There are hundreds of websites out there with useful information and helpful tools that can be used while hacking, so I decided to create a list of helpful websites for different aspects of hacking as I come along them. I will make sure to update this list as I come across more, so make sure to check back regularly!
Information Gathering
DNS Reconnaissance
- DNSDumpster: will provide a visual breakdown of where/what a domain’s servers/hosts are located, as well as maps the domain in relation to its hosts/servers
- Hunter: insert a domain and it will return known email addresses connected to the website (you do have to make an account but it is free)
- ViewDNS: site that allows you to run a variety of tests against domains, IPs, and email addresses such as Whois, IP History, Location Finder, and more
- Whoxy: performs Whois and Reverse Whois lookups, as well as searches for owners, emails, and more (search tool is at the top right of the website, you can ignore the paid options advertised)
Active Reconnaissance
- Exploit Database: hopefully you know this one already, but use this to find common vulnerability exploits (CVE) and how to replicate them
Website Pentesting
- HTTP Status Codes: a simple site that lists all possible HTTP status codes along with what they mean and some specific information you can interpret from them
Decrypting/Password Attacks
- CyberChef: a GitHub project that allows you to use encryption/decryption tools against any given text
- Weak Passwords: website that gives you the current top 50 most common passwords in use
Privilege Escalation
- Super helpful blog post that walks you through how to do enumeration on a new host with the intention of privilege escalation
- Reverse Shell Cheat Sheet: cheat sheet that provides the code for how to deploy a reverse shell and the process in different languages
Reporting
- Carbon: nice site that allows you to paste your code and edit it to make it look more readable for reports
Please share using the links if you enjoyed!