Use Alidade to create a plan for finding technology tools that suit your social change project. Built on in-depth research in Kenya and South Africa. Designed for activists and social change organisations everywhere. Complete this interactive guide and get a planning document to share with colleagues, technical developers or donors.
NGO  Open_Data  ICT 
3 days ago
Follow the Bitcoin With Python, BlockExplorer and Webhose.io
Method of discovering real relationships with Bitcoin addresses across the web, providing the secret Bitcoin address owner made an OpSec mistake.
python  bitcoin  OSINT  Reconnaissance 
8 days ago
Security Incident Information Management handbook by @RedRUK
Aimed at improving NGO security incident information management. Produced in partnership with Insecurity Insight and EISF, the SIIM handbook is a free downloadable resource sharing best practice, guidelines, tools and recommendations to enhance organisational security incident information management.
NGO  OrgSec 
11 days ago
LuLu, an open source firewall for Mac
LuLu is the free open-source macOS firewall that aims to block unknown outgoing connections, unless explicitly approved by the user.
firewall  OpenSource  Mac  monitoring  DigSec_Tools 
12 days ago
idb: iOS Application Security Assessment Tool
idb is a tool to simplify some common tasks for iOS app security assessments and research. It is open-source under the MIT license, hosted on Github, and developed by Daniel Mayer.
iOS  Pen_Testing  OpenSource 
12 days ago
Fucking Search Engines Scraper
Fses is a Python library to scrape urls from search queries. Good for power Google dorking in the command line.
python  search  scraping  Pen_Testing  Reconnaissance  OpenSource  doxxing 
12 days ago
A tool built in python to monitor any public webpages for updates and get alerts. http://thp.io/2008/urlwatch/
python  monitoring  OpenSource 
17 days ago
Lightweight Business Intelligence tool for reporting mongodb, postgresql, Mysql, & MS sql data

To see how it works go to www.widestage.com
business_intelligence  mongoDB  reporting  OpenSource 
18 days ago
Python Taint ☣
 A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
python  Pen_Testing  Hacking  OpenSource 
19 days ago
Analyze the security of any domain by finding all the information possible. Made in python.

Domain analyzer is a security analysis tool which automatically discovers and reports information about the given domain. Its main purpose is to analyze domains in an unattended way.
python  OSINT  Hacking  Reconnaissance  OpenSource 
19 days ago
An ssh-agent for every domain: SSHecret » CyberPunk
sshecret is a tool that creates an ssh-agent for each identity file found in your ssh_config(5) and executes ssh commands for a particular host using an environment that has access to only the key for that one host.
ssh  SysAdmin  OpenSource 
20 days ago
WhatRuns — Discover What runs a Website.
Extension that helps you identify technologies used on any website at the click of a button.
Chrome_plugin  WebDev  OSINT  Reconnaissance 
28 days ago
Buscador OSINT VM
Buscador is a Linux Virtual Machine that is pre-configured for online investigators. It was developed by David Westcott and Michael Bazzell, and distributions are maintained on this page.
OSINT  Reconnaissance  OpenSource  Operating_Systems  doxxing 
29 days ago
Free Cyber Security Tools from Rapid7, makers of Metasploit
Security doesn't come easy, and it shouldn't be your wallet that decides over whether you can protect your data. That's why Rapid7 makes community editions of its security software available to download for free. In addition, we have some great free security tools you can use on your smart phone or in your browser.
Hacking  Pen_Testing 
29 days ago
Paterva (Maltego)
Sells Maltego platofm for InfoSec teams and Pen Testing information gathering and reports
Pen_Testing  InfoSec  Hacking  Reconnaissance 
29 days ago
Quickly share and receive files with your own self-hosted service so your contact doesn't need to use an app. This problem is by-in-large solved and more securely by other tools, but if you want to host something that shows you traffic and logs actions, then this is it. HTTPS it as that's the only security I can see that applies here.
Platforms  Collaboration  File_sharing  OpenSource 
29 days ago
Paletton - The Color Scheme Designer
Get a colour scheme that looks good together sorted out quick.
LazyWeb_Tools  Design  CSS 
29 days ago
A suite of private ephemeral collaboration tools for teams & enterprises. Some people swear by it.
messaging_apps  Encryption  DigSec_Tools  DigSec_Services  closed_source 
29 days ago
Password hashes dump tools
Someone put together this Google Spreadsheet on password hash cracking tools.
Hacking  Pen_Testing  Passwords 
29 days ago
The GNU Privacy Guard
GnuPG is a complete and free implementation of the OpenPGP standard as defined by RFC4880 (also known as PGP). GnuPG allows to encrypt and sign your data and communication, features a versatile key management system as well as access modules for all kinds of public key directories.
Encryption  pgp  OpenSource 
29 days ago
Hints and Tips for Whistleblowers
Technical Hints and Tips for protecting the anonymity of sources for Whistleblowers, Investigative Journalists, Campaign Activists and Political Bloggers etc.
Whistleblowing  How_To  Lists  OpSec  DigSec_HowTo 
29 days ago
Have I been pwned?
Check if you have an account that has been compromised in a data breach. Endlessly useful and works on organisational-wide emails as well.
email  Pen_Testing  OSINT  DigSec_Services 
29 days ago
The Hobbit Name Generator
This is my preferred site for creating new names for things. That's a clue, you know.
Anonymity  LazyWeb_Tools 
29 days ago
Generate a Random Name - Fake Name Generator
Come up with a persona for that account you don't want to dump your actual information into without over thinking it.
Anonymity  LazyWeb_Tools 
29 days ago
Privacy Tools
This site is broken down into several lists of mostly fairly good tech for privacy and anonymity support.
DigSec_Tools  Lists 
29 days ago
F-Droid - Free and Open Source Android App Repository
F-Droid is an installable catalogue of FOSS (Free and Open Source Software) applications for the Android platform. The client makes it easy to browse, install, and keep track of updates on your device.
mobile  mobile_apps  FOSS  OpenSource 
29 days ago
A free software mobile operating system putting the emphasis on freedom and privacy/security.
mobile  OpenSource  Operating_Systems 
29 days ago
CachedView :: Find cached versions of lots of web pages
Is that page gone or heavily edited? Find an older version here. Checks google Cache and Archive.org in one place.
Backup  archive  search  OSINT 
29 days ago
Creepy by ilektrojohn
A Geolocation OSINT Tool. Offers geolocation information gathering through social networking platforms.
OSINT  doxxing  Reconnaissance 
29 days ago
Now deleted Reddit post on "Researching the Victim"
Some basic doxxing background information to get someone started on being a really creepy stalker.
How_To  doxxing 
29 days ago
Intelius :: Search for People, Background Checks, & Lookup Phone Numbers
"The most accurate and updated information from billions of records"
It's not really, but you get some likely results mixed in with the shit results.
29 days ago
Bitmessage is a P2P communications protocol used to send encrypted messages to another person or to many subscribers. It is decentralized and trustless, meaning that you need-not inherently trust any entities like root certificate authorities. It, too, needs a security audit.
Encryption  decentralised  messaging_apps  DigSec_Tools  protocol 
29 days ago
CrackStation - Online Password Hash Cracking
Uses Wordlists and targets unsalted hashes. So, for sites you shouldn't have any truck with, anyway. All very Sha1, MD5, Rainbow Tables and such.
Passwords  hacking  Pen_Testing 
29 days ago
Making Iranian Data Available to the Public
Discover clean and reliable public data on topics ranging from housing to health, and from trade to transportation. Check back with our growing database frequently for our latest datasets, or sign up to our newsletter for alerts as new data becomes available.
Open_Data  Data_Scraping  FOIA 
29 days ago
ckan – The open source data portal software
CKAN is a powerful data management system that makes data accessible – by providing tools to streamline publishing, sharing, finding and using data.
databases  data_visualisation  Data_Scraping  OpenSource 
29 days ago
BBC GEL :: how the BBC designs websites
This guideline explains how our flexible, percentage-based grid works and how you can use it to design a BBC website.
Web_Design  Web_Standards 
29 days ago
Underscores | A Starter Theme for WordPress
This is a framework for building a solid Wordpress theme. As such, most website "designers" who do Wordpress work stay far from it as they may actually have to do some work instead of buying some Themeforest crap and pretending that paint-by-numbers css editing is design.
Wordpress  Framework  Web_Design 
29 days ago
Comms tool for Voip, messaging and file sharing. Some people swear by it.
decentralised  Encryption  messaging_apps  VoIP  DigSec_Tools 
29 days ago
Free Domain Name Registration - Get a Short .co.nr web address!
Can't speak to the logic behind this site, but if you don't mind having a .co.nr domain or whether it's really "yours" in the end, here are free domains. May be good if you just need a URL for a few days.
29 days ago
Delete Your Online Accounts
This site offers shortcuts and guides to closing many popular online accounts and also gives you an idea of how easy or difficult it will be. Check it out before you open an account to see how difficult your exit strategy will be.
How_To  Lists  Social_Networks 
29 days ago
Privacy International
We are a London-based charity. We investigate the secret world of government surveillance and expose the companies enabling it.
GoodOrgs  surveillance 
29 days ago
Seek support or volunteer your services for different causes, groups, needs.
Collaboration  Dashboards  actvist_tech 
29 days ago
easyDNS Technologies Inc. DOMAINS - Register, Transfer Domains
Separate your DNS from your domain registrar for extra security through obscurity that kind of works.
DNS  Domains  Hosting 
29 days ago
SNOW :: White space ascii steganography
Whitespace steganography(!) The program SNOW is used to conceal messages in ASCII text by appending whitespace to the end of lines. Because spaces and tabs are generally not visible in text viewers, the message is effectively hidden from casual observers. And if the built-in encryption is used, the message cannot be read even if it is detected.
DigSec_Tools  Steganography  Encryption 
29 days ago
Cloud Backup, File Sharing & Messaging
"SpiderOak protects your group messaging, file sharing, and file backups with end-to-end encryption to keep you safe from privacy intrusions, ransomware, and data loss." I don't know why they focus on ransomware except that it's hot right now. Supposedly hyper secure cloud storage, though.
Cloud_services  File_sharing  Encryption  Backup 
29 days ago
Share files - FileTea, anonymous, volatile file sharing
the original anonymous, volatile file sharing tool Combine it with Tor and you've kind of got OnionShare but without the onion address, so not really Onionshare. But kind of. At least it has SSL now. It didn't when it started. That was lame.
Anonymity  Volatile_file_sharing  File_sharing 
29 days ago
Bitcoin - Open source P2P money
If it was an actual currency, would it need a donation button? Bitcoin is an anonymous wealth transport tool. The underlying Blockchain tech is far more interesting.
blockchain  OpenSource 
29 days ago
Seecrypt - Secure, encrypted phone calls and conference calls (white label)
Brand your own messaging and voip app that's supposed to be quite secure. It isn't open source, but you get the optics of having your logo on it even if you don't know how it actually works.
messaging_apps  closed_source 
29 days ago
I don't know, I think the Trump Co. used this for a while or something and it's kind of gimmicky, but here's this "secure" mesagging app that has interesting anti-shoulder surfing features.
DigSec_Tools  closed_source  messaging_apps 
29 days ago
Hacker OPSEC
Blog by The Grugq that focuses on how to learn from the black hats for whatever colour hat you may prefer.
OpSec  Hacking  lists  how 
29 days ago
Ethical hardware destruction in UK
Certificated Assurance of data destruction can be provided upon request.
Service_Providers  hardware  data_wipe 
29 days ago
Psiphon | Uncensored Internet access for Windows and Mobile
For over 10 years, Psiphon has provided open access to the Internet to citizens of countries with information controls and limitations.
29 days ago
How journalists and activists can have a safer physical meeting with a source
Journalists and activists are increasingly under threat from digital and physical risks. Here are some very basic steps on how to meet a sensitive source in the field. It follows on from our previous advice on dealing with surveillance and operational security.
OpSec  Journalist_Safety  source_protection 
29 days ago
How journalists and activists can identify and counter physical surveillance
Journalists and activists are increasingly under threat from digital and physical surveillance. Here are some very basic steps on how to protect yourself when under physical surveillance.
OpSec  Journalist_Safety  surveillance 
29 days ago
OnionShare is an open source tool that lets you securely and anonymously share a file of any size.
File_sharing  Encryption  Tor  Volatile_file_sharing  DigSec_Tools 
29 days ago
Automatically enable HTTPS on your website with EFF's Certbot, deploying Let's Encrypt certificates. Makes SSL much easier.
HTTPS  SSL  LetsEncrypt  sys 
29 days ago
PowerShell Empire phishing application
Empire is a pure PowerShell post-exploitation agent built on cryptologically-secure communications and a flexible architecture. Empire implements the ability to run PowerShell agents without needing powershell.exe, rapidly deployable post-exploitation modules ranging from key loggers to Mimikatz, and adaptable communications to evade network detection, all wrapped up in a usability-focused framework.
Hacking  phishing  Software  malware 
29 days ago
USB Rubber Ducky - HakShop by Hak5
The USB Rubber Ducky is a keystroke injection tool disguised as a generic flash drive. Computers recognize it as a regular keyboard and accept pre-programmed keystroke payloads at over 1000 words per minute.
Hacking  hardware  OpenSource 
29 days ago
Check by Meedan
This is a verification platform for teams to collaborate on fact checking or myth busting breaking news online.
verification  Collaboration  Platforms  OpenSource 
29 days ago
Tails - Privacy for anyone anywhere
Tails is a live operating system that you can start on almost any computer from a USB stick or a DVD (who still does that?). It aims at preserving your privacy and anonymity, and helps you to use the Internet anonymously and circumvent censorship, leaving no trace on the machine on which you use it.
Operating_Systems  OpenSource  Tor  Anonymity  Privacy 
29 days ago
Maltego CE
Maltego is an interactive data mining tool that renders directed graphs for link analysis. The tool is used in online investigations for finding relationships between pieces of information from various sources located on the Internet.
data_mining  Reconnaissance  hacking  Pen_Testing 
29 days ago
Hamilton 68: Tracking Putin's Propaganda Push... To America
Tracking Russian Influence Operations on Twitter. They should open source this.
Twitter  OSINT  Dashboards  Meta_Data 
29 days ago
Legal Hacking Tools Can Be Useful for Journalists, Too
Open source research tools used by security professionals can help journalists connect the dots.
How_To  Lists  OSINT  Hacking  Reconnaissance  Journalism 
29 days ago
Bellingcat's Digital Forensics Tools (Google Doc)
A List of Open Source Verification and Investigation Tools and Methods. There's an ongoing discussion thread on Twitter about it, with more resources being posted there on occasion (https://twitter.com/trbrtc/status/895734898647945220)
OSINT  verification  Lists  How_To 
29 days ago
codingo/Reconnoitre: A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
A reconnaissance tool made for the OSCP labs to automate information gathering and service enumeration whilst creating a directory structure to store results, findings and exploits used for each host, recommended commands to execute and directory structures for storing loot and flags.
Reconnaissance  Pen_Testing  OSINT  Hacking 
29 days ago
“I Have No Idea What I’m Doing” – On the Usability of Deploying HTTPS (PDF)
Protecting communication content at scale is a difficult task, and TLS is the protocol most commonly used to do so. However, it has been shown that deploying it
in a truly secure fashion is challenging for a large fraction of online service operators. While Let’s Encrypt was specifically built and launched to promote the adoption of HTTPS, this paper aims to understand the reasons for why it has been so hard to deploy TLS correctly and studies the usability of the deployment process for
SSL  HTTPS  SysAdmin  TLS  academic 
29 days ago
The ISC Project
The Information Safety & Capacity Project (ISC) provides advanced, sustained information security and capacity building assistance to civil society organizations, human rights activists, and independent media in countries where free expression, journalistic reporting, online communications, and advocacy are critical to societal liberalization and development but potentially risky to personal safety.
4 weeks ago
Free software and Web Apps that can be locally hosted
Kickball/awesome-selfhosted: This is a list of Free Software network services and web applications which can be hosted locally. Selfhosting is the process of locally hosting and managing applications instead of renting from SaaS providers.
OpenSource  WebDev  Lists 
4 weeks ago
GTmetrix | Website Speed and Performance Optimization
GTmetrix is a free tool that analyzes your page's speed performance. Using PageSpeed and YSlow, GTmetrix generates scores for your pages and offers actionable recommendations on how to fix them.
4 weeks ago
« earlier      
academic actvist_tech analytics android anonymity archive authentication backup bios bitcoin blockchain blogs business_intelligence cctv chrome_plugin circumvention cli closed_source cloud_services cms coding collaboration commandline confederated content_creation copyright css cyber_warfare dashboards data_journalism data_mining data_scraping data_visualisation data_wipe databases decentralised design digital_radio digsec digsec_howto digsec_services digsec_tools dns domains doxxing drupal drupal_modules email encryption facebook file_sharing firewall firmware foia fonts foss framework frameworks frontend_dev gaming git goodorgs graphic_design gui hacking hardware honey_pot hosting how how_to htaccess html https icons ict ict_policy image_archive image_archives image_editing infosec interactive intranet ios iphone javascript journalism journalist_safety law lazyweb_tools leaks letsencrypt linux lists mac malware manifesto maps markdown messaging_apps meta_data mobile mobile_apps mongodb monitoring mysql nato network ngo notes nsa oauth2 open_data opensource operating_systems opsec optimization orgsec osint otr p2p passwords pen_testing pgp phishing physical_security platforms policy privacy products programming protocol prototyping public_domain python raspberry_pi reconnaissance reporting retro scanner scraping search service_providers social_networks software source_protection ssh ssl steganography surveillance sys sysadmin telephony text_analysis tls tor twitter ubuntu ui verification via:popular video_editing vim voip volatile_file_sharing vpn web_design web_servers web_standards webdev webdev_testing webdev_tools whistleblowing wordpress wordpress_plugins workflow_tools writing_app

Copy this bookmark: