Posted in: Hosting

Web Server Pentesting useful security resources

open-source CLI/web tools

Discover useful security resources, cheatsheets, hacks, one-liners, and open-source CLI/web tools.


πŸ”Έ mylg – utility which combines the functions of the different network probes in one diagnostic tool.
πŸ”Έ netcat – utility which reads and writes data across network connections, using the TCP/IP protocol.
πŸ”Έ socat – utility which transfers data between two objects.
πŸ”Έ tcpdump – is a powerful command-line packet analyzer.
πŸ”Έ tshark – is a tool that allows us to dump and analyze network traffic (wireshark cli).


GUI Network Tools
πŸ”Έ Wireshark – is the world’s foremost and widely-used network protocol analyzer.
πŸ”Έ Ettercap – is a comprehensive network monitor tool.
πŸ”Έ EtherApe – is a graphical network monitoring solution.
πŸ”Έ Packet Sender – is a networking utility for packet generation and built-in UDP/TCP/SSL client and web hosting servers.
πŸ”Έ Ostinato – is a packet crafter and traffic generator.


Encoders/Decoders and Regex testing
πŸ”Έ URL Encode/Decode – tool from above to either encode or decode a string of text.
πŸ”Έ Uncoder – the online translator for search queries on log data.
πŸ”Έ Regex101 – online regex tester and debugger: PHP, PCRE, Python, Golang and JavaScript.
πŸ”Έ RegExr – online tool to learn, build, & test Regular Expressions (RegEx / RegExp).
πŸ”Έ RegEx Testing – online regex testing tool.


CVE/Exploits databases

πŸ”Έ – exploits market provides you the possibility to buy/sell zero-day exploits.
πŸ”Έ sploitus – the exploit and tools database.
πŸ”Έ cxsecurity – free vulnerability database.
πŸ”Έ Vulncode-DB – is a database for vulnerabilities and their corresponding source code if available.
πŸ”Έ CVE Mitre – list of publicly known cybersecurity vulnerabilities.


πŸ”Έ Inside Figma: securing internal web apps
Figma’s Security Engineer Max Burkhardt describes their system to securely provide access to internal apps using AWS ALBs, Cognito, Okta, and Lambda.


Happy Coding!