• Categories
  • Tools

    Below is a catalogue of different security tools, products, and services that I use in my work and personal life. These tools are being referenced as a convenience for informational purposes only and do not necessarily constitute an endorsement.

    Racoon

    Racoon is an APK Downloader for Windows, Linux and MacOS allowing you to download the latest free and paid Android...

    Shodan

    Shodan is a search engine, like Google, but instead of searching for websites, it searches for internet-connected...

    SpiderFoot

    SpiderFoot is a reconnaissance tool that automatically queries over 100 public data sources (OSINT) to gather intelligence...

    PublicWWW

    PublicWWW is a search engine for source code that finds any alphanumeric snippet, signature or keyword in web pages...

    GrayhatWarfare

    GrayhatWarfare is a searchable database where a list of open S3 buckets can be found. Amazon's S3 cloud storage,...

    BuiltWith

    BuiltWith checks websites for snippets of code or tags related to some technologies. Since that data is publicly...

    WPScan

    WPScan is an open source WordPress security scanner. You can use it to scan your WordPress website for known vulnerabilities...

    PingCastle

    PingCastle is a free, Windows-based utility to audit the risk level of your AD infrastructure and check for vulnerable...

    urlscan.io

    urlscan.io is a free service to scan and analyse websites. When a URL is submitted to urlscan.io, an automated...

    crt.sh

    A popular CT search tool is crt.sh. Subdomains can be detected using Certificate Transparency (CT). SSL/TLS certificates...

    CanaryTokens

    CanaryTokens, also known as honeytokens, are not new but can be useful as a source of information. They can be...

    Distill

    Distill is a service that allows customers to monitor and track changes to content within web apps (frontend)....