• Categories
  • Tools

    Below is a catalogue of different security tools, products, and services that I use in my work and personal life. These tools are being referenced as a convenience for informational purposes only and do not necessarily constitute an endorsement.

    BuiltWith

    BuiltWith checks websites for snippets of code or tags related to some technologies. Since that data is publicly...

    WPScan

    WPScan is an open source WordPress security scanner. You can use it to scan your WordPress website for known vulnerabilities...

    PingCastle

    PingCastle is a free, Windows-based utility to audit the risk level of your AD infrastructure and check for vulnerable...

    urlscan.io

    urlscan.io is a free service to scan and analyse websites. When a URL is submitted to urlscan.io, an automated...

    crt.sh

    A popular CT search tool is crt.sh. Subdomains can be detected using Certificate Transparency (CT). SSL/TLS certificates...

    CanaryTokens

    CanaryTokens, also known as honeytokens, are not new but can be useful as a source of information. They can be...

    Distill

    Distill is a service that allows customers to monitor and track changes to content within web apps (frontend)....

    CRXcavator

    CRXcavator automatically scans the entire Chrome Web Store every 3 hours and produces a quantified risk score for...

    MISP

    Malware Information Sharing Platform is an open source threat intelligence platform. The project develops utilities...

    Flare VM

    FLARE VM is a freely available and open sourced Windows-based security distribution designed for reverse engineers,...

    Recon-NG

    Recon-NG is a reconnaissance tool with an interface similar to Metasploit. Running Recon-NG from the command line,...

    THC Hydra

    Hydra is a parallelised login cracker which supports numerous protocols to attack. It is very fast and flexible,...