Cybersecurity Web Tools

This repository contains a list of links to different web tools useful for cybersecurity, it is organized by categories for greater accessibility.

—

📋Table of Contents

—

VirusTotal: Scans URLs and files for viruses and other threats using multiple antivirus engines.
Talos Intelligence: Offers information about online threats, including URL reputation.
URLVoid: Checks if a URL has been reported as malicious by various sources.
Urlscan.io: Analyzes websites to detect malicious content, such as malware or phishing.
Google Safe Browsing Site Status: Allows you to check if a website has been marked as unsafe by Google.

AbuseIPDB: Collects reports of abusive IP addresses, such as those that send spam or perform attacks.
IPVoid: Provides information about the reputation of an IP address, even if it is reported as malicious.
Hurricane Electric: Offers tools to analyze IP address routing information.
DNSlytics: Analyzes DNS records to obtain information about the infrastructure of a domain or IP address.

Triage: Analyzes files in an isolated environment (sandbox) to detect malicious behavior.
Filescan.io: Scans files for malware using multiple antivirus engines.
MetaDefender: Analyzes files with multiple antivirus engines and threat detection technologies.
Kaspersky Threat Intelligence: Offers information about threats and malware, including file analysis.
Hybrid Analysis: Analyzes files in a sandbox environment and provides detailed reports on their behavior.
TinEye: Reverse image search engine, useful for detecting unauthorized use of images.

Any.run: Allows you to run files and analyze their behavior in an interactive virtual environment.
Joe Sandbox: Analyzes files and URLs in a sandbox environment and generates detailed reports.

Have I Been Pwned: Checks if a password or email address has been compromised in a data breach.
Password checker Kaspersky: Checks the strength of a password and if it has been compromised.
Dehashed: Search engine for leaked data, helps verify the exposure of sensitive information.

VulnCheck Tools: Fast CVE lookups and exploit data.
CVE Details: Comprehensive CVE database with vendor/product filters.
NVD – National Vulnerability Database: Official U.S. government source for CVEs and severity metrics.
Vulners: Aggregated vulnerability intelligence and exploit database.

MalwareBazaar: Repository of malware samples for analysis.
ThreatFox: Platform for sharing threat indicators, including malware samples.

EFF (Electronic Frontier Foundation): Organization that defends digital rights and online privacy.
BrowserLeaks: Website that shows the information that websites can collect about your browser.

—

Subdomain Finder: Enumerates the public subdomains of a target domain.
Shodan: Search engine for devices and services connected to the internet.
Censys Search: Provides detailed information on certificates, open ports, and exposed services.
BuiltWith: Discovers the technologies behind a specific website.
GTFOBins: Provides privilege escalation and binary abuse techniques on Unix/Linux systems.

GTFOBins: Provides privilege escalation and binary abuse techniques on Unix/Linux systems.
LOLBAS: Catalog of legitimate Windows binaries that can be abused for offensive purposes.
HackTricks: Practical knowledge base for pentesting, privilege escalation, and CTFs.
Pentestmonkey: Tips, payloads, and cheat sheets for web exploitation and post-exploitation.
PayloadAllTheThings: Collection of payloads and techniques for web, network, and privilege escalation attacks.

CyberChef: Versatile web tool for data encoding, encryption, and transformation.
Regex101: It is an online tool for testing and debugging regular expressions with instant feedback.

JWT.IO: Decodes, verifies, and generates JSON web tokens.
Token Inspector: Platform for inspecting and visualizing JWT, JWE, JWK and JWS tokens.
Base64 Decode & Encode: Simple tool to decode or encode base64.

SSL Labs Test: Comprehensive analysis of a web server’s SSL/TLS configuration.
Observatory by Mozilla: Analyzes website security configurations and provides practical recommendations.
Security Headers: Analyzes the security HTTP headers of any website.

Exploit Database: Database of exploits and security vulnerabilities.
OWASP Top 10: List of the 10 most critical web vulnerabilities.
Mitre ATT&CK: Framework describing the tactics and techniques used by attackers.
CVE: Catalog of known security vulnerabilities.

Repo Link - https://github.com/JPablo13/Cybersecurity-Web-Tools