Explore 38 curated tools and resources
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
A powerful directory/file, DNS and VHost busting tool written in Go.
A list of services and how to claim (sub)domains with dangling DNS records.
A list of services and how to claim (sub)domains with dangling DNS records.
A tool for detecting and taking over subdomains with dead DNS records
A tool for detecting and taking over subdomains with dead DNS records
A fast domain resolver and subdomain bruteforcing tool
A front-end JavaScript toolkit for creating DNS rebinding attacks
A front-end JavaScript toolkit for creating DNS rebinding attacks
A tool to identify potential subdomain takeovers by checking if a CNAME record resolves to the scope address.
A tool to identify potential subdomain takeovers by checking if a CNAME record resolves to the scope address.
A repository containing material from a talk on sub-domain enumeration techniques
A repository containing material from a talk on sub-domain enumeration techniques
A multi-tool for subdomain enumeration
A fast and multi-purpose DNS toolkit for DNS reconnaissance and testing
A tool for taking a list of resolved subdomains and outputting any corresponding CNAMES en masse.
A tool for taking a list of resolved subdomains and outputting any corresponding CNAMES en masse.
A tool for discovering and enumerating external attack surfaces
ONYPHE is a cyber defense search engine that discovers exposed assets and provides real-time monitoring to identify vulnerabilities and potential risks.
ONYPHE is a cyber defense search engine that discovers exposed assets and provides real-time monitoring to identify vulnerabilities and potential risks.
A list of most queried domains based on passive DNS usage across the Umbrella global network.
A list of most queried domains based on passive DNS usage across the Umbrella global network.
A service for better visibility on networking issues in Kubernetes clusters by detecting traffic denied by iptables.
A service for better visibility on networking issues in Kubernetes clusters by detecting traffic denied by iptables.
A framework for generating log events without the need for infrastructure, allowing for simple, repeatable, and randomized log event creation.
A framework for generating log events without the need for infrastructure, allowing for simple, repeatable, and randomized log event creation.
A technique to encode data within DNS queries for covert communication channels.
A technique to encode data within DNS queries for covert communication channels.
A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
Offensive security tool for reconnaissance and information gathering with a wide range of features and future roadmap.
Offensive security tool for reconnaissance and information gathering with a wide range of features and future roadmap.
Domain registration and web hosting services with free features and 24/7 customer support
Domain registration and web hosting services with free features and 24/7 customer support
Scumblr is a web application for periodic syncs of data sources and security analysis to streamline proactive security.
Scumblr is a web application for periodic syncs of data sources and security analysis to streamline proactive security.
A proof-of-concept for an adaptive parallelised DNS prober
An information gathering tool for DNS, subdomains, ports, and directories enumeration.
An information gathering tool for DNS, subdomains, ports, and directories enumeration.
A tool that detects dangling DNS records in a multi-cloud environment to prevent subdomain takeovers.
A tool that detects dangling DNS records in a multi-cloud environment to prevent subdomain takeovers.
A command line tool for running SQL queries on PCAP files with various output options and a simplistic web-server.
A command line tool for running SQL queries on PCAP files with various output options and a simplistic web-server.
Python utility for testing the existence of domain names under different TLDs to find malicious subdomains.
Dnscan is a DNS reconnaissance tool that performs DNS scans, DNS cache snooping, and DNS amplification attack detection.
Dnscan is a DNS reconnaissance tool that performs DNS scans, DNS cache snooping, and DNS amplification attack detection.
A network responder supporting various protocols with minimal assumptions on client intentions.
A network responder supporting various protocols with minimal assumptions on client intentions.
SecurityTrails API provides access to a vast repository of historical DNS lookups, WHOIS records, hostnames, and domains for cyber forensics and investigations.
SecurityTrails API provides access to a vast repository of historical DNS lookups, WHOIS records, hostnames, and domains for cyber forensics and investigations.
A powerful enumeration tool for discovering assets and subdomains.
A powerful enumeration tool for discovering assets and subdomains.
DNSDumpster is a domain research tool for discovering and analyzing DNS records to map an organization's attack surface.
DNSDumpster is a domain research tool for discovering and analyzing DNS records to map an organization's attack surface.