Notes

Firefox Extensions Link to heading

• Bypass Paywalls Clean - Bypass Paywalls of news sites
• CleanURLs - Remove tracking elements from URLs.
• Consent-O-Matic - Automatic handling of GDPR consent forms
• Dark Mode Website Switcher - Switches websites to the dark version, if they support it.
• Firefox Multi-Account Containers - Firefox Multi-Account Containers
• Form History Control (II) - Manage form history entries (search, view, edit, cleanup, export/import) and easy formfiller.
• FoxyProxy - simple on/off proxy switcher for Firefox
• Instance Assistant for Lemmy & Kbin - Simplify your Lemmy & Kbin experience with tools for your instance and communities
• Profile Switcher for Firefox - Create, manage and switch between browser profiles seamlessly.
• SingleFile - Save a complete page into a single HTML file
• Tabliss - A beautiful New Tab page with many customisable backgrounds and widgets that does not require any permissions.
• uBlock Origin - Open-source, cross-platform browser extension for content-filtering and ad-blocking.
• Wallabagger - This wallabag v2 extension has the ability to edit title and tags and set starred, archived, or delete states.
• WebArchive - Check this Web page on WebArchive.

Sites Link to heading

• Awesome Search Enginers for Cybersecurity Researchers - Awesome list of Search Engines for Cybersecurity Researchers
• BugMeNot - Find and share logins.
• Catbox- A platform for hosting and sharing files up to 200MB.
• crt.sh - A free tool that allows you to search for certificates by domain name. Useful for finding subdomains of a specific domain.
• CyberChef - Web-based platform for data analysis and decoding offering a vast range of operations, from simple string manipulation to complex cryptographic tasks.
• CrackStation - Free Password Hash Cracker.
• ~/cvecrowd$ _ - CVEs that are currently being discussed on the social network Mastodon.
• DeHashed - Ethical hacking tool that provides a way to search across multiple personal data sets.
• DistroSea - Test drive Linux distros online!
• DNSDumpster.com - dns recon & research, find & lookup dns records
• DocuSeal - Open Source Alternativeto DocuSign, PandaDoc and more. Need account to use it.
• DoubleDouble - Download music directly from Spotify, Amazon Music, Soundcloud, Qobuz, Deezer, Tidal, or Napster for free.
• Dracula Theme - Best themes ever <3
• dwpa - Distributed WPA PSK auditor
• Email Hippo - Free email address verification tool
• Email Permutator+ - Email Permutator Inspired by Rob Ousbey’s Email Permutator
• emkei.cz - Send an anonymous email (allows attachments).
• F4map - Explore the World (OpenStreetMap) in 3D!
• FediWatch - watch our real-time Fediverse interactions on a globe.
• FMHY - The largest collection of Free stuff on the Internet.
• fmstream.org - The Radio Stream Directory
• Framework Fingerprint Fix
• GNOD - Global Network Of Discovery, use the latest technological advances to make us all discover more and better things.
• hashes.com - Decrypt MD5, SHA1, MySQL, NTLM, SHA256, MD5 Email, SHA256 Email, SHA512 hashes.
• imgbb - A free and simple image hosting service.
• IntelX - Searching for leaked data.
• IzzyOnDroid F-Droid repos
• Malfrat’s OSINT Map - An online tree of selected useful tools made for OSINT purposes, made to help you during your investigations
• Netlas App - Internet intelligence apps that provide accurate technical information on IP addresses, domain names, websites, web applications, IoT devices, and other online assets.
• OSINT Framework - Comprehensive web-based directory that organizes and categorizes a wide range of open source intelligence tools and resources for investigative and research purposes.
• PickyPaste - Send an email (anonymous or not) whose message is stored in ZeroBin (no trace of the message in the email itself. Discussion possible outside of email.
• poubelle.zici.fr - A temporary and anonymous file hosting service.
• Records Search - Indexing of databases that have been leaked online, with the possibility of searching by specific categories.
• Reverse Shell Generator - Hosted Reverse Shell generator with a ton of functionality. – (Great for CTFs).
• Unshorten.It - The opposite of a URL shortener.
• userbeam.de - Get weekly updated, routable offline maps for common GPS devices and BaseCamp from Garmin based on OpenStreetMap data.
• Warez Standard - Rules of naming and organizing files.
• weakpass.com - For any kind of bruteforce find wordlists.
• WhatsMyName - Enumerate usernames across many websites

Tools Link to heading

• bettercap - Powerful, modular, and portable tool used to perform middle-person (man-in-the-middle) attacks, network monitoring, and security assessments through network analysis, packet manipulation, and a variety of network attacks.
• BlueSpy - PoC to record audio from a Bluetooth device
• CH341SER - ESP CH341 drivers for Linux
• gobuster - Directory/file & DNS busting tool written in Go.
• hashcat - Advanced password recovery.
• John the Ripper - Advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs.
• LinEnum - Scripted local Linux enumeration & privilege escalation checks.
• ncdu - Disk usage analyzer with an ncurses interface, designed to find space hogs on a Unix-like system.
• Maigret - Collect a dossier on a person by username from thousands of sites
• marple - Collect links to profiles by username through search engines and analyze with various plugins
• NAMINT - A simple javascript tool to prepare possible name and login search patterns with links.
• nikto - Command-line vulnerability scanner that scans web servers for dangerous files/CGIs, outdated server software and other problems.
• nmap - Open-source tool for network discovery and security auditing.
• noisy - Python script that generates random HTTP/DNS traffic noise in the background while you go about your regular web browsing
• PEASS-ng - Privilege Escalation Awesome Scripts Suite (with colors).
• pgcli - Enhanced command-line interface for PostgreSQL with auto-completion and syntax highlighting.
• pwnagotchi - Artificial intelligence tool for a Raspberry Pi Zero W that, using bettercap, learns to optimize attacks on WiFi protocols to efficiently gather and store crackable WPA handshakes and PMKIDs.
• serveo.net - Expose local servers to the internet
• Sherlock - Hunt down social media accounts by username across social networks
• theHarvester - OSINT tool used in the initial stages of red team assessments and penetration tests to determine a domain’s external threat landscape by collecting names, emails, IPs, subdomains, and URLs from various public resources.
• XSS Hunter Express - The fastest way to set up XSS Hunter to test and find blind cross-site scripting vulnerabilities.