{"id":29077039,"url":"https://github.com/jpablo13/cybersecurity-web-tools","last_synced_at":"2026-01-31T08:33:12.772Z","repository":{"id":283417665,"uuid":"946361417","full_name":"JPablo13/Cybersecurity-Web-Tools","owner":"JPablo13","description":"This repository is a centralized collection of web-based tools used in cybersecurity, organized by categories such as Red Team, Blue Team, OSINT, Forensics, and more.","archived":false,"fork":false,"pushed_at":"2025-06-16T18:20:09.000Z","size":131,"stargazers_count":6,"open_issues_count":0,"forks_count":2,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-06-27T16:51:14.024Z","etag":null,"topics":["blue-team","cybersecurity","forensics","hacking","infosec","online-tools","osint","red-team","web-tools"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/JPablo13.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-03-11T02:46:05.000Z","updated_at":"2025-06-16T18:20:12.000Z","dependencies_parsed_at":"2025-05-19T05:22:19.990Z","dependency_job_id":null,"html_url":"https://github.com/JPablo13/Cybersecurity-Web-Tools","commit_stats":null,"previous_names":["jpablo13/cybersecurity-web-tools"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/JPablo13/Cybersecurity-Web-Tools","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JPablo13%2FCybersecurity-Web-Tools","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JPablo13%2FCybersecurity-Web-Tools/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JPablo13%2FCybersecurity-Web-Tools/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JPablo13%2FCybersecurity-Web-Tools/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/JPablo13","download_url":"https://codeload.github.com/JPablo13/Cybersecurity-Web-Tools/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JPablo13%2FCybersecurity-Web-Tools/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28935416,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-31T07:49:44.436Z","status":"ssl_error","status_checked_at":"2026-01-31T07:49:34.274Z","response_time":128,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["blue-team","cybersecurity","forensics","hacking","infosec","online-tools","osint","red-team","web-tools"],"created_at":"2025-06-27T16:37:21.657Z","updated_at":"2026-01-31T08:33:12.767Z","avatar_url":"https://github.com/JPablo13.png","language":null,"funding_links":["https://buymeacoffee.com/jpablo13"],"categories":[],"sub_categories":[],"readme":"# 🛠️Cybersecurity-Web-Tools\nThis repository contains a list of links to different web tools useful for cybersecurity, it is organized by categories for greater accessibility.\n\n---\n\n## 📋Table of Contents\n\n### [🛡️Blue Team](#%EF%B8%8Fblue-team-1)\n- [🔍URL Scanning](#url-scanning)\n- [🔎IP Scanning](#ip-scanning)\n- [📝File Scanning](#file-scanning)\n- [📦Sandboxing](#sandboxing)\n- [🔐Password Scanning](#password-scanning)\n- [🛡️Vulnerability Management](#%EF%B8%8Fvulnerability-management)\n- [🦠Malware Samples](#malware-samples)\n- [📧Email Protection](#email-protection)\n- [🌐Web Security](#web-security)\n  \n### [🐉Red Team](#red-team-1)\n- [🎯Web Enumeration and Reconnaissance](#web-enumeration-and-reconnaissance)\n- [📚Knowledge Bases \u0026 Cheatsheets](#knowledge-bases--cheatsheets)\n- [🃏Data Analysis and Transformation](#data-analysis-and-transformation)\n- [🔑Token \u0026 Auth Analysis Tools](#token--auth-analysis-tools)\n- [🔐Web Security Configuration](#web-security-configuration)\n- [💥Exploits and Vulnerabilities](#exploits-and-vulnerabilities)\n\n### [🧩Browser Extensions](#-browser-extensions)\n- [🛡️Privacy \u0026 Protection](#%EF%B8%8Fprivacy--protection)\n- [🧪Pentesting, OSINT \u0026 Web Analysis](#pentesting-osint--web-analysis)\n- [🍪Cookies \u0026 Headers](#cookies--headers)\n\n---\n\n# 🛡️Blue Team\n\n## 🔍URL Scanning\n\n* **[VirusTotal](https://www.virustotal.com/)**: Scans URLs and files for viruses and other threats using multiple antivirus engines. \n* **[Talos Intelligence](https://talosintelligence.com/)**: Offers information about online threats, including URL reputation.\n* **[URLVoid](https://www.urlvoid.com/)**: Checks if a URL has been reported as malicious by various sources.\n* **[Urlscan.io](https://urlscan.io/)**: Analyzes websites to detect malicious content, such as malware or phishing.\n* **[Google Safe Browsing Site Status](https://transparencyreport.google.com/safe-browsing/search)**: Allows you to check if a website has been marked as unsafe by Google. \n\n## 🔎IP Scanning\n\n* **[AbuseIPDB](https://www.abuseipdb.com/)**: Collects reports of abusive IP addresses, such as those that send spam or perform attacks.\n* **[IPVoid](https://www.ipvoid.com/)**: Provides information about the reputation of an IP address, even if it is reported as malicious.\n* **[Hurricane Electric](https://bgp.he.net/)**: Offers tools to analyze IP address routing information.\n* **[DNSlytics](https://dnslytics.com/)**: Analyzes DNS records to obtain information about the infrastructure of a domain or IP address.\n\n## 📝File Scanning\n\n* **[Triage](https://tria.ge/)**: Analyzes files in an isolated environment (sandbox) to detect malicious behavior.\n* **[Filescan.io](https://www.filescan.io/scan)**: Scans files for malware using multiple antivirus engines.\n* **[MetaDefender](https://metadefender.opswat.com/)**: Analyzes files with multiple antivirus engines and threat detection technologies.\n* **[Kaspersky Threat Intelligence](https://opentip.kaspersky.com/)**: Offers information about threats and malware, including file analysis.\n* **[Hybrid Analysis](https://www.hybrid-analysis.com/)**: Analyzes files in a sandbox environment and provides detailed reports on their behavior.\n* **[TinEye](https://tineye.com/)**: Reverse image search engine, useful for detecting unauthorized use of images.\n\n## 📦Sandboxing\n\n* **[Any.run](https://app.any.run/)**: Allows you to run files and analyze their behavior in an interactive virtual environment.\n* **[Joe Sandbox](https://www.joesandbox.com/)**: Analyzes files and URLs in a sandbox environment and generates detailed reports.\n\n## 🔐Password Scanning\n\n* **[Have I Been Pwned](https://haveibeenpwned.com/)**: Checks if a password or email address has been compromised in a data breach.\n* **[Password checker Kaspersky](https://password.kaspersky.com/)**: Checks the strength of a password and if it has been compromised.\n* **[Dehashed](https://dehashed.com/)**: Search engine for leaked data, helps verify the exposure of sensitive information.\n\n## 🛡️Vulnerability Management\n\n- **[VulnCheck Tools](https://vulncheck.com/tools)**: Fast CVE lookups and exploit data.\n- **[CVE Details](https://www.cvedetails.com/)**: Comprehensive CVE database with vendor/product filters.\n- **[NVD – National Vulnerability Database](https://nvd.nist.gov/)**: Official U.S. government source for CVEs and severity metrics.\n- **[Vulners](https://vulners.com/)**: Aggregated vulnerability intelligence and exploit database.\n\n## 🦠Malware Samples\n\n* **[MalwareBazaar](https://bazaar.abuse.ch/)**: Repository of malware samples for analysis.\n* **[ThreatFox](https://threatfox.abuse.ch/)**: Platform for sharing threat indicators, including malware samples.\n\n## 📧Email Protection\n\n* **[10MinuteMail](https://10minutemail.com/)**: Provides temporary email addresses to protect privacy.\n* **[Spamhaus](https://www.spamhaus.org/)**: Offers spam block lists and other tools to combat unwanted email.\n\n## 🌐Web Security\n\n* **[EFF (Electronic Frontier Foundation)](https://www.eff.org)**: Organization that defends digital rights and online privacy.\n* **[BrowserLeaks](https://browserleaks.com/)**: Website that shows the information that websites can collect about your browser.\n\n---\n\n# 🐉Red Team\n\n## 🎯Web Enumeration and Reconnaissance\n\n- **[Subdomain Finder](https://subdomainfinder.c99.nl/)**: Enumerates the public subdomains of a target domain.\n- **[Shodan](https://www.shodan.io/)**: Search engine for devices and services connected to the internet.\n- **[Censys Search](https://search.censys.io/)**: Provides detailed information on certificates, open ports, and exposed services.\n- **[BuiltWith](https://builtwith.com/)**: Discovers the technologies behind a specific website.\n- **[GTFOBins](https://gtfobins.github.io/)**: Provides privilege escalation and binary abuse techniques on Unix/Linux systems.\n- **[RequestBin](https://requestbin.whapi.cloud/)**: Create public endpoints to inspect incoming HTTP requests—useful for webhook testing.\n\n## 📚Knowledge Bases \u0026 Cheatsheets\n\n- **[GTFOBins](https://gtfobins.github.io/)**: Provides privilege escalation and binary abuse techniques on Unix/Linux systems.\n- **[LOLBAS](https://lolbas-project.github.io/)**: Catalog of legitimate Windows binaries that can be abused for offensive purposes.\n- **[HackTricks](https://book.hacktricks.wiki/en/index.html)**: Practical knowledge base for pentesting, privilege escalation, and CTFs.\n- **[Pentestmonkey](https://pentestmonkey.net/)**: Tips, payloads, and cheat sheets for web exploitation and post-exploitation.\n- **[PayloadAllTheThings](https://github.com/swisskyrepo/PayloadsAllTheThings)**: Collection of payloads and techniques for web, network, and privilege escalation attacks.\n  \n## 🃏Data Analysis and Transformation\n\n- **[CyberChef](https://gchq.github.io/CyberChef/)**: Versatile web tool for data encoding, encryption, and transformation.\n- **[Regex101](https://regex101.com/)**: It is an online tool for testing and debugging regular expressions with instant feedback.\n\n## 🔑Token \u0026 Auth Analysis Tools\n\n- **[JWT.IO](https://jwt.io/)**: Decodes, verifies, and generates JSON web tokens.\n- **[Token Inspector](https://token.dev/)**: Platform for inspecting and visualizing JWT, JWE, JWK and JWS tokens.\n- **[Base64 Decode \u0026 Encode](https://www.base64decode.org/)**: Simple tool to decode or encode base64.\n\n## 🔐Web Security Configuration\n\n- **[SSL Labs Test](https://www.ssllabs.com/ssltest/)**: Comprehensive analysis of a web server's SSL/TLS configuration.\n- **[Observatory by Mozilla](https://observatory.mozilla.org/)**: Analyzes website security configurations and provides practical recommendations.\n- **[Security Headers](https://securityheaders.com/)**: Analyzes the security HTTP headers of any website.\n- **[Snyk.io](https://snyk.io)**: Scans code, open-source dependencies, containers, and IaC configurations for known security vulnerabilities.\n\n## 💥Exploits and Vulnerabilities\n\n- **[Exploit Database](https://www.exploit-db.com/)**: Database of exploits and security vulnerabilities.\n- **[OWASP Top 10](https://owasp.org/www-project-top-ten/)**: List of the 10 most critical web vulnerabilities.\n- **[Mitre ATT\u0026CK](https://attack.mitre.org/)**: Framework describing the tactics and techniques used by attackers.\n- **[CVE](https://cve.mitre.org/)**: Catalog of known security vulnerabilities.\n- **[CrackStation](https://crackstation.net/)**: A free password hash cracker that uses massive precomputed dictionaries to reverse weak hashes.\n\n\n---\n\n# 🧩 Browser Extensions \n\n## 🛡️Privacy \u0026 Protection\n\n- **[Privacy Badger](https://addons.mozilla.org/en/firefox/addon/privacy-badger17/)**: Blocks invisible trackers and enhances user privacy during browsing.\n- **[uBlock Origin](https://addons.mozilla.org/en/firefox/addon/ublock-origin/)**: Efficient content blocker that filters ads, malicious scripts, and trackers.\n- **[ClearURLs](https://addons.mozilla.org/en/firefox/addon/clearurls/)**: Removes tracking elements from URLs to avoid activity profiling.\n- **[I Don't Care About Cookies](https://addons.mozilla.org/en/firefox/addon/iadcaa/)**: Hides or auto-accepts cookie notices on supported websites.\n- **[WebRTC Leak Shield](https://addons.mozilla.org/en/firefox/addon/webrtc-leak-shield/)**: Prevents IP leaks through WebRTC—essential when using VPNs or proxies.\n- **[HTTPS Always (formerly HTTPS Everywhere)](https://addons.mozilla.org/en/firefox/addon/https-always/)**: Forces secure HTTPS connections when available.\n\n## 🧪Pentesting, OSINT \u0026 Web Analysis\n\n- **[Wappalyzer](https://addons.mozilla.org/en/firefox/addon/wappalyzer/)**: Identifies technologies used on websites (CMS, frameworks, web servers, etc.).\n- **[Shodan](https://addons.mozilla.org/en/firefox/addon/shodan_io/)**: Allows quick queries to Shodan about the website, IP, or device you're visiting.\n- **[HackTools](https://addons.mozilla.org/en/firefox/addon/hacktools/)**: Pentesting toolbox with payloads, encoding tools, hash generators, etc.\n- **[User-Agent Switcher and Manager](https://addons.mozilla.org/en/firefox/addon/user-agent-string-switcher/)**: Emulates various browsers and devices by changing the User-Agent header.\n- **[FoxyProxy Standard](https://addons.mozilla.org/en/firefox/addon/foxyproxy-standard/)**: Proxy manager with advanced rules, ideal for Burp Suite, TOR, or multi-proxy setups.\n- **[Retire.js](https://addons.mozilla.org/en/firefox/addon/retire-js/)**: Scans websites for vulnerable JavaScript libraries in real-time.\n- **[DotGit](https://addons.mozilla.org/en/firefox/addon/dotgit/)**: Detects exposed `.git` directories, commonly misconfigured in web deployments.\n- **[Link Gopher](https://addons.mozilla.org/en/firefox/addon/link-gopher/)**: Extracts and lists all links from a webpage—great for passive recon or scraping.\n- **[FindSomething](https://addons.mozilla.org/en/firefox/addon/findsomething/)**: Enables advanced keyword and content searching (visible or hidden) within pages.\n- **[Temp Mail](https://addons.mozilla.org/en/firefox/addon/temp-mail-org/)**: Generates disposable email addresses to use in testing or account registration.\n- **[Hunter](https://addons.mozilla.org/en/firefox/addon/hunter/)**: Searches for email addresses tied to a specific domain—very effective for OSINT.\n- **[TWP - Translate Web Pages](https://addons.mozilla.org/en/firefox/addon/traductor-webpages/)**: Instantly translates full web pages—helpful for international OSINT or analysis.\n\n## 🍪Cookies \u0026 Headers\n\n- **[Cookie Editor](https://addons.mozilla.org/en/firefox/addon/cookie-editor/)**: Inspect, edit, export, and delete cookies in real-time—perfect for web app testing.\n- **[Live HTTP Headers](https://addons.mozilla.org/en/firefox/addon/live-http-headers/)**: Monitors all HTTP headers in live traffic, useful for debugging and recon.\n- **[ModHeader](https://addons.mozilla.org/en/firefox/addon/modheader-firefox/)** Allows modification of HTTP headers like `User-Agent`, `Referer`, `Origin`.\n\n---\n\n# 📬Contact\nIf you have any questions, please feel free to contact me at:  \n[![LinkedIn](https://img.shields.io/badge/LinkedIn-%230077B5.svg?\u0026style=for-the-badge\u0026logo=linkedin\u0026logoColor=white)](https://www.linkedin.com/in/jpablo-villalobos/)\n[![GitHub](https://img.shields.io/badge/GitHub-%2312100E.svg?\u0026style=for-the-badge\u0026logo=github\u0026logoColor=white)](https://github.com/JPablo13)\n[![ProtonMail](https://img.shields.io/badge/ProtonMail-6D4AFF?style=for-the-badge\u0026logo=protonmail\u0026logoColor=white)](mailto:pablo13villalobos@proton.me)\n[![Medium](https://img.shields.io/badge/Medium-12100E?style=for-the-badge\u0026logo=medium\u0026logoColor=white)](https://medium.com/@jpablo13)\n\n---\n\n## 🤝Support me\n\n\u003cp align=\"center\"\u003e\u003ca href=\"https://buymeacoffee.com/jpablo13\"\u003e\u003cimg  src=\"https://img.shields.io/badge/Buy%20Me%20a%20Coffee-ffdd00?style=for-the-badge\u0026logo=buy-me-a-coffee\u0026logoColor=black\"/\u003e\u003c/a\u003e\u003c/p\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjpablo13%2Fcybersecurity-web-tools","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjpablo13%2Fcybersecurity-web-tools","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjpablo13%2Fcybersecurity-web-tools/lists"}