A fully-modern text-based browser, rendering to TTY and browsers, which some day I may actually get to work. https://www.brow.sh
browser  shell 
3 days ago
Burp Suite Scanner
Useful tool for nosing and capturing information from sites
security  Reconnaissance 
3 days ago
Noun Project Search
Open source, gpl icons by the thousands.
Graphics  Design  creative_commons 
4 days ago
Comix I/O
Create your own xkcd-style comics using HTML markup.
4 days ago
Python Tricks 101
Python tips which are relatively uncommon and are very useful.
python  programming 
5 days ago
Trape - People tracker on the Internet (The evolution of phishing attacks) OSINT - KitPloit - PenTest Tools for your Security Arsenal ☣
Trape is a recognition tool that allows you to track people, the information you can get is very detailed. We want to teach the world through this, as large Internet companies could monitor you, obtaining information beyond your IP.
Reconnaissance  tracking  Social_Networks 
5 days ago
When you're developing image styles in css, you can use some bears.
css  WebDev_Tools 
6 days ago
CMS (Content Management Systems) Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and 40 other CMSs
Pen_Testing  exploit  CMS 
10 days ago
gpgsync/README.md at develop · firstlookmedia/gpgsync · GitHub
GPG Sync is designed to let users always have up-to-date OpenPGP public keys for other members of their organization.
Encryption  pgp 
12 days ago
My $169 development Chromebook
This is now a classic, but still green advice, worth as a starting point to optimising a Chromebook.
security  dev  chromebooks 
20 days ago
Track The News
Meet the open-source Twitter bot to help you surface stories on anything
OSINT  Research  aggregation  python 
6 weeks ago
WebApp Information Gatherer
wig is a web application information gathering tool, which can identify numerous Content Management Systems and other administrative applications.
Reconnaissance  python 
6 weeks ago
"Stalk Your Friends. Find Their Instagram, FB And Twitter Profiles Using Image Recognition And Reverse Image Search
doxxing  Reconnaissance  reverse_image_search 
6 weeks ago
Cloudron - The best platform for running web apps
Lotos of useful, quickly deployable open source apps.
7 weeks ago
VOOKI - Web Application Vulnerability Scanner
Vooki is a free web application vulnerability scanner. Vooki is a user-friendly tool that you can easily scan any web application and find the vulnerabilities. Vooki includes Web Application Scanner, Rest API Scanner, and reporting section.
Pen_Testing  scanner 
8 weeks ago
Awesone web security
🐶 Curated list of Web Security materials and resources.
8 weeks ago
Multiple Ways to Get root through Writable File
In Linux everything is a file, including directories and devices that have permissions to allow or restricted three operations i.e. read/write/execute
hacking  Linux 
9 weeks ago
Developer Tools | Hugo
All the tools for deving Hugo websites.
hugo  flat_file_websites  WebDev_Tools 
9 weeks ago
WTF - A Terminal Dashboard
WTF is a personal information dashboard for your terminal, developed for those who spend most of their day in the command line.
terminal  todo  productivity 
10 weeks ago
Fsociety Hacking Tools Pack - A Penetration Testing Framework - KitPloit - PenTest Tools for your Security Arsenal ☣
Other shows' merchandise usually runs along the action figure or Happy Neal spectrum. With Mr. Robot, it's the working stuff from the show, like if Terminator actually led to fit repos of killer robots.
11 weeks ago
Crafting the InfoSec Playbook - O'Reilly Media
Security Monitoring and Incident Response Master Plan
buylist  security  book 
11 weeks ago
Shell Scripting and Security
Basic ways you can use shell scripts to monitor password strength and secret accounts
shell  CommandLine  security 
11 weeks ago
Awesome Hacking Tools
A curated list of awesome Hacking Tools. If you want to contribute to this list send me a pull request
11 weeks ago
Sunder is a user-friendly graphical interface for Shamir's Secret Sharing.

Also see https://freedom.press/news/meet-sunder-new-way-share-secrets/
tryout  Encryption 
12 weeks ago
GTFOBins is a curated list of Unix binaries that can be exploited by an attacker to bypass local security restrictions
pentesting  hacking  unix  shell 
12 weeks ago
WebTorrent Desktop
Streaming torrent app for Mac, Windows, and Linux
torrent  streaming 
12 weeks ago
find all rhe things on otger computers.
 If you want to do an inventory of all installed software in your active directory domain, then keep on reading my post.
How_To  Reconnaissance  network  scanner 
12 weeks ago
Malware Analysis is for the (Cuckoo) Birds - TrustedSec
The Cuckoo sandbox is an open source malware analysis system that can perform used against many different types of malware, ranging from Office documents to executables. 
malware  OpenSource 
12 weeks ago
jarun/googler: Google from the terminal
Search the web with Google from the command line instead of the browser... because stuff.
google  python  Cli  search 
12 weeks ago
saltpack - a modern crypto messaging format
Need to encode, transmit, or store encrypted or signed data? saltpack is a streamlined, modern solution, designed with simplicity in mind. It is easy to implement & integrate. We've made few crypto decisions and instead leave almost all of the heavy lifting to the NaCl library
may 2018
This Tool Queries The Emails That Registered The Domain And Verifies If They Were Leaked In Some Data Leak - KitPloit - PenTest Tools for your Security Arsenal ☣
email  whois  Domains  Open_Data  Reconnaissance 
may 2018
VFRAME is a computer vision toolkit designed for human rights researchers and investigative journalists
machine_learning  AI  Open_Data  verification 
may 2018
SugarCube is a framework to fetch, transform and publish data. Data processes are described using plugins, which are chained in sequence to transform any sort of data. It is used to support data based investigations.
scraping  OpenSource  Open_Data  verification 
may 2018
One to Zero
How to build a static website using a zero configuration toolkit
WebDev  static-hosting 
may 2018
Harpoon: an OSINT / Threat Intelligence tool · Tek's blog

Harpoon is a tool to automate threat intelligence and open source intelligence tasks. It is written in Python 3 and organised in plugins so the idea is to have one plugin per platform or task. The code is on Github, feel free to open issues and propose Pull Requests.
may 2018
Juice Shop i- ntentionally insecure webapp for security trainings
OWASP Juice Shop is an intentionally insecure webapp for security trainings written entirely in Javascript which encompasses the entire OWASP Top Ten and other severe security flaws. - http://owasp-juice.shop
training  security  WebDev  QWASP  infosec  education  javascript 
may 2018
PAVELOW helps you with your exploiting and vulnerability searching adventures on KALI Linux by using a few different pre-installed tools among several others that PAVELOW will installed & setup for you(they all can be found right here on Github too).
Hacking  exploit  Pen_Testing 
may 2018
NetBlocks Framework
Open technology for transparent internet governance using javascript, python and other tracking, documenting tools.
transparency  monitoring  censorship  Framework 
may 2018
Exploitation Framework for Embedded Devices
routers  Hacking  IoT 
may 2018
FOIA 101: Tips and Tricks to Make You a Transparency Master
This is a nice guide on how to use a very complex Cli for recon.
transparency  Research 
may 2018
Can I use... Support tables for HTML5, CSS3, etc
Let's you know how useable your front end work is going to be on different browsers and devices.
browser  WebDev 
may 2018
Motherboard Made a Tool That Archives Websites on Demand - Motherboard
mass_archive, a basic Python script, will push a webpage or URL to multiple archive services at once, hopefully making online journalism or research a bit more efficient.
may 2018
Penetration Testing checklist on Process Street
This Process Street penetration testing checklist is engineered to give a documentation process for staff carrying out penetration testing on either their own networks and services or those of a client.
may 2018
An information gathering tool to colect git commit emails in version control host services.
Git  Reconnaissance  phishing 
april 2018
How to Easily Generate Hundreds of Phishing Domains « Null Byte :: WonderHowTo
onvincing domain name is critical to the success of any phishing attack. With a single Python script, it's possible to find hundreds of available phishing domains and even identify phishing websites deployed by other hackers for purposes such as stealing user credentials.
How_To  phishing  Hacking  python  Domains 
april 2018
ESP8266 deauther
Scan for WiFi devices, block selected connections, create dozens of networks and confuse WiFi scanners!
network  wifi  security 
april 2018
SMBrute is a program that can be used to bruteforce username and passwords of servers that are using SMB (Samba).
Hacking  server  samba  smb  bruteforce 
april 2018
Champions Curriculum:
A training curriculum for teaching information security "champions" within small organisations and helping them conduct a basic assessment. (Work in progress)
InfoSec  OrgSec 
april 2018
Self hosted newsletter app
OpenSource  email  WebDev 
april 2018
tachyons tldr
Cheater for looking up Tachyon CSS classes, which are a different kind of voodoo all together. Remember how people used to bang on about not putting styles in the pages? For flippen' 'eck it's back.
CSS  Design  WebDev 
april 2018
Text Editor toolkit for web :: make a wysiwyg.
wysiwyg  WebDev  OpenSource 
april 2018
Tool to scan for secret files on HTTP servers
python  security  Reconnaissance  Pen_Testing  Hacking 
april 2018
A curated list of awesome packages, articles, and other cool resources from the Wagtail community.
wagtail  CMS  django 
april 2018
Structured Text Tools
The following is a list of text-based file formats and command line tools for manipulating each.
cli  CommandLine  WebDev 
april 2018
 An Open Source, Large Scale, Full Packet Capturing, Indexing, And Database System
traffic  packet_inspection  capture 
april 2018
Who Am I Mail Bot is a service to mask your e-mails. It was inspired by Blur, where you can create an alias for your e-mail and use it to signup on applications. The problem with Blur is that all e-mails pass trough their infraestructure and I don't need/want anybody looking on my e-mails, so I made this project. WhoAmIMailBot is similar to Blur service but runs on your own infraestructure!

This is interesting, but I'm still not sure it justifies getting a Telegram account.
bots  email 
march 2018
Easily Host Containers on a .onion URL.
Tor  onion_sites  docker  Hosting 
march 2018
Hardentools is a utility that disables a number of risky Windows features.
security  hardening  end_point_security  windows  microsoft 
march 2018
Tool For Automating Penetration Testing Tasks.
march 2018
MintBox Mini 2
Small durable and powerful Mint desktop box. Want/need.
march 2018
Zotero | Your personal research assistant
Zotero is the only software that automatically senses research on the web. Need an article from JSTOR or a preprint from arXiv.org? A news story from the New York Times or a book from a library? Zotero has you covered, everywhere.
research  OpenSource 
march 2018
Rainmap Lite
Responsive Web Based Interface That Allows Users To Launch Nmap Scans From Their Mobiles/Tablets/Web Browsers
nmpap  Reconnaissance 
march 2018
slack-meme: A Meme Bot for Slack.
Bookmarking for adding this to a Slack channel to annoy colleagues.
march 2018
The gui for Docker
march 2018
LibraryBox is an open source, portable digital file distribution tool based on inexpensive hardware that enables delivery of educational, healthcare, and other vital information to individuals off the grid.
hardware  meshnet  File_sharing 
march 2018
Next time I fly anywhere, try this.
march 2018
XSStrike is an advanced XSS detection and exploitation suite.
scan  exploit  Hacking  xss 
march 2018
Firefox tunnel to bypass any firewall
To create a program like firefox tunnel, follow these steps to get started...
Hacking  firewall 
march 2018
Program to detect when linux user opens terminal with root and inject intrusive commands in terminal with X11 lib
ssh  terminal  Hacking 
march 2018
Memfixed Mitigation
DDoS mitigation tool for sending flush or shutdown commands to vulnerable Memcached servers obtained using Shodan API.
ddos  shodan 
march 2018
The fast, reliable localhost tunneling solution
server  hosting  localhost  webdev 
march 2018
Interactive shellcoding environment to easily craft shellcodes
shell  CommandLine 
march 2018
Streisand sets up a new server running your choice of L2TP/IPsec, OpenConnect, OpenSSH, OpenVPN, Shadowsocks, sslh, Stunnel, a Tor bridge, and WireGuard. It also generates custom instructions for all of these services. At the end of the run you are given an HTML file with instructions that can be shared with friends, family members, and fellow a…
security  VPN  circumvention  Tor  tor_bridges  Privacy 
february 2018
PiKarma: 📡🍓🍍
Detects wireless network attacks performed by KARMA module (fake AP). Starts deauthentication attack (for fake access points)
network  security  wifi 
february 2018
Mosh: the mobile shell
Remote terminal application that allows roaming, supports intermittent connectivity, and provides intelligent local echo and line editing of user keystrokes.

Mosh is a replacement for interactive SSH terminals. It's more robust and responsive, especially over Wi-Fi, cellular, and long-distance links.

Mosh is free software, available for GNU/Linux, BSD, macOS, Solaris, Android, Chrome, and iOS.
shell  ssh  CommandLine 
february 2018
« earlier      
!document_management 2fa academic actvist_tech ad_blocking aggregation ai alerts analysis analytics android anonymity ansible anti_censorship anti_forensics archive article authentication automation aws backup bios bitcoin blockchain blogs bluetooth book bots browser bruteforce business_intelligence buylist canary capture cctv censorship chrome chrome_plugin chromebooks circumvention cli closed_source cloud_services cms coding collaboration commandline confederated content_creation copyright creative_commons css cyber_warfare dark_services dashboards data data_analsis data_analysis data_journalism data_mining data_policy data_scraping data_visualisation data_wipe databases ddos decentralised decentralized design dev diff digital_radio digsec digsec_howto digsec_services digsec_tools django dns docker domains dorking doxxing drupal drupal_modules education email encryption end_point_security enumeration exploit facebook file_sharing firewall firmware flat_file_websites foia fonts forensic foss framework frameworks frontend_dev gaming gatsby geolocation git goodorgs google google_dorks graphic_design graphics gui hacking hardening hardware honey_pot honeypot hosting how how_to htaccess html http https hugo icons ict ict_policy image_archive image_archives image_editing infosec interactive intranet ios iot ip ipfs iphone irc javascript journalism journalism_technology journalist_safety js law lazyweb_tools leaks letsencrypt linkedin linux lists localhost mac machine_learning malware manifesto maps markdown meshnet messaging_apps meta_data metasploit microsoft mitm mobile mobile_apps mongodb monitor monitoring mozilla mysql nato network ngo nmpap node_js notes nsa oauth2 objective-c onion_sites ooni open_data opensource operating_systems opsec optimization orgsec osint otr p2p packet_inspection password_manager passwords pdf pen_testing pentesting pgp phishing physical_security platforms policy privacy privilege_escalation productivity products programming protocol prototyping proxy public_domain python qwasp raspberry_pi re reconnaissance redis reporting research retro reverse_image_search routers rss ruby s3 samba scan scanner scraping search secure_contact security selfhosted server service_providers shell shodan shortcuts signal slack smb social_networks software source_protection spreadsheets sql ssh ssl static-hosting steganography strapi streaming subdomains surveillance sys sysadmin tcp telephony terminal testing text_analysis threat-research tinycode tls todo tor tor_bridges torrent tracking traffic training transparency tryout tunneling twitter ubuntu ui unix usb ux verification via:popular video video_editing vim visualization voip volatile_file_sharing vpn wagtail web_design web_servers web_standards web_toys webdev webdev_testing webdev_tools whistleblowing whois wifi windows wordpress wordpress_plugins workflow_tools writing_app wysiwyg xmpp xss

Copy this bookmark: