đ Marque-pages Pinboard
â Retour Ă tous les marque-pages258 rĂ©sultats (1-250 marque-pages affichĂ©s)
strangebee.com
TheHive et Cortex de StrangeBee offrent un case management avancé pour la réponse à incidents aux SOC, CERT et CSIRT du monde entier.
github.com
Multi-services Honeypot Solution with AI support and dynamic HTTP template - 0xBallpoint/trapster-community
github.com
Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling. - sshuttle/sshuttle: Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.
clubpsco.fr
www.shadowserver.org
The Shadowserver Foundation is a nonprofit security organization working altruistically behind the scenes to make the Internet more secure for everyone.
labs.watchtowr.com
github.com
Nikto web server scanner. Contribute to sullo/nikto development by creating an account on GitHub.
www.aptible.com
Aptible is the Platform as a Service (PaaS) loved by startups (and developers). With Aptible, your cloud resources are always secure, compliant, and reliable.
gitlab.com
An SSH server for Android devices having Magisk (build system)
ghidra-sre.org
pentester.land
We curate bug bounty writeups and penetration testing resources to help you stay up-to-date with the latest hacking techniques.
computer.rip
github.com
Keyguard is an alternative client for the BitwardenÂź platform, created to provide the best user experience possible. - AChep/keyguard-app
www.pathfinder.de
Hundreds of IT professionals and network teams are already using the award-winning tool to document data centers and IT infrastructures.
github.com
Automatic Let's Encrypt TLS Certificate installation for dokku - dokku/dokku-letsencrypt
notnite.com
kibty.town
privatekeys.pw
Explore all possible Bitcoin, Ethereum, Litecoin, Dogecoin Keys in decimal, hex or WIF format
en.wikipedia.org
blog.intigriti.com
AWS S3 (Simple Storage Service) buckets are a popular storage service used by software companies and organizations to store public as well as sensitive data. However, the implementation of this servic...
blog.sheddow.xyz
Have you ever encountered a website that runs `jQuery(location.hash)`? It turns out this allows you to perform a powerful timing attack that can extract almost any secret from the HTML.
news.ycombinator.com
ian.sh
Introducing CookieMonster: a tool to help you detect and abuse vulnerable implementations of stateless sessions.
ian.sh
I'm a security engineer at Robinhood. Outside of work, I do security research for bug bounties, transit systems, vehicles, and other interesting areas.
breachforums.st
github.com
Custom Selenium Chromedriver | Zero-Config | Passes ALL bot mitigation systems (like Distil / Imperva/ Datadadome / CloudFlare IUAM) - ultrafunkamsterdam/undetected-chromedriver: Custom Selenium Chromedriver | Zero-Config | Passes ALL bot mitigation systems (like Distil / Imperva/ Datadadome / CloudFlare IUAM)
github.com
Trying to make python selenium more stealthy. Contribute to diprajpatra/selenium-stealth development by creating an account on GitHub.
github.com
đ”ïžââïž All-in-one OSINT tool for analysing any website - Lissy93/web-check
portswigger.net
PortSwigger offers tools for web application security, testing, & scanning. Choose from a range of security tools, & identify the very latest vulnerabilities.
lutrasecurity.com
Anyone who has had to deal with HTML emails on a technical level has probably reached the point where they wanted to quit their job or just set fire to all the mail clients due to their inconsistent implementations. But HTML emails are not just a source of frustration, they can also be a serious security risk.
www.stoik.com
Stoïk est la premiÚre agence de souscription spécialisée sur le risque cyber en Europe à destination des PME & ETI. Une police d'assurance simple à souscrire, des garanties claires, transparentes et sans exclusions cachées.
clerk.com
The easiest way to add authentication and user management to your application. Purpose-built for React, Next.js, Remix, and âThe Modern Webâ.
www.aira.com.tw
Face Recognition/FR/Attendance/T&A/Construction/School/Gym
galadrim.fr
La fraude appelée SMS pumping survient lorsque des fraudeurs exploitent un champ de saisie de numéro de téléphone de votre ...
iancoleman.io
github.com
Bitcoin Improvement Proposals. Contribute to bitcoin/bips development by creating an account on GitHub.
www.theregister.com
github.com
A golang implementation of endlessh exporting Prometheus metrics, visualized by a Grafana dashboard. - shizunge/endlessh-go
haacked.com
A while back I wrote about a subtle JSON vulnerability which could result in the disclosure of sensitive information. That particular exploit involved overriding the JavaScript Array constructor to disclose the payload of a JSON array, something which most browsers do not support now.
www.devever.net
www.maxmind.com
Customize content and comply with regulations using in-depth IP address data.
Prevent fraud and chargebacks, manage cyber risk, and flag proxy users.
ipinfo.io
Get accurate and reliable IP address information with IPinfo. Trusted by over 400,000 users, developers and businesses, we handle more than 40 billion API requests per month. Sign up for free account today.
ipapi.is
ipapi.is offers precise IP data via a user-friendly API, encompassing geolocation, ASN data, hosting detection, VPN detection, and proxy detection.
github.com
Allowlist-based HTML cleaner. Contribute to matthiask/html-sanitizer development by creating an account on GitHub.
en.wikipedia.org
en.wikipedia.org
darknetdiaries.com
pwpush.com
Password Pusher is an application to securely send passwords over the web. Links to passwords expire after a certain number of views and/or time has passed.
erlef.github.io
Documentation, specifications and code from the Security Working Group of the Erlang Ecosystem Foundation
github.com
Interesting APT Report Collection And Some Special IOC - blackorbird/APT_REPORT: Interesting APT Report Collection And Some Special IOC
www.maltego.com
Since 2008, Maltego has empowered over a million investigations worldwide, and we are far from being done. How can Maltego support you?
github.com
Remote Administration Tool for Windows. Contribute to quasar/Quasar development by creating an account on GitHub.
github.com
NjRAT is a Remote Administration Tool. This repository contains a Njrat Editions. - asimonov64/njRAT: NjRAT is a Remote Administration Tool. This repository contains a Njrat Editions.
socradar.io
SOCRadar is a cloud-based autonomous early warning tool against cyber threats. Read our blog for the latest news about recent threats.
socradar.io
The rapidly evolving threats in the field of cybersecurity are being met with sophisticated methods such as "FUD" Crypter...
github.com
A tool used to obfuscate python scripts, bind obfuscated scripts to fixed machine or expire obfuscated scripts. - dashingsoft/pyarmor: A tool used to obfuscate python scripts, bind obfuscated scripts to fixed machine or expire obfuscated scripts.
vmpsoft.com
labs.withsecure.com
Windows Defender is enabled by default in all modern versions of Windows making it an important mitigation for defenders and a potential target for attackers.
www.puckiestyle.nl
github.com
This is a fork of browser_cookie. Contribute to borisbabic/browser_cookie3 development by creating an account on GitHub.
korben.info
-- Article en partenariat avec Twilio -- DerniĂšrement, vous avez eu le plaisir de dĂ©couvrir certains des services de Twilio, notamment l'API Verify qui permet de valider des utilisateurs, un super tuto pour envoyer des SMS en Python, ou encore la merveilleuse application de double authentification Authy. Cela vous a vraiment plu, du coup, jeâŠ
www.firezone.dev
Open-source remote access built on WireGuardÂź.
downfall.page
Downfall attacks targets a critical weakness found in billions of modern processors used in personal and cloud computers.
github.com
The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data. - minimaxir/big-list-of-naughty-strings: The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
github.com
A simple zero-config tool to make locally trusted development certificates with any names you'd like. - FiloSottile/mkcert: A simple zero-config tool to make locally trusted development certificates with any names you'd like.
pocketvna.com
crt.sh
Free CT Log Certificate Search Tool from Sectigo (formerly Comodo CA)
filigrane.beta.gouv.fr
github.com
A pure Unix shell script implementing ACME client protocol - acmesh-official/acme.sh: A pure Unix shell script implementing ACME client protocol
github.com
Open-source tool to bypass windows and linux passwords from bootable usb - Fadi002/unshackle: Open-source tool to bypass windows and linux passwords from bootable usb
fr.wikipedia.org
hussainaliakbar.github.io
Restricting TLS Version and Cipher Suites in Python's Requests and testing with Wireshark
www.ssllabs.com
A comprehensive free SSL test for your public web servers.
medium.com
Well this is my first writeup and there might be ton of mistakes as i go along writing it out so please give me feedback so that i can work over it. This specification allows us to use JWT to passâŠ
frida.re
Observe and reprogram running programs on Windows, macOS, GNU/Linux, iOS, watchOS, tvOS, Android, FreeBSD, and QNX
book.hacktricks.xyz
github.com
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password đĄïž - ihebski/DefaultCreds-cheat-sheet: One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password đĄïž
book.hacktricks.xyz
github.com
Awesome Frida - A curated list of Frida resources http://www.frida.re/ (https://github.com/frida/frida) - dweinstein/awesome-frida: Awesome Frida - A curated list of Frida resources http://www.frida.re/ (https://github.com/frida/frida)
github.com
Dex to Java decompiler. Contribute to skylot/jadx development by creating an account on GitHub.
github.com
Simple HS256 JWT token brute force cracker with multi-thread support and minimal dependencies. It also shows a resume command on exit and has a nice progressbar. - vaverix/multithread-jwt-cracker: Simple HS256 JWT token brute force cracker with multi-thread support and minimal dependencies. It also shows a resume command on exit and has a nice progressbar.
github.com
Simple HS256 JWT token brute force cracker. Contribute to lmammino/jwt-cracker development by creating an account on GitHub.
attackdefense.com
github.com
The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis - gchq/CyberChef: The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
github.com
A Vue directive which renders sanitised HTML dynamically - ecosia/vue-safe-html: A Vue directive which renders sanitised HTML dynamically
github.com
Whitelist-based HTML sanitizer (sanitize-html) for Vue.js apps. - daichirata/vue-sanitize: Whitelist-based HTML sanitizer (sanitize-html) for Vue.js apps.
mitmproxy.org
ecole2600.com
Une Ă©cole 100% cyberPas dâexcellence sans maĂźtrise des fondamentaux. Une pĂ©dagogie unique20 ans dâenseignement et dâexpertise cyber
ronin-rb.dev
www.cyberark.com
Introduction In this blog series, we will cover the topic of rootkits â how they are built and the basics of kernel driver analysis â specifically on the Windows platform. In this first part, we...
github.com
:snake: :mag: GuardDog is a CLI tool to Identify malicious PyPI and npm packages - DataDog/guarddog: GuardDog is a CLI tool to Identify malicious PyPI and npm packages
www.alwaysdata.com
tls12.xargs.org
Every byte of a TLS connection explained and reproduced
solokeys.com
The first open source FIDO2 security key, built with TrussedÂź.
www.sonarsource.com
SonarQube, SonarCloud and SonarLint use hundreds of unique rules to find Python bugs, code smells & vulnerabilities on the Sonar platform
www.aircrack-ng.org
github.com
A Wireless (WPA/WPA2) Pentest/Cracking tool. Captures & Crack 4-way handshake and PMKID key. Also, supports a deauthentication/jammer mode for stress testing - hash3liZer/WiFiBroot: A Wireless (WPA/WPA2) Pentest/Cracking tool. Captures & Crack 4-way handshake and PMKID key. Also, supports a deauthentication/jammer mode for stress testing
github.com
A suite of secret scanners built in Rust for performance. Based on TruffleHog (https://github.com/dxa4481/truffleHog) which is written in Python. - newrelic/rusty-hog: A suite of secret scanners built in Rust for performance. Based on TruffleHog (https://github.com/dxa4481/truffleHog) which is written in Python.
linux-note.com
Gestion d'utilisateur, command systĂšme et procĂ©dure pour travailler avec Debian (mostlyâŠ)
shop.hak5.org
blog.wesleyac.com
passkeys.dev
Hello passkeys, goodbye passwords! passkeys.dev is a collection of resources and insights to help you deploy passkeys, including practical user experiences, device ecosystem support, frequently asked questions, and more.
portswigger.net
bugs.xdavidhu.me
David SchĂŒtz's bug bounty writeups
totp.app
TOTP.APP - is a online generator of one-time passwords, based on TOTP (RFC 6238) algorithm. A web-based analog of the Google Authenticator mobile application.
www.troyhunt.com
objective-see.org
krebsonsecurity.com
security-list.js.org
gchq.github.io
The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
github.com
SSH tarpit that slowly sends an endless banner. Contribute to skeeto/endlessh development by creating an account on GitHub.
tinyssh.org
TinySSH is a minimalistic SSH server which implements only a subset of SSHv2 features.
blog.chainguard.dev
carlosbecker.dev
www.oo-software.com
With the freeware O&O ShutUp10++, unwanted Windows 10 and 11 features can be disabled and the transfer of sensitive personal data onto Microsoft prevented.
www.hackthebox.com
Where hackers level up! An online cybersecurity training platform allowing IT professionals to advance their ethical hacking skills and be part of a worldwide community. Join today and learn how to hack!
www.youtube.com
David Brumley, CEO, ForAllSecureDo you want to know how to build a top-ranked competitive hacking team? It's all about the system. In sports, we understand s...
greatscottgadgets.com
flipperzero.one
Based on ultra low power STM32 MCU for daily exploration of access control systems and radio protocols. Open source and customizable
en.wikipedia.org
drata.com
Drata is the fastest & simplest way to achieve continuous SOC 2 and ISO 27001 compliance. Build trust and securely grow your business.
www.vanta.com
Vanta automates the complex and time-consuming process of SOC 2, HIPAA, ISO 27001, PCI, and GDPR compliance certification. Automate your security monitoring in weeks instead of months.
www.cisecurity.org
Instruction for applying best practices to enterprise systems.
fr.wikipedia.org
github.com
american fuzzy lop - a security-oriented fuzzer. Contribute to google/AFL development by creating an account on GitHub.
mega-awry.io
github.com
Graph platform for Detection and Response. Contribute to grapl-security/grapl development by creating an account on GitHub.
www.yubico.com
Protect yourself from account takeovers with the efficient, multi-protocol YubiKey 5 Nano. Go passwordless with our small security key designed for USB-A ports.
unzip.dev
Problem: Security incidents in production are very costly.
Solution: Introducing security checks and fixes earlier in development.
kenkantzer.com
While I was leading PKCâs security practice, we did probably 20-30 code security audits, almost of all of them for startups that were just around their Series A or B (that was usually when they had cash and realized that itâd be good to take a deeper look at their security, after the do-or-die focus on product market fit).
www.hackerone.com
Reduce your cybersecurity risk/vulnerabilities through bug bounty programs, VDPs, attack resistance management, attack surface management, security assessments, and pentest solutions.
wiki.archlinux.org
gitlab.com
Spectre brings a stateless cryptographic identity algorithm to you across multiple platforms. Learn more at: https://spectre.app
secret.club
By applying well-known fuzzing techniques to a popular target, I found several bugs that in total yielded over $200K in bounties. In this article I will demonstrate how powerful fuzzing can be when applied to software which has not yet faced sufficient testing.
www.defined.net
Nebula Overlay Networks: Extend network access with on-demand, encrypted tunnels between any hosts on any network. Defined Networking is the company behind the Nebula open-source project.
enclave.io
Connect all of your computers, servers, cloud instances and containers across any infrastructure with secure private networks that just work.
github.com
Simple and flexible tool for managing secrets. Contribute to mozilla/sops development by creating an account on GitHub.
withblue.ink
And what you should do with your apps' secrets instead
github.com
transparently encrypt files within a git repository - elasticdog/transcrypt: transparently encrypt files within a git repository
github.com
Safely store secrets in Git/Mercurial/Subversion. Contribute to StackExchange/blackbox development by creating an account on GitHub.
lkrjangid1.github.io
All your base are belong to us!
openziti.github.io
js.masterpassword.app
github.com
www.vaultproject.io
datatracker.ietf.org
earsandeyes.noblogs.org
github.com
tailscale.com
www.netmaker.org
cryptomator.org
www.trickster.dev
ferm.foo-projects.org
www.reversemode.com
ajinabraham.com
www.zetetic.net
vadosware.io
en.wikipedia.org
en.wikipedia.org
en.wikipedia.org
en.wikipedia.org
tailscale.com
orth.uk
www.mailinblack.com
www.cygwin.com
www.softether.org
www.scs.stanford.edu
lcamtuf.coredump.cx
www.pfsense.org
bitwarden.com
www.system-transparency.org
blog.haschek.at
blog.haschek.at
wigle.net
ibotpeaches.github.io
alpinelinux.org
docs.docker.com
blog.cryptographyengineering.com
hardenedbsd.org
dehashed.com
haveibeenpwned.com
www.youtube.com
www.begin.re
beginners.re
rekt.news
phrack.org
phrack.org
2fa.directory
krebsonsecurity.com
www.fuzzingbook.org
en.wikipedia.org
owasp.org
www.shodan.io
linux-audit.com
www.whonix.org
www.newyorker.com
www.idemia.com
cyberlaw.stanford.edu
attack.mitre.org
ants.gouv.fr
En collaboration avec des entités privées et publiques, l'Agence nationale des titres sécurisés, mandatée par le ministÚre de l'Intérieur, met en place la solution « 2D-Doc » pour lutter contre la fraude et sécuriser les données et documents échangés entre l'usager et l'administration.
opnsense.org
therecord.media
www.fragattacks.com
www.securityhandbook.io