocol analyzer.
PSGumshoe
PSGumshoe is a Windows PowerShell module for the collection of OS and domain artefacts for the purposes of performing live response, hunt, and forensics.
Have I Been Pwned
Check if your email or phone is in a data breach
da667’s Sh*tlist
An Open-Source Malware Intelligence collection with additional data and context where available.
Get-iPlayer
Downloads TV and radio programmes from BBC iPlayer/BBC Sounds.
CyberChef
GCHQ’s Cyber Swiss Army Knife – a web app for encryption, encoding, compression and data analysis.
Let’s Encrypt
A nonprofit Certificate Authority providing free TLS certificates to 260 million websites.
Email Blacklist Checker
Test a mail server IP address against over 100 DNS based email blacklists.
VirusShare
Database of malware samples and hashes.
Malware Corpus Tracker
Track malware across the internet.
SecurityHeaders
Analyse HTTP Response headers.
WhatsApp-Archive
Format your exported WhatsApp conversation in HTML.