Pentesters choice: Useful links / software for daily work in IT
Here you will find a current selection of useful websites or open source software that can make everyday life in the IT department easier. This is not a compilation, but a very selective choice collected by our pentest team.
Mail Tester
DMARC, SPF, DKIM, Spam Check, Blacklist Check
https://www.mailgenius.com/
DNS
DNS History, Reverse Search, Find hosts sharing the same IP
https://dnsdumpster.com/
Tunneling
SIEM / XDR (Open Source)
Open Source all-in one PaaS
Coolify is an all-in one PaaS that helps you to self-host your own applications, databases or services (like Wordpress, Plausible Analytics, Ghost) without managing your servers and all the complexity that comes with it, it is also known as an open-source & self-hostable Heroku / Netlify / Vercel alternative.
https://coolify.io/
Uptime Monitoring
https://github.com/louislam/uptime-kuma
https://evait.medium.com/uptime-and-network-monitoring-while-pentesting-ensuring-service-continuity-and-early-detection-80aef8b5c13b
Translation & Grammar
AI-supported translation of texts into different languages
https://www.deepl.com/
Grammar, style and spelling checker
https://www.deepl.com/write
E-Mail finder and verification tool
Remote Desktop
Open source alternative to Teamviewer and Anydesk, cross-platform incl. free STUN / TURN servers
https://rustdesk.com
Online Asset finder
https://www.shodan.io/
https://censys.io/
Community based learning
roadmap.sh is a community effort to create roadmaps, guides and other educational content to help guide developers in picking up a path and guide their learnings.
https://roadmap.sh/
https://roadmap.sh/cyber-security
“Open Source” images & vectors / free licence
https://pixabay.com/
https://www.pexels.com/
https://www.freepik.com/
Online Photo Editor / Photoshop light
https://pixlr.com/de/e/
https://www.photopea.com/
Image compression, resizing, converting (client side / no server)
https://squoosh.app/
File-Share
Fast & secure transmission of data (end-to-end via WebRTC) (can be blocked by firewall)
https://www.sharedrop.io/
Same as sharedrop but for LAN only (local file sharing in your browser. Inspired by Apple’s Airdrop.)
https://snapdrop.net/
P2P + E2EE: Syncthing
https://syncthing.net/
VPN Connect Server (Wireguard)
NetBird creates a peer-to-peer overlay network that automatically connects your servers, containers, cloud, and remote teams over an encrypted tunnel. WireGuard®-based.
https://netbird.io/
https://docs.netbird.io/selfhosted/selfhosted-quickstart
Process automation
https://n8n.io/ (Community Edition)
Standalone Modern E-Mail Server
Stalwart is a scalable, secure and robust open-source mail server software written in Rust designed for the 21st century.
https://stalw.art/
Bookmark Manager
Devops
https://www.rundeck.com/ (Community Edition)
Ticketsystem
https://zammad.org/ (Community Edition)
Mobile Development
Create / convert image resource packages for iOS & Android
https://appicon.co/
Screenshots on Windows, Mac & Linux
Direct editing, blur areas, insert texts, open source
https://github.com/flameshot-org/flameshot
Demonstration of the most important functions in a GIF
https://raw.githubusercontent.com/flameshot-org/flameshot-org.github.io/master/docs/media/animatedUsage.gif
Active Directory Self Audit (Windows Domäne)
https://www.semperis.com/purple-knight/
Backups
Borg: Deduplicated, compressed, encrypted backups
https://www.borgbackup.org/ + https://torsion.org/borgmatic/
Storage: https://www.borgbase.com/
GUI: https://vorta.borgbase.com/
Alternative (For specific files / folders)
https://restic.net/
Website Change Notifier
Monitors changes on websites and Sken.io notifies via e-mail when a change occurs.
https://sken.io
Open Source Self-hosted change monitoring of web pages
https://github.com/dgtlmoon/changedetection.io
Password Manager
Cloud:
https://bitwarden.com/
Self hosted:
https://github.com/dani-garcia/vaultwarden
RAID Calculator
https://www.omnicalculator.com/other/raid
Microsoft 365 Licensing Overview
Local Wiki / Documentation (Markdown)
https://obsidian.md (Desktop)
https://obsidian.md/mobile (Mobile)
Self hosted:
https://js.wiki/
List of other exciting open source projects
https://github.com/awesome-selfhosted/awesome-selfhosted
LDAP Monitor
https://github.com/p0dalirius/LDAPmonitor
https://evait.medium.com/ldap-monitor-live-%C3%BCberwachung-f%C3%BCr-ver%C3%A4nderungen-an-ldap-objekten-31e4f7d9f7b7
Decoder & Encoder
Complex concatenation of encryption and coding
https://gchq.github.io/CyberChef/