This is my categorization for a lot of interesting webs and applications. Feel free to contribute (in the last section you can see how)
- Andriller: Android Forensic Tools
- Awesome Ansible: List of Ansible resources
- Awesome Ansible: List of Ansible resources
- Certified Ethical Hacker (CEH) online practice exam: Practice exam for the CEH.
- Slyth11907 CheatSheets: CheatSheets to help for OSCP preparation.
- HTTrack: Web crawler to mirror a remote page
- Ansible: Simple but powerful provisioning tool.
- Chef: Provisioning tool based on recipes.
- Puppet: Declarative provisioning tool.
- Salt Stack: Remote code execution and provisioning tool.
- Dnslog: Allows to create temporal subdomains, logging all accesses
- Ping.eu: Collection of network tools to be run remotely from the web.
- eGarante: Digital certification of files, emails, etc. to exchange information
- DorkMe: Tool designed with the purpose of making easier the searching of vulnerabilities with Google Dorks, such as SQL Injection vulnerabilities.
- GitMiner: Tool for advanced mining for content on Github
- Email Tracker Pro: Tool to extract details about email headers.
- Getnada: Anonymous emails
- Minimail: Anonymous emails
- mxtoolbox: Web tool to list MX records for a domain in priority order.
- Tempail: Anonymous emails
- Test your Sysadmin Skills: A collection of *nix Sysadmin Test Questions and Answers for Interview/Exam (2018 Edition). Test your knowledge in different fields with these Q/A.
- wafw00f: Identify and fingerprint Web Application Firewall (WAF) products protecting a website.
- wafw00f: Identify and fingerprint Web Application Firewall (WAF) products protecting a website.
- Andriller: Android Forensic Tools
- eGarante: Digital certification of files, emails, etc. to exchange information
- Tineye: Search images in Internet.
- Zone-H: Hacked sites compilation
- Adon90 pentest_compilation: Compilation of commands, tips and scripts to help throughout Vulnhub, Hackthebox, OSCP and real scenarios
- Burntmybagel OSCP-Prep: List of resources to prepare OSCP exam.
- Certified Ethical Hacker (CEH) online practice exam: Practice exam for the CEH.
- Rewardone OSCPRepo: A list of commands, scripts, resources, and more gathered to consolidate for use as OSCP study material
- Test your Sysadmin Skills: A collection of *nix Sysadmin Test Questions and Answers for Interview/Exam (2018 Edition). Test your knowledge in different fields with these Q/A.
- VXVault: Page to get malware for investigation purposes.
- Exiftool: platform-independent Perl library plus a command-line application for reading, writing and editing meta information in a wide variety of files
- Foca: Fingerprinting Organizations with Collected Archives: is a tool used mainly to find metadata and hidden information in the documents its scans
- Metagoofil: information gathering tool designed for extracting metadata of public documents.
- Hershell: Simple TCP reverse shell written in Go.
- Homer: SIP / VoIP Packet Capture & Monitoring.
- ActiveWhois: Network tool for Windows to find any information about the owners of IP address or Internet domain
- Fping: Program to send ICMP echo probes to network hosts, similar to ping, but much better performing when pinging multiple hosts- Homer: SIP / VoIP Packet Capture & Monitoring.
- Internic Whois Search: Entrypoint to search information about Whois
- Ping.eu: Collection of network tools to be run remotely from the web.
- traceroute: Tool to print the route packets trace to network host.
- tracert: Traceroute for Windows.
- Whatweb: Identify the technology stack that powers a website and explore the Web of Things.
- whois: Internet domain name and network number directory service
- Whoises: Entrypoint to search information about Whois
- dig: network administration command-line tool for querying Domain Name System (DNS) servers.
- DNSenum: Multithreaded perl script to enumerate DNS information of a domain and to discover non-contiguous ip blocks
- dnsrecon: DNS Enumeration Script
- mxtoolbox: Web tool to list MX records for a domain in priority order.
- nslookup: Network administration command-line tool available for many computer operating systems for querying the Domain Name System (DNS) to obtain domain name or IP address mapping or for any other specific DNS record.
- Ping.eu: Collection of network tools to be run remotely from the web.
- Adon90 pentest_compilation: Compilation of commands, tips and scripts to help throughout Vulnhub, Hackthebox, OSCP and real scenarios
- Burntmybagel OSCP-Prep: List of resources to prepare OSCP exam.
- Rewardone OSCPRepo: A list of commands, scripts, resources, and more gathered to consolidate for use as OSCP study material
- Slyth11907 CheatSheets: CheatSheets to help for OSCP preparation.
- ActiveWhois: Network tool for Windows to find any information about the owners of IP address or Internet domain
- Automater: URL/Domain, IP Address, and Md5 Hash OSINT tool aimed at making the analysis process easier for intrusion Analysts.
- Awesome OSINT: This is a maintained collection of free actionable resources for those conducting OSINT investigations.
- dig: network administration command-line tool for querying Domain Name System (DNS) servers.
- DNSenum: Multithreaded perl script to enumerate DNS information of a domain and to discover non-contiguous ip blocks
- dnsrecon: DNS Enumeration Script
- DorkMe: Tool designed with the purpose of making easier the searching of vulnerabilities with Google Dorks, such as SQL Injection vulnerabilities.
- Email Tracker Pro: Tool to extract details about email headers.
- Exiftool: platform-independent Perl library plus a command-line application for reading, writing and editing meta information in a wide variety of files
- Foca: Fingerprinting Organizations with Collected Archives: is a tool used mainly to find metadata and hidden information in the documents its scans
- Fping: Program to send ICMP echo probes to network hosts, similar to ping, but much better performing when pinging multiple hosts- GitMiner: Tool for advanced mining for content on Github
- HTTrack: Web crawler to mirror a remote page
- Internic Whois Search: Entrypoint to search information about Whois
- Maltego: Visual link analysis tool with tons of plugins to perform data mining and information gathering
- Metagoofil: information gathering tool designed for extracting metadata of public documents.
- Metasploit: Penetration testing framework
- Monitis traceroute: Visual Traceroute tool.
- mxtoolbox: Web tool to list MX records for a domain in priority order.
- MyIPSuite: Tool to track information about a web. May be discontinued.
- nslookup: Network administration command-line tool available for many computer operating systems for querying the Domain Name System (DNS) to obtain domain name or IP address mapping or for any other specific DNS record.
- One million tweet map: Web to search in tweeter and see the twit location realtime.
- Ping.eu: Collection of network tools to be run remotely from the web.
- recon-ng: Tool for gathering information with Metasploit look & feel.
- Spider Foot: reconnaissance tool that automatically queries over 100 public data sources (OSINT) to gather intelligence on IP addresses, domain names, e-mail addresses, names and more.
- theHarvester: Tool for gathering subdomain names, e-mail addresses, virtual hosts, open ports/ banners, and employee names from different public sources
- Whatweb: Identify the technology stack that powers a website and explore the Web of Things.
- whois: Internet domain name and network number directory service
- Whoises: Entrypoint to search information about Whois
- Metasploit: Penetration testing framework
- Fping: Program to send ICMP echo probes to network hosts, similar to ping, but much better performing when pinging multiple hosts
- Ansible: Simple but powerful provisioning tool.
- Chef: Provisioning tool based on recipes.
- Puppet: Declarative provisioning tool.
- Salt Stack: Remote code execution and provisioning tool.
- Learn python: collection of Python scripts that are split by topics and contain code examples with explanations, different use cases and links to further readings.
- Shodan: Search engine by devices properties: IP, protocols, ports, ...
- Tineye: Search images in Internet.
- Automater: URL/Domain, IP Address, and Md5 Hash OSINT tool aimed at making the analysis process easier for intrusion Analysts.
- Awesome OSINT: This is a maintained collection of free actionable resources for those conducting OSINT investigations.
- Burp Suite: Security tool that helps to find vulnerabilities in web applications.
- Certified Ethical Hacker (CEH) online practice exam: Practice exam for the CEH.
- Dnslog: Allows to create temporal subdomains, logging all accesses
- eGarante: Digital certification of files, emails, etc. to exchange information
- Exiftool: platform-independent Perl library plus a command-line application for reading, writing and editing meta information in a wide variety of files
- Foca: Fingerprinting Organizations with Collected Archives: is a tool used mainly to find metadata and hidden information in the documents its scans
- GitMiner: Tool for advanced mining for content on Github
- Hershell: Simple TCP reverse shell written in Go.
- Maltego: Visual link analysis tool with tons of plugins to perform data mining and information gathering
- Metagoofil: information gathering tool designed for extracting metadata of public documents.
- Metasploit: Penetration testing framework
- One million tweet map: Web to search in tweeter and see the twit location realtime.
- OWASP ZAP: Security tool that helps to find vulnerabilities in web applications.
- Ping.eu: Collection of network tools to be run remotely from the web.
- recon-ng: Tool for gathering information with Metasploit look & feel.
- Shodan: Search engine by devices properties: IP, protocols, ports, ...
- Spider Foot: reconnaissance tool that automatically queries over 100 public data sources (OSINT) to gather intelligence on IP addresses, domain names, e-mail addresses, names and more.
- theHarvester: Tool for gathering subdomain names, e-mail addresses, virtual hosts, open ports/ banners, and employee names from different public sources
- Tineye: Search images in Internet.
- VXVault: Page to get malware for investigation purposes.
- wafw00f: Identify and fingerprint Web Application Firewall (WAF) products protecting a website.
- Whatweb: Identify the technology stack that powers a website and explore the Web of Things.
- Whatweb: Identify the technology stack that powers a website and explore the Web of Things.
- Burp Suite: Security tool that helps to find vulnerabilities in web applications.
- OWASP ZAP: Security tool that helps to find vulnerabilities in web applications.
- Monitis traceroute: Visual Traceroute tool.
- Ping.eu: Collection of network tools to be run remotely from the web.
- traceroute: Tool to print the route packets trace to network host.
- tracert: Traceroute for Windows.
- Learn python: collection of Python scripts that are split by topics and contain code examples with explanations, different use cases and links to further readings.
- ADGuard: ISOs and virtual machines with Windows.
- Microsoft Virtual Machines: Windows virtual machines provided by Microsoft for different hypervisors, like Virtualbox, VMWare, HyperV or Parallels.
- Homer: SIP / VoIP Packet Capture & Monitoring.
- ActiveWhois: Network tool for Windows to find any information about the owners of IP address or Internet domain
- Automater: URL/Domain, IP Address, and Md5 Hash OSINT tool aimed at making the analysis process easier for intrusion Analysts.
- Burp Suite: Security tool that helps to find vulnerabilities in web applications.
- dig: network administration command-line tool for querying Domain Name System (DNS) servers.
- DNSenum: Multithreaded perl script to enumerate DNS information of a domain and to discover non-contiguous ip blocks
- dnsrecon: DNS Enumeration Script
- Exiftool: platform-independent Perl library plus a command-line application for reading, writing and editing meta information in a wide variety of files
- Foca: Fingerprinting Organizations with Collected Archives: is a tool used mainly to find metadata and hidden information in the documents its scans
- Hershell: Simple TCP reverse shell written in Go.
- Internic Whois Search: Entrypoint to search information about Whois
- Maltego: Visual link analysis tool with tons of plugins to perform data mining and information gathering
- Metagoofil: information gathering tool designed for extracting metadata of public documents.
- Monitis traceroute: Visual Traceroute tool.
- MyIPSuite: Tool to track information about a web. May be discontinued.
- nslookup: Network administration command-line tool available for many computer operating systems for querying the Domain Name System (DNS) to obtain domain name or IP address mapping or for any other specific DNS record.
- OWASP ZAP: Security tool that helps to find vulnerabilities in web applications.
- Ping.eu: Collection of network tools to be run remotely from the web.
- Spider Foot: reconnaissance tool that automatically queries over 100 public data sources (OSINT) to gather intelligence on IP addresses, domain names, e-mail addresses, names and more.
- wafw00f: Identify and fingerprint Web Application Firewall (WAF) products protecting a website.
- Whatweb: Identify the technology stack that powers a website and explore the Web of Things.
- whois: Internet domain name and network number directory service
- Whoises: Entrypoint to search information about Whois
- ActiveWhois: Network tool for Windows to find any information about the owners of IP address or Internet domain
- Internic Whois Search: Entrypoint to search information about Whois
- Ping.eu: Collection of network tools to be run remotely from the web.
- whois: Internet domain name and network number directory service
- Whoises: Entrypoint to search information about Whois
Three easy steps:
- Edit the apps.yaml file. It is very easy. Try to reuse as many tags as possible. New apps must be inserted at the end.
- Run
make
. This will download thetaggeator.py
program and will execute it overriding theREADME.md
file. - Make a pull-request.