PwnLab

Security Researcher's Field Guide

Time Zone Information

[Time Zone Converter] :: (https://savvytime.com/converter)
[Time Zone Map] :: (https://www.timeanddate.com/time/map/)
[Time Zone Abbreviations] :: (https://www.timeanddate.com/time/zones/)

Reconnaissance

[ReqBin Online Curl] :: (https://reqbin.com/curl/)
[CURL Converter] :: (https://curlconverter.com/)
[Online WGET Tool] :: (https://wget.alanreed.org/)
[Network-Tools] :: (http://network-tools.com/)
[MXToolbox] :: (https://mxtoolbox.com/NetworkTools.aspx)
[CentralOps] :: (http://centralops.net/co/)
[UltraTools] :: (https://www.ultratools.com/)
[PolySwarm - Scan URLs for threats] :: (https://polyswarm.io/)
[URLVoid] :: (http://www.urlvoid.com/)
[URL Scan] :: (https://urlscan.io/)
[URLQuery] :: (http://urlquery.net/)
[URL Parser / Query String Splitter] :: (https://www.freeformatter.com/url-parser-query-string-splitter.html)
[ScanURL] :: (http://scanurl.net/)
[Web-Sniffer] :: (http://web-sniffer.net/)
[Safeweb (Norton)] :: (https://safeweb.norton.com/)
[Lookup IP Address Location (IPv4/IPv6)] :: (http://whatismyipaddress.com/ip-lookup)
[IPVoid] :: (http://www.ipvoid.com/)
[ToolsVoid] :: (http://www.toolsvoid.com/)
[SecurityTrails - Extensive DNS data] :: (https://securitytrails.com/)
[DNSDumpster - Search DNS records] :: (https://dnsdumpster.com/)
[DNS Stuff] :: (http://www.dnsstuff.com/tools)
[DNS Goodies] :: (http://dnsgoodies.com/)
[RobTex] :: (https://www.robtex.net/)
[Metre.net] :: (http://metre.net/)
[Open Source Intelligence (OSINT)] :: (https://inteltechniques.com/menu.html)
[LeakIX - Search publicly indexed information] :: (https://leakix.net/)
[Hunter.io (Email Hunter)] :: (https://hunter.io/)
[DorkSearch - Google Dorking] :: (https://dorksearch.com/)
[Whois] :: (http://network-tools.com/default.asp?prog=whois)
[Whois Request] :: (http://whoisrequest.com/)
[Whois History] :: (http://whoisrequest.org/history/)
[PublicWWW - Marketing and affiliate marketing research] :: (https://publicwww.com/)
[Internet Archive (Wayback Machine)] :: (https://archive.org/web/)

Threat Hunting & Intelligence

[ExploitDB - Archive of various exploits] :: (https://www.exploit-db.com/)
[Packet Storm Security - Browse latest vulnerabilities and exploits] :: (https://packetstormsecurity.com/)
[Vulners - Search vulnerabilities in a large database] :: (https://vulners.com/)
[MITRE ATT&CK Matrix] :: (https://attack.mitre.org/matrices/enterprise/)
[CVE - Search CVE List] :: (https://cve.mitre.org/cve/search_cve_list.html)
[Deepviz Threat Intelligence] :: (https://intel.deepviz.com/)
[ThreatVault by Palo Alto Networks] :: (https://threatvault.paloaltonetworks.com/)
[AlienVault - Open Threat Exchange] :: (https://otx.alienvault.com/)
[IBM X-Force Exchange] :: (https://exchange.xforce.ibmcloud.com/new)
[Crowdsourced IP feed from ThreatCrowd] :: (http://iplists.firehol.org/?ipset=threatcrowd)
[Crowdsourced feeds from ThreatCrowd] :: (http://threatcrowd.blogspot.co.uk/2016/02/crowdsourced-feeds-from-threatcrowd.html)
[Crowdsourced Domain Feed] :: (https://www.threatcrowd.org/feeds/domains.txt)
[Crowdsourced IP Feed] :: (https://www.threatcrowd.org/feeds/ips.txt)
[Crowdsourced Hash Feed] :: (https://www.threatcrowd.org/feeds/hashes.txt)
[ThreatCrowd] :: (https://www.threatcrowd.org/)
[CINS Score (ci-badguys.txt)] :: (http://cinsscore.com/list/ci-badguys.txt)
[Groups - MITRE ATT&CK] :: (https://attack.mitre.org/groups/)
[APT Groups and Operations] :: (https://docs.google.com/spreadsheets/d/1H9_xaxQHpWaa4O_Son4Gx0YOIzlcBWMsdvePFX68EKU/pubhtml#)
[Majestic Million CSV] :: (http://downloads.majestic.com/majestic_million.csv)
[Alexa Top 1 Million Sites (Retired)] :: (https://s3.amazonaws.com/alexa-static/top-1m.csv.zip)
[ThreatMiner - Data Mining for Threat Intelligence] :: (https://www.threatminer.org/)
[Cymon.io - Open Threat Intelligence] :: (https://cymon.io/)
[Cymon.io Dashboard] :: (https://cymon.io/cp/)
[Pulsedive - Search for threat intelligence] :: (https://pulsedive.com/)
[Fofa - Search for various threat intelligence] :: (https://fofa.so/)
[ONYPHE - Collects cyber-threat intelligence data] :: (https://www.onyphe.io/)
[Binary Edge - Scans the internet for threat intelligence] :: (https://www.binaryedge.io/)
[IntelligenceX - Search Tor, I2P, data leaks, domains, and emails] :: (https://intelx.io/)
[Project Honey Pot - Community Tracking Online Fraud & Abuse] :: (https://www.projecthoneypot.org/)
[MalwarePatrol - Open Source Threat Data] :: (https://www.malwarepatrol.net/login.php)
[BotScout - Bot Database] :: (http://botscout.com/)
[Shodan - Search Engine of Internet-connected Devices] :: (https://www.shodan.io/)
[GreyNoise - Search for devices connected to the internet] :: (https://www.greynoise.io/)
[Netlas - Search and monitor internet connected assets] :: (https://netlas.io/)
[Censys.io - Search Engine for Vulnerable Devices] :: (https://www.censys.io/)
[FullHunt - Search and discovery attack surfaces] :: (https://fullhunt.io/)
[GrayHatWarfare - Search public S3 buckets] :: (https://grayhatwarfare.com/)
[ZoomEye - Gather information about targets] :: (https://www.zoomeye.org/)
[Dehashed - View leaked credentials] :: (https://www.dehashed.com/)
[CRT sh - Search for certs that have been logged by CT] :: (https://crt.sh/)
[Wigle - Database of wireless networks, with statistics] :: (https://www.wigle.net/)
[ProjectHoneypot.org - Honeypot Checker] :: (http://www.projecthoneypot.org)
[TaskList.org - List of Windows Processes and Descriptions] :: (http://www.tasklist.org/)
[Manually finding Malware] :: (https://peter.hahndorf.eu/tech/malware.html)
[Mining for Malware] :: (https://www.sans.org/reading-room/whitepapers/malicious/mining-malware-gold-thar-proxy-logs-32959)
[Finding Malware in the Registry] :: (https://malwaretips.com/threads/most-important-areas-in-registry-to-check-for-viruses.38778/)
[MAC Addresses And Protocol Identifiers] :: (http://standards.ieee.org/regauth/oui/oui.txt)
[Port Number Assignments] :: (http://www.iana.org/assignments/port-numbers)
[Trojan Port Assignments] :: (http://www.glocksoft.com/trojan_port.htm)
[Neohapsis Ports List] :: (http://neohapsis.com/neolabs/neo-ports/neo-ports.html)
[IFM - Cisco Password Cracker] :: (http://www.ifm.net.nz/cookbooks/passwordcracker.html)
[XSS Filter Evasion Cheat Sheet] :: (https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet)
[SQL Injection Prevention Cheat Sheet] :: (https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet)
[OpenIOC - Open Framework for Sharing Threat Intelligence] :: (http://www.openioc.org/)

Forensics / Recovery

[Hashbot - A forensic web tool] :: (https://www.hashbot.com/)
[ZIP File Password Removal] :: (https://passwordrecovery.io/zip-file-password-removal/)
[Barcode Decoder Online] :: (https://zxing.org/w/decode.jspx)
[Steganography Online] :: (https://stylesuxx.github.io/steganography/)
[Steganographic Decoder] :: (https://futureboy.us/stegano/decinput.html)
[Repair Image Online Tool] :: (https://online.officerecovery.com/pixrecovery/)

Malware Analysis

[VirusTotal - Virus, Malware and URL Scanner] :: (http://www.virustotal.com)
[PolySwarm - Scan files for threats] :: (https://polyswarm.io/)
[VirSCAN.org] :: (http://virscan.org/)
[Jotti's Malware Scan] :: (https://virusscan.jotti.org/en)
[Deepviz Malware Analyzer] :: (https://sandbox.deepviz.com/)
[Malware Analysis by Malwr.com] :: (https://malwr.com/)
[NoDistribute - Online Virus Scanner w/o Distribution] :: (http://nodistribute.com/)
[CyberTracker - MalwareHunterTeam] :: (http://cybertracker.malwarehunterteam.com/)
[Advanced File Analysis] :: (https://valkyrie.comodo.com/)
[Static Analysis Framework] :: (https://mastiff-online.korelogic.com/)
[ThreatExpert File Analysis] :: (http://www.threatexpert.com/submit.aspx)
[Microsoft Malware Protection Center] :: (https://www.microsoft.com/en-us/security/portal/submission/submit.aspx)
[Hybrid-Analysis - Malware/File Analysis] :: (https://www.hybrid-analysis.com/)
[Reverse.IT - Malware/File Analysis] :: (https://www.reverse.it)
[File Analyzer] :: (https://www.file-analyzer.net/)
[Document Analyzer] :: (http://www.document-analyzer.net/)
[Office Document Malware Analysis] :: (https://www.quicksand.io/)
[Scan Documents for Embedded Executables/Payloads] :: (https://www.cryptam.com/)
[Malware Tracker aka PDF-Examiner] :: (https://www.malwaretracker.com/pdf.php)
[APK Analyzer] :: (https://www.apk-analyzer.net/)
[Linux Sandbox] :: (https://detux.org/)

Malware Removal

[How to clean an infected computer (Malware Removal Guide)] :: (https://malwaretips.com/blogs/malware-removal-guide-for-windows/)

Binary Exploitation / Coding

[Compiler Explorer Online] :: (https://godbolt.org/)
[Online GDB] :: (https://www.onlinegdb.com/)
[Try It Online (TIO) - Online Interpreter] :: (https://tio.run/)
[Compile and Execute Assembly Online] :: (https://www.tutorialspoint.com/compile_assembly_online.php)
[Online Terminals, Compilers & Interpreters] :: (http://www.tutorialspoint.com/codingground.htm)
[Execute Python Online (Python v2.7.13)] :: (https://www.tutorialspoint.com/execute_python_online.php)
[Python 3 Terminal Online] :: (https://www.tutorialspoint.com/python3_terminal_online.php)
[Execute Ruby Online (Ruby v2.4.1)] :: (https://www.tutorialspoint.com/execute_ruby_online.php)
[PowerShell Terminal Online] :: (https://www.tutorialspoint.com/powershell_terminal_online.php)
[Python Decompiler] :: (https://python-decompiler.com/)
[Esoteric Languages (ESO Lang) Wiki] :: (https://esolangs.org/wiki/language_list)
[Hello world!] :: (https://esolangs.org/wiki/Hello_world)
[Hello world in Esoteric languages] :: (https://esolangs.org/wiki/Hello_world_program_in_esoteric_languages)
[The Hello World Collection] :: (http://helloworldcollection.de/)
[Search code] :: (https://searchcode.com/)
[Grep App - Search git repos] :: (https://grep.app/)

Reversing

[32-bit Opcode Reference] :: (http://ref.x86asm.net/coder32.html)
[64-bit Opcode Reference] :: (http://ref.x86asm.net/coder64.html)
[Intel x86 Assembler Instruction Set Opcode Table] :: (http://sparksandflames.com/files/x86InstructionChart.html)
[ODA - The Online Disassembler] :: (https://www.onlinedisassembler.com/odaweb/)
[Online TrID] :: (http://mark0.net/onlinetrid.aspx)
[Executable Online Viewer] :: (https://exe.urih.com/)
[Visual Analysis of Binary Files] :: (https://binvis.io/#/)
[Online Strings Utility] :: (https://www.fileformat.info/tool/strings.htm)
[File Signatures] :: (http://www.garykessler.net/library/file_sigs.html)
[Wotsit.org - The Programmer's File & Data Resource] :: (http://devel.archefire.org/mirrors/www.wotsit.org/)
[FileFormat.Info - The Digital Rosetta Stone] :: (http://www.fileformat.info/)
[Zamzar - File formats descriptions and meanings] :: (http://www.zamzar.com/fileformats/)
[File Magic Numbers] :: (https://gist.github.com/leommoore/f9e57ba2aa4bf197ebc5)
[Magic Bytes - JavaScript Library] :: (https://github.com/LarsKoelpin/magic-bytes)
[HexEd.it - Browser based hex editor] :: (https://hexed.it/)

Converters

[BIN, HEX, DEC, BASE64 Translator] :: (https://paulschou.com/tools/xlate/)
[CyberChef - The Cyber Swiss Army Knife] :: (https://gchq.github.io/CyberChef/)
[Base64 Encode] :: (https://www.base64encode.org/)
[Base64 Decode] :: (https://www.base64decode.org/)
[Cryptii - Converter between multiple format systems] :: (https://cryptii.com/text/select)
[dCode - The Ultimate Toolkit to Solve Games & Riddles] :: (https://www.dcode.fr/tools-list)
[AES - Symmetric Ciphers Online] :: (http://aes.online-domain-tools.com/)
[ASCII Converter (Hex/Dec/Bin/Base64/ASCII)] :: (https://www.branah.com/ascii-converter)
[Hex Dec Bin Oct converter for programmers] :: (http://calc.50x.eu/)
[Rot13 Converter] :: (http://www.rot13.com/)
[Hex to ASCII Text Converter] :: (https://www.rapidtables.com/convert/number/hex-to-ascii.html)
[Number Base Converter] :: (https://www.rapidtables.com/convert/number/index.html)
[URL Encoding] :: (http://www.blooberry.com/indexdot/html/topics/urlencoding.htm)
[URL Encode/Decode] :: (http://www.url-encode-decode.com/)
[Online Encrypt Decrypt String] :: (https://codebeautify.org/encrypt-decrypt)
[Cipher Tools] :: (http://rumkin.com/tools/cipher/)
[Reverse String] :: (https://codebeautify.org/reverse-string)
[Morse Code Translator] :: (https://morsecode.scphillips.com/translator.html)
[Morse Code Table Cheat Sheet] :: (https://terablitz.com/radio/morse-code-table-cheat-sheet/)
[Maritime Signals Code] :: (https://www.dcode.fr/maritime-signals-code)