Utilities

PRISM BREAK

Bug bounty programs | Cheat sheet | Data breach / Data leak | Decoder/Packer/Unpacker | Defaced websites archives | DNS utilities | Domain reputation | Exploits and vulnerabilities | Free shell | Generic utilities | Honeypots | HTTP headers | Mail utilities | Malware scanner | Malware sources | Microsoft free tools | Mozilla Add-ons | Port scanner | Sandbox | Security challenges online | SSL attacks | Tor resources | Vulnerable environments | Wide scan

Bug bounty programs

NameURL
Bugcrowd bugcrowd.com 
Bugsheet bugsheet.com/ 
HackerOne hackerone.com/ 
W4rri0r w4rri0r.com 

Cheat sheet

NameURL
Owasp cheat sheet series owasp.org 
Owasp web application owasp.org 
Packetlife packetlife.net 
Pentestmonkey pentestmonkey.net 
PHP best practises thisinterestsme.com/ 
SANS pen-testing.sans.org 
SANS Penetration Testing pen-testing.sans.org 
SecLists fuzzing github.com/danielmiessler 
Websec SQL injection websec.ca/kb/sql_injection 
XSS cheat sheet owasp.org 
XSS Protection Cheat Sheet for Developers exploit-db.com 

Data breach / Data leak

NameURL
Databreaches databreaches.net/ 
DataLossDB datalossdb.org/ 
Dumpmon twitter.com/dumpmon 
Hashfind hashfind.net/ 
Haveibeenpwned haveibeenpwned.com/ 
Lastpass lastpass.com/ 
Leakedin leakedin.com/ 
PastebinDorks twitter.com/Pastebindorks 
PastebinLeaks twitter.com/PastebinLeaks 

Decoder/Packer/Unpacker

NameURL
Dencoder  meyerweb.com/eric/tools/dencoder/ 
HEXdecoder ddecode.com/hexdecoder/ 
JavaScript Compressor dean.edwards.name/packer/ 
Jjencode utf-8.jp/public/jjencode.html 
JSFuck jsfuck.com/ 
Jsobfuscate jsobfuscate.com/ 
Jsunpack jsunpack.jeek.org/dec/go 
Hackvertor businessinfo.co.uk/labs/hackvertor 
Netteleuthe netteleuthe.de/gc/ 
Ottodestruct ottodestruct.com/ 
PHP decoder defense.ballastsecurity.net/decoding/ 
PHPdecoder ddecode.com/phpdecoder/ 
Wepawet wepawet.iseclab.org/ 
Xlate home.paulschou.net/tools/xlate/ 
YGN encoding yehg.net/encoding/ 

Defaced websites archives

NameURL
Attrition attrition.org/mirror/ 
Bugs Collector bugscollector.com 
Hack-DB hack-db.com/ 
XSSed xssed.com/ 
XSSposed xssposed.org/ 
Zone-H zone-h.org/ 

DNS utilities

NameURL
 
DNSBL dnsbl.info/dnsbl-database-check.php 
Kloth kloth.net 
IntoDNS intodns.com/ 
M.F. openresolvers dns.measurement-factory.com/ 
OpenDNS opendns.com/ 
Robtex dns.robtex.com 
ViewDNS viewdns.info/ 

Domain reputation

Exploits and vulnerabilities

Free shell

NameURL
Devio.us (OpenBSD) devio.us/ 
FreeShells (list) freeshells.info/ 
Red-pill shells.red-pill.eu/ 
SDF (NetBSD) freeshell.org/ 

Generic utilities

NameURL
Adservers list pgl.yoyo.org/adservers/ 
BGP Toolkit bgp.he.net/ 
Browserling browserling.com/ 
Check-host/ check-host.net/ 
Clean MX support.clean-mx.de/clean-mx 
Codepad codepad.org/ 
CrackStation crackstation.net/ 
CVEdetails cvedetails.com/ 
Decrypt gzinflate tareeinternet.com/scripts/decrypt.php 
Dirk-loss dirk-loss.de/ 
Easycalculation easycalculation.com 
Exposed Botnets exposedbotnets.com/ 
Kon-Boot piotrbania.com/all/kon-boot/ 
Hurl hurl.it/ 
Internet-Wide Scan Data Repository scans.io/ 
IPVoid ipvoid.com/ 
Leakedin leakedin.com/ 
LongURL longurl.org/ 
Magic-net (blacklist check) magic-net.info 
MAC_Find coffer.com/mac_find/ 
MAC_Search hwaddress.com 
MD5hash md5-hash.com/ 
Mibbit mibbit.com/ 
Microsoft security scanner microsoft.com/security 
Microsoft threat microsoft.com/security 
Mockaroo random test data generator mockaroo.com/ 
Mozilla plugin check mozilla.org/it/plugincheck/ 
Whatismyipaddress BL whatismyipaddress.com/ 
Mywot mywot.com/ 
Myipneighbors myipneighbors.com/ 
Network Total networktotal.com/ 
NameChk namechk.com/ 
Nmap-parser nmap-parser.org/ 
Open NTP Project openntpproject.org/ 
Pastebin pastebin.com/ 
PasteLert andrewmohawk.com/pasteLert/ 
Ping.eu ping.eu/ 
PluginDetect pinlady.net/PluginDetect/ 
Project Honeypot projecthoneypot.org/ 
Query NTP keetweej.vanheusden.com/query_ntp.php 
Robtex robtex.com/ 
Router-defaults router-defaults.com/ 
Routerpwn routerpwn.com 
Sandsprite sandsprite.com/shellcode_2_exe.php 
Scanplanner scanplanner.com/ 
Scritch guess.scritch.org/ 
Seclist Fuzzing github.com/danielmiessler/SecLists/ 
Seclist online-tools seclist.us/online-tools 
SecurityHeaders securityheaders.com/ 
Serversniff serversniff.net 
Sucuri sitecheck.sucuri.net/scanner/ 
SSLtest ssllabs.com/ssltest/analyze.html 
Sysinternals blogs.technet.com/b/sysinternals/ 
Uptimerobot uptimerobot.com/ 
URLFind urlfind.org/ 
UrlQuery urlquery.net/ 
User-Agent Parser user-agent-string.info/parse 
Vulnerabilityassessment vulnerabilityassessment.co.uk 
W3dt w3dt.net/ 
Web-sniffer web-sniffer.net/ 
Whitefirdesign whitefirdesign.com 
WSUS Offline wsusoffline.net/ 
XSS cheat sheet owasp.org 
ZeroBin zerobin.net/ 

Honeypots

HTTP headers

NameURL
Ibuildings ibuildings.nl/blog/2013/03/4-http-security-headers-you-should-always-be-using 
Owasp owasp.org/index.php/List_of_useful_HTTP_headers 
Security Headers securityheaders.com/ 
Veracode blog.veracode.com 
Whitehatsec blog.whitehatsec.com/list-of-http-response-headers/ 

Mail utilities

NameURL
10 Minute Mail 10minutemail.com 
DNSBL dnsbl.info/dnsbl-database-check.php 
M.F. openresolvers dns.measurement-factory.com/ 
Mxtoolbox mxtoolbox.com/ 
Open relay test mailradar.com 
Open recursive prokect openresolverproject.org/ 
Openresolver JP openresolver.jp/en/ 

Malware scanner

Malware sources

Microsoft free tools

Mozilla add-ons

Port scanner

Sandbox

Security challenges online

SSL attacks

Tor resources

NameURL
Ahmia (Tor Hidden Service (.onion) search) ahmia.fi 
Onion Mail onionmail.info/ 
Tails blog.torproject.org/blogs/tails 
Tor2Web tor2web.org/ 
Tor Project torproject.org/ 

Vulnerable environments

Wide Scan

NameURL
Scans.io scans.io/ 
Sonar Labs Rapid7 sonar.labs.rapid7.com/ 

Codes


Metasploit contribution | Metasploit experiments | NMAP NSE script | Bettercap contribution | Generic codes | Perl modules | Miscellaneous stuff

Metasploit contribution

Name Path
Anonymous FTP Access Detection auxiliary/scanner/ftp/anonymous 
AWStats configdir Remote Command Execution exploits/unix/webapp/awstats_configdir_exec 
Chargen Probe Utility auxiliary/scanner/chargen/chargen_probe 
FrontPage Server Extensions Anonymous Login Scanner auxiliary/scanner/http/frontpage_login 
HP LaserJet Printer SNMP Enumeration auxiliary/scanner/snmp/snmp_enum_hp_laserjet 
HTTP Open Proxy Detection auxiliary/scanner/http/open_proxy 
JBoss Status Servlet Information Gathering auxiliary/scanner/http/jboss_status 
NTP Monitor List Scanner auxiliary/scanner/ntp/ntp_monlist 
PAJAX Remote Command Execution exploits/unix/webapp/pajax_remote_exec 
phpMyAdmin Authenticated Remote Code Execution exploit/multi/http/phpmyadmin_null_termination_exec 
Printer Directory Listing Scanner auxiliary/scanner/printer/printer_list_dir 
Printer Environment Variables Scanner auxiliary/scanner/printer/printer_env_vars 
Printer File Download Scanner auxiliary/scanner/printer/printer_download_file 
Printer Ready Message Scanner auxiliary/scanner/printer/printer_ready_message 
Printer Volume Listing Scanner auxiliary/scanner/printer/printer_list_volumes 
Printer Version Information Scanner auxiliary/scanner/printer/printer_version_info 
Simple PHP Blog 0.4.0 Remote Command Execution exploits/unix/webapp/sphpblog_file_upload 
SNMP Enumeration Module auxiliary/scanner/snmp/snmp_enum 
SNMP Set Module auxiliary/scanner/snmp/snmp_set 
TikiWiki Information Disclosure auxiliary/admin/tikiwiki/tikidblib 
TikiWiki jhot Remote Command Execution exploits/unix/webapp/tikiwiki_jhot_exec 
TikiWiki tiki-graph_formula Remote PHP Code Execution exploits/unix/webapp/tikiwiki_graph_formula_exec 
Tomcat Administration Tool Default Access auxiliary/admin/http/tomcat_administration 
Tomcat Application Manager Login Utility auxiliary/scanner/http/tomcat_mgr_login 
VNC Authentication None Detection auxiliary/scanner/vnc/vnc_none_auth 
Webmin File Disclosure auxiliary/admin/webmin/file_disclosure 
Wireshark chunked_encoding_dissector function DOS auxiliary/dos/wireshark/chunked 
WordPress Symposium Plugin SQL Injection auxiliary/admin/http/wp_symposium_sql_injection 

Metasploit experiments

Name Path
Rc file used to check web servers automatically auto_http_light.rc 
Rc file used to gath info by Jboss status servlet jboss-scan 
Class formats text... text.rb 
SMTP Open Relay Server Detection smtp_open_relay1 
SMTP Open Relay Server Detection smtp_open_relay2 
US female names list names_female_us.txt 
US male names list names_male_us.txt 
US surname list names_surname_us.txt 
[Exploit Pack for Metasploit - Collection of modules gathered across time and internets (by Mubix)]

NMAP NSE script

Name Description
chargen  Script to identify open chargen service checking the answer
http-status  Script to identify Apache/Tomcat/Jboss Server server-status pages
dns-open-resolver  Script to identify open DNS resolvers

Bettercap contribution

Name Description
htmlmail.rb  HTML email address parser
htmlphone.rb  HTML email address parser
htmltitle.rb  HTML title response parser
snmp_protocol.rb  SNMP protocol parser
snmp_sniffer.rb  SNMP community string parser

Generic codes

Name Description
apache_gnuplot.sh  Bash script to parse Apache access log (CLF) and get total requests and bandwidth with Gnuplot charts (requests, bandwidth)
appar  Perl script to parse Apache access log (CLF) and migrate it to MySQL
atrax  A simple web spider useful during a penetration test
backup.ps1  Powershell script to backup files and directories
bind_stats  Simple DNS Bind log parser (top FQDN,src,type,src port,src flag)
check_routing_loop  Scapy script useful to identify routing loops through ICMP time exceeded
CVE-2011-3192  Apache Remote Denial of Service
CVE-2014-3704  Drupal Core SQL Injection Vulnerability
CVE-2014-6271  Bash 'Shellshock' Vulnerability
CVE-2015-1635  MS15-034 HTTP.sys IIS DoS
CVE-2016-5734  phpMyAdmin 4.6.2 - Authenticated Remote Code Execution
CVE-2017-5638  Apache Struts Jakarta Multipart Parser OGNL Injection
CVE-2018-7600  Drupal: unsanitized requests allow remote attackers to execute arbitrary code
curl_http_code  Bash script to retrieve HTTP codes
curl_http_headers  Bash script to retrieve HTTP headers
curl_http_title  Bash script to retrieve HTTP title
dns_amply, dns_amply_domain  Search DNS server that respond at 'any +dnssec +ignore' requests. Useful to choose a good server and domain to use during a DNS Amplification Attacks.
dns_tail_block  DNS Bind log parser and iptables block
dnsbrute  Bash script to automate the discovery tasks
extract_ip  Perl script to extract IP address from text
firehol  Perl script to download and check IP address from FireHOL lists
googlegath  Shows the first 100 google results and...
hidester_checker  Simple Perl script for fetching some proxies...
host_info  Perl script to obtain DNS/ASN/GEO info from a IP/FQDN address list
jboss-status-gath  Jboss status servlet clients info gathering
inetsim_smtp_parser  Inetsim SMTP log parser
ip_catcher  Bash script to extract IP address
ip_create_list  Perl script to create IP address list
meta-generator  Recon-ng auxiliary module. Checks for 'meta generator' tags. Useful to identify CMS
nmap_parser  Nmap parser written in Ruby using Nmap::Parser library
phpinfo  PHP shell with IP and User-Agent filter
pkg_search  Packages finder for OpenBSD
robotscan  Robots.txt audit bash script
router_reboot  Wireless Modem Router N300 rebooter
sap-tcodes  Bash script to obtain informations about SAP transaction via tcodesearch.com
sniffme  A rude sniffer for jailbroken iPhone written on a gloomy day!
snmpcheck  Perl script to enumerate information via SNMP protocol
snmpscan  SNMP multithread scanner written in Perl
snmpsize  A rudimentary snmpwalk-like with scapy. Useful to choose a good OID to use during a SNMP reflected amplification DDos attack
sql_load_file  Simple MySQL Injection load_file() fuzzer
SSHGuessable  Simple Ruby SSH bruteforcer (guessable user)
ssl_cert_details  Perl script to get SSL certificate details
training_dump  Bash script to extract results from Runner's world training XML log
twitter_monitor  Perl script to monitor your followers on Twitter filtering/excluding for keywords (DBM support)
webss  Perl script to scan web site
wext  Perl script to help you while testing HTTP related stuff
xor  Ruby script to decrypt payload encrypted using XOR (XOR DDoS botnet)

Perl modules

Name Description
Mail-Maps-Lookup  Query the MAPS lookup service via DNS
Mail-OpenRelay-Simple  Check if a mail server runs as an open relay
WWW-UserAgent-Random  Perl extension to generate random User Agent

Miscellaneous stuff

Name Description
cntlm.ini, stunnel_server.conf, stunnel_client.conf  Cntlm + Stunnel settings
dionaea_installation, dionaea.cfg  Dionaea installation notes - Ubuntu 16.04.3 LTS
honeypot_telnet  AppArmor config file
OpenBSD/game boy advanced sp  my 2004 April fools' day with Slashdot effect! :)
rc.host.iptables  sample iptables rules for host firewall (kernel options,honeypot,limit,log) 
references  some references to my site or my tools 
report_email  Cowrie SSH honeypot daily report (HTML format)
SNMP Reflected Amplification DDoS Attack  rainy day considerations... :)
User-Agent list  User-Agent collected on nothink.org
virustotal_report  Python script to query VirusTotal for reports