Websites & Other Resources

Not all tools have to be downloaded or installed on your computer. I found some invaluable resources/websites the can help you in your endeavours. But, as with the commands, at a certain point it just becomes too much to remember.

Need a better meme here..

So I created this collection of websites that I find to be very interesting and might help others out in the process. I mean, I learned most of my stuff looking at what other people are doing/using.

\\\\====== Just show me the websites already ======////

Subjects

Command Injection
Domain Enumeration
XSS - Cross Site Scripting

Command Injection

Command Injection Payload List

ℹ️ This Github repository contains several payloads for use in command injection attacks on Unix or Windows systems.

🔗 https://github.com/payloadbox/command-injection-payload-list

Domain Enumeration

Certificate Search

ℹ️ Offers a searchable database of certificates that shows current and historical results for a given domain name.

🔗 https://crt.sh/

Entrust CTSearch

ℹ️ Offers a searchable database of certificates that shows current and historical results for a given domain name.

🔗 https://ui.ctsearch.entrust.com/ui/ctsearchui

XSS - Cross Site Scripting

XSS Hunter (depreciated)

ℹ️ A popular open source web-based tool for identifying cross-site scripting (XSS) bugs in websites. Now depreciated, use the offline version now.

🔗 https://xsshunter.com/