secint
Top 10 Trending CVEs, Latest Insights & Analysis.
cvemon is a free vulnerability intelligence platform developed by Intruder to help businesses stay ahead of the latest threats.
By aggregating data from trusted sources, it provides the latest intelligence on CVEs and tracks what’s trending over the last 24 hours, complete with a hype score to contextualize the buzz.
Repository of Yara rules dedicated to Phishing Kits Zip files.
This repository, dedicated to Phishing Kits zip files YARA rules, is based on zip raw format analysis to find directories and files names, you don't need yara-extend there.
Related contents:
phishing, scam and brand impersonation detection – StalkPhish – We provide B2B tools, data and knowledge for a better phishing and brand impersonation detection.
StalkPhish-OSS is a tool created for searching into free OSINT databases for specific phishing kits URL. StalkPhish-OSS was made for phishing pages detection. More, StalkPhish-OSS is designed to try finding phishing kits sources.
Related contents:
Timely. Accurate. Relevant Phishing Intelligence.
Related contents:
A tool to identify and investigate inauthentic GitHub user accounts and repositories.
ghbuster is a tool to detect suspicious GitHub repositories and users using heuristics. It is designed to help identify potentially malicious or inauthentic accounts and repositories on GitHub.
Related contents:
Kingfisher is a blazingly fast secret‑scanning and validation tool built in Rust. It combines Intel’s hardware‑accelerated Hyperscan regex engine with language‑aware parsing via Tree‑Sitter, and ships with hundreds of built‑in rules to detect, validate, and triage secrets before they ever reach production.
Related contents:
ipdex is a simple CLI tool to gather insight about a list of IPs or an IP using the CrowdSec CTI (Cyber Threat Intelligence) API.
Related contents:
Domain Name Threat Intelligence.
The openSquat is a tool for identifying domain look-alikes by searching for newly registered domains that might be impersonating legit domains and brands.
MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.
Related contents:
Passive hostname, domain and IP lookup tool for non-robots.
wtfis is a commandline tool that gathers information about a domain, FQDN or IP address using various OSINT services. Unlike other tools of its kind, it's built specifically for human consumption, providing results that are pretty (YMMV) and easy to read and understand.
The CVE Foundation has been formally established to ensure the long-term viability, stability, and independence of the Common Vulnerabilities and Exposures (CVE) Program, a critical pillar of the global cybersecurity infrastructure for 25 years.
Related contents:
PhishTool gives human analysts the power to reverse engineer phishing emails, to better defend against them. PhishTool is to phishing emails as a disassembler is to malware or a forensic toolkit is to file systems.
Related contents:
Cybersecurity Search Engine.
Criminal IP is an OSINT search engine specialized in attack surface assessment and threat hunting.
It offers extensive cyber threat intelligence, including device reputation, geolocation, IP reputation for C2 or scanners, domain safety, malicious link detection, and APT attack vectors via search and API.
A fast WordPress plugin enumeration tool.
WPProbe is a fast and efficient WordPress plugin scanner that leverages REST API enumeration (?rest_route) to detect installed plugins without brute-force.
Unlike traditional scanners that hammer websites with requests, WPProbe takes a smarter approach by querying the exposed REST API. This technique allows us to identify plugins stealthily, reducing detection risks and speeding up the scan process.
Information Gatherer & Webapps Exploiter. a Python-based tool to streamline and centralize some pentesting tasks.
Lucille is a comprehensive web application security testing tool designed for cybersecurity professionals. built with Python, Lucille offers a suite of user-friendly tools, it aims to provide an efficient and practical tools streamlining pentesting tasks and centralizing various audit and exploitation techniques.
Vulnerability Intelligence Platform. Track and Monitor CVEs in Real-Time
Stay ahead of security threats with our comprehensive vulnerability intelligence platform. Monitor, analyze, and respond to CVEs affecting your infrastructure.
Fast Enumeration Tool using Shodan.
This is a Python script developed to assist in the reconnaissance process during penetration testing.
Related contents:
Quickly discover exposed hosts on the internet using multiple search engines.
uncover is a go wrapper using APIs of well known search engines to quickly discover exposed hosts on the internet. It is built with automation in mind, so you can query it and utilize the results with your current pipeline tools.
Know Your User™
Open source user analytics for sovereign cybersecurity.
Tirreno is open-source user analytics software.
Tirreno is a universal analytic tool for monitoring online platforms, web applications, SaaS, communities, IoT, mobile applications, intranets, and e-commerce websites. It is effective against external threats associated with partners or customers, as well as internal risks posed by employees or suppliers.
🔍 OSINT tool for searching people's digital footprint and leaked passwords across various social networks, written in Go.
Related contents:
ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.
PhishTool automatically retrieves all of the relevant metadata from a phishing email, providing you with the most comprehensive technical view of a phishing email possible. This combined with our OSINT and heuristic detection, makes PhishTool one seriously powerful tool.
OSINT automation for hackers. A recursive internet scanner for hackers.
BEE·bot is a multipurpose scanner inspired by Spiderfoot, built to automate your Recon, Bug Bounties, and ASM!
The Ultimate Information Gathering Toolkit. A Python-based toolkit for Information Gathering and Reconnaissance.
Argus is an all-in-one, Python-powered toolkit designed to streamline the process of information gathering and reconnaissance. With a user-friendly interface and a suite of powerful modules, Argus empowers you to explore networks, web applications, and security configurations efficiently and effectively.
Slack enumeration and exposed secrets detection tool. Monitoring and enumerating Slack for exposed secrets
LOLESXi features a comprehensive list of binaries/scripts natively available in VMware ESXi that adversaries have utilised in their operations. The information on this site is compiled from open-source threat research.
Gitxray (short for Git X-Ray) is a multifaceted security tool designed for use on GitHub repositories. It can serve many purposes, including OSINT and Forensics. gitxray leverages public GitHub REST APIs to gather information that would otherwise be very time-consuming to obtain manually. Additionally, it seeks out information in unconventional places.
Go CLI and Library for quickly mapping organization network ranges using ASN information.
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
SpiderFoot is an open source intelligence (OSINT) automation tool. It integrates with just about every data source available and utilises a range of methods for data analysis, making that data easy to navigate.
SpiderFoot has an embedded web-server for providing a clean and intuitive web-based interface but can also be used completely via the command-line. It's written in Python 3 and MIT-licensed.
Tracking ransomware's victims since April 2022
A ransomware is a type of malware used by cybercriminals to encrypt the victim's files and make them inaccessible unless they pay the ransom. Today cybercriminals are more sophisticated, and they not only encrypt the victim's files also they leaking their data to the Darknet unless they will pay the ransom.
Ransomware.live is originally a fork of ransomwatch and inspired by ransomlook. Ransomware.live is a ransomware leak site monitoring tool. It will scrape all of the entries on various ransomware leak sites and published them.
Domain Public Data Collection Service.
DPULSE is a software solution for conducting OSINT research in relation to a certain domain.
Find and verify secrets. Find leaked credentials.
TruffleHog is the most powerful secrets Discovery, Classification, Validation, and Analysis tool. In this context secret refers to a credential a machine uses to authenticate itself to another machine. This includes API keys, database passwords, private encryption keys, and more...
Related contents:
Collection of Cyber Threat Intelligence sources from the Deep and Dark Web
The aim of this project is to collect the sources, present in the Deep and Dark web, which can be useful in Cyber Threat Intelligence contexts.
Cyber Theat live dashboard
The World’s First Truly Open Threat Intelligence Community
The OWASP Amass Project performs network mapping of attack surfaces and external asset discovery using open source information gathering and active reconnaissance techniques.
The OWASP Amass Project has developed a framework to help information security professionals perform network mapping of attack surfaces and external asset discovery using open source intelligence gathering and reconnaissance techniques.
Machinae is a tool for collecting intelligence from public sites/feeds about various security-related pieces of data: IP addresses, domain names, URLs, email addresses, file hashes and SSL fingerprints. It was inspired by Automater, another excellent tool for collecting information. The Machinae project was born from wishing to improve Automater in 4 areas:
Extract and aggregate threat intelligence. An extendable tool to extract and aggregate IOCs from threat feeds.
ThreatIngestor can be configured to watch Twitter, RSS feeds, or other sources, extract meaningful information such as malicious IPs/domains and YARA signatures, and send that information to another system for analysis.
Microsoft Threat Intelligence Python Security Tools. msticpy is a library for InfoSec investigation and hunting in Jupyter Notebooks.
A free, community-sourced, machine-readable knowledge base of digital forensic artifacts that the world can use both as an information source and within other tools.
If you'd like to use the artifacts in your own tools, all you need to be able to do is read YAML. That is it, no other dependencies. The Python code in this project is just used to validate all the artifacts to make sure they follow the specification.
A distributed vulnerability database for Open Source. An open, precise, and distributed approach to producing and consuming vulnerability information for open source.
Related contents:
Weekly Security Vulnerability Emails. Follow Security Vulnerabilities in your software stack. Every month about 2,000 vulnerabilities are published, but how many of those are important to you? Use StackWatch to create a software stack (a list of software you use), then get a weekly email with security vulnerabilities that have been published for software within your stack.
Find & Fix Open Source vulnerabilities. Get real-time security alerts and compliance issues on your open source dependencies within Azure DevOps or GitHub.
Open Source Threat Intelligence Platform & Open Standards For Threat Information Sharing.
The MISP threat sharing platform is a free and open source software helping information sharing of threat and cybersecurity indicators.
Open Cyber Threat Intelligence Platform.
OpenCTI is an open source platform allowing organizations to manage their cyber threat intelligence knowledge and observables. It has been created in order to structure, store, organize and visualize technical and non-technical information about cyber threats.