• Categories
  • Tools

    Below is a catalogue of different security tools, products, and services that I use in my work and personal life. These tools are being referenced as a convenience for informational purposes only and do not necessarily constitute an endorsement.

    crt.sh

    A popular CT search tool is crt.sh. Subdomains can be detected using Certificate Transparency (CT). SSL/TLS certificates...

    urlscan.io

    urlscan.io is a free service to scan and analyse websites. When a URL is submitted to urlscan.io, an automated...

    PingCastle

    PingCastle is a free, Windows-based utility to audit the risk level of your AD infrastructure and check for vulnerable...

    WPScan

    WPScan is an open source WordPress security scanner. You can use it to scan your WordPress website for known vulnerabilities...

    BuiltWith

    BuiltWith checks websites for snippets of code or tags related to some technologies. Since that data is publicly...

    GrayhatWarfare

    GrayhatWarfare is a searchable database where a list of open S3 buckets can be found. Amazon's S3 cloud storage,...

    PublicWWW

    PublicWWW is a search engine for source code that finds any alphanumeric snippet, signature or keyword in web pages...

    SpiderFoot

    SpiderFoot is a reconnaissance tool that automatically queries over 100 public data sources (OSINT) to gather intelligence...

    Shodan

    Shodan is a search engine, like Google, but instead of searching for websites, it searches for internet-connected...

    Racoon

    Racoon is an APK Downloader for Windows, Linux and MacOS allowing you to download the latest free and paid Android...

    IntelOwl

    IntelOwl is an Open Source Intelligence, or OSINT solution to get threat intelligence data about a specific file,...

    Mobile Verification Toolkit (MVT)

    Mobile Verification Toolkit (MVT) is a tool to facilitate the consensual forensic analysis of Android and iOS devices,...