It seems to set up a bunch of other tools and grinds up their output.
A fast, simple, easy to use multithreaded port scanner. Looks like it's written in pure Python. TCP only right now.
Looks like it could be a useful code reference, too.
When performing passive recon on a target, there are dozens of tools we can use to gather various pieces of intel on our target. This tool will allow us to parse these utilities easily.
FullHunt is the attack surface database of the entire Internet. FullHunt enables companies to discover all of their attack surfaces, monitor them for exposure, and continuously scan them for the latest security vulnerabilities. All, in a single platform, and more. Seems to share functionality with SHODAN in this regard.
REST API: https://api-docs.fullhunt.io/
Free tier: API access, 1K searches per month, 30 results, basic search filters.
A Voip Wardialer for the phreaking of 2020.
A curated list of all capture the flag tips and strategies.
An archive of phreak programs for Atari, Commodore, Tandy and more.
ONYPHE is a search engine for open-source and cyber threat intelligence data collected by crawling various sources available on the Internet or by listening to Internet background noise. ONYPHE correlates this information with data gathered by performing active Internet scanning for connected devices. It then normalizes information and make it available via an API and its search language.
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more. Some of this stuff can be used to prime discovery operations.
Homepage of the PLA. Fun stuff, here!
Clair is a FOSS utility for conducting static security analysis of Linux containers, Docker containers in particular. Clair continually updates its internal index of known vulnerabilities so it can keep constant watch over what it monitors. Has a modular architecture to make it easier to extend the project without having to fork() it. Also designed to fit into a CI/CD pipeline to monitor in-house containers as they're built. Plugs into Kubernetes. Requires Postgres. Written in Go. sysadmin infosec scanner scanning
4129 links, including 264 private