#online

endoflife.date
endoflife.date

Informative site with EoL dates of everything.

cheat.sh
cheat.sh

The only cheat sheet you need.

HackTricks
HackTricks

Find trick/technique/whatever learnt from CTFs, real life apps, reading researches, and news.

OpenCTI
OpenCTI

Open Cyber Threat Intelligence Platform.

pipedream
pipedream

Collect HTTP or webhook requests and inspect them in a human-friendly way.

webhook.site
webhook.site

Easily test HTTP webhooks with this handy tool that displays requests instantly.

changedetection.io
changedetection.io

Page change monitoring with alerts a breezem, the best way to monitor website changes.

Csper
Csper

The most advance set of Content Security Policy tools.

CRYPTOHACK
CRYPTOHACK

A fun, free platform for learning modern cryptography.

FireBounty
FireBounty

The ultimate Vulnerability Disclosure Policy and Bug Bounty list!

OpenBuckets
OpenBuckets

Online platform for finding open buckets in cloud storage systems effortlessly.

bxss.net
bxss.net

Web service that allows for detection Blind XSS vulnerabilities within web applications.

cvecrowd.com
cvecrowd.com

Lists CVEs that are currently being discussed on the social network Mastodon.

certs.io
certs.io

Search the entire internet by data in TLS certificates.

HackingHub
HackingHub

Join the front line of the internet, learn applicable cyber security skills.

graphql-voyager
graphql-voyager

Represent any GraphQL API as an interactive graph.

CyberSec Quizzes
CyberSec Quizzes

Test your knowledge on cyber security and practice for industry recognised certifications.

Free Certifications
Free Certifications

A curated list of free courses & certifications.

bbradar.io
bbradar.io

Fetches latest bug bounty programs from many platforms and consolidates them in one place.

SynapsInt
SynapsInt

Consulting different intelligence services, search engines and datasets for OSINT.

PurpleOps
PurpleOps

An open-source self-hosted purple team management web application.

WhoisXMLAPI
WhoisXMLAPI

Domain & IP data intelligence for greater enterprise security.

DeHashed
DeHashed

DeHashed provides free deep-web scans and protection against credential leaks.

Kaeferjaeger
Kaeferjaeger

Lists of resources: cdn ranges, ips ranges, sni ip ranges...

BugProve
BugProve

Automated firmware analysis tool for composition analysis and vulnerability scanning.

BugBountyHunting
BugBountyHunting

Search Bug Bounty writeups easily.

wgen.io
wgen.io

Generate rich wordlists for targeted attacks online.

DorkGPT
DorkGPT

Generate Google dorks with AI.

XSS Hunter
XSS Hunter

The fastest way to set up XSS Hunter to test and find blind cross-site scripting vulnerabilities.

MalwareBazaar
MalwareBazaar

Malware sample database.

hunter.how
hunter.how

Internet search engines for security researchers.

scanless
scanless

Online port scan scraper.

Shodan
Shodan

Search engine for Internet-connected devices.

Netlas.io
Netlas.io

Netlas.io is the network atlas of Internet. IP, DNS, Web, IoT devices, and etc.

TryHackMe
TryHackMe

Hands-on cyber security training through real-world scenarios.

Hack The Box
Hack The Box

Massive hacking playground, and infosec community.

OWASP Juice Shop
OWASP Juice Shop

Probably the most modern and sophisticated insecure web application.

xssor2
xssor2

Hack with JavaScript.

CyberChef
CyberChef

A web app for encryption, encoding, compression and data analysis.

grep.app
grep.app

Searches code from over a half million public repositories on GitHub.

Sourcegraph
Sourcegraph

Search millions of open source repositories.

GrayhatWarfare
GrayhatWarfare

Search for buckets and URL shorteners.

Wayback Machine
Wayback Machine

Explore more than 778 billion web pages saved over time.

Certificate Search
Certificate Search

Get informations about SSL certificates.

SecurityTrails
SecurityTrails

Data for Security companies, researchers and teams.

Yoga
Yoga

Your OSINT Graphical Analyzer.

WhatsMyName
WhatsMyName

Enumerate usernames across many websites.

Have i been pwned?
Have i been pwned?

Check if your email or phone is in a data breach.

findsecuritycontacts.com
findsecuritycontacts.com

Scans the top 500 sites daily for their security.txt file or DNS records.

PentesterLab
PentesterLab

Learn Web Penetration Testing: The Right Way.

KNOXSS
KNOXSS

Online XSS tool with demonstration of vulnerability.