Sunday, 28 September 2014

Using On-line Services for Reconnaissance

Ever wanted to use only existing online services to do reconnaissance without having to install or use any other tools. Well, the following URLs will give you a nice starting point. This list is to be expanded and updated with more links. If you believe you know of an online service which can be useful for this purpose do not hesitate to share it with the rest of us. Let me know and I will add it to the list! :)
Use Virus Total and enter the URL you want to check and look into the "additional information".
For further information you may also use Site Check.
Quttera is also a useful on-line service to keep in mind.
Automated Security Analyser for ASP.NET Websites.
Assess the security based HTTP response headers

Detecting and analyse web-based malware
Check if your login credentials have been leaked due to a recent hack
SSL Labs is a very useful on-line service to know.
Test/Check the SSL/TLS capabilities of your browser
Assess your web application's header information
Hash ASCII text or a file with many different hash algorithms

Generate and verify the MD5/SHA1 checksum without uploading it

Formatters, Validators, Encoders & Decoders, Converters, Data Generator, etc.

Check your hash (string) to find a possible hash type

Reverse Lookup of a Hash

Reverse Lookup of a Hash

Online Hash Identification (supports 250 hash types) and command line tool
PCAP Web Performance Analyzer

URL Decoder/Encoder
A collection of online network tools including ipv6 tools.
The MX Toolbox has a number of online tools for you to use.
Test your snmp server
A number of online different online tools
Website speed test and DNS tests
IntoDNS checks the health and configuration and provides DNS report and mail servers report

Provides a comprehensive test and report on the health of your DNS

Test for open relay

Investigate domains and IP addresses
Microsoft's Remote Connectivity Analyzer
A number of useful tools
Online access to vulnerability scanning tools
Check if you are vulnerable to the SSL/TLS vulnerability called the FREAK attack
Read about Logjam and check if your browser is vulnerable
Latest Exploits and Vulnerabilities
Web Application performance

No comments:

Post a Comment