DiPiazza

Where I break stuff, then write about it.

Security Tools & Resources

Essential tools and resources I use for penetration testing, reconnaissance, and cybersecurity research.

🔍 Network Tools

Nmap

Network discovery and security auditing tool for port scanning and service detection.

nmap.org →

Wireshark

Network protocol analyzer for deep packet inspection and traffic analysis.

wireshark.org →

🌐 Web Application Testing

Burp Suite

Industry-standard web vulnerability scanner and proxy tool for finding security flaws in web applications.

portswigger.net →

OWASP ZAP

Open-source web application security scanner for automated and manual testing.

zaproxy.org →

⚔️ Exploitation & Post-Exploitation

Metasploit Framework

Comprehensive penetration testing framework with thousands of exploits and payloads.

metasploit.com →

💻 Development & Productivity

Termius

Cross-platform SSH client with saved hosts, key management, and terminal organization.

termius.com →

Visual Studio Code

Lightweight code editor with extensions for Python, PowerShell, and cybersecurity scripting.

code.visualstudio.com →

Flameshot

Screenshot tool with built-in annotation for documenting findings and creating reports.

flameshot.org →

🔎 Reconnaissance & OSINT

Whois.com

Domain and IP ownership lookup for identifying registrants and contact information.

whois.com →

Shodan

Search engine for internet-connected devices, services, and exposed systems.

shodan.io →

Wayback Machine

Historical snapshots of websites for finding old versions and deleted content.

archive.org →

DNSDumpster

DNS reconnaissance and domain mapping tool for discovering subdomains and infrastructure.

dnsdumpster.com →

crt.sh

Certificate Transparency log search for finding subdomains via SSL certificates.

crt.sh →

ViewDNS.info

Reverse IP lookup, ASN queries, and DNS history for infrastructure reconnaissance.

viewdns.info →

🔐 Hashing & Cryptography

CyberChef

Web-based data analysis toolbox for encoding, decoding, and data manipulation.

CyberChef →

Have I Been Pwned

Check if email addresses have been compromised in data breaches.

haveibeenpwned.com →

🎯 Practice Labs & Training

HackTheBox

Penetration testing labs with real-world scenarios and retired machines for practice.

hackthebox.com →

TryHackMe

Guided cybersecurity training with hands-on rooms and learning paths.

tryhackme.com →

🛡️ Threat Intelligence & Vulnerabilities

VirusTotal

Multi-engine file and URL scanning service for malware analysis.

virustotal.com →

CVE Database

Public catalog of disclosed cybersecurity vulnerabilities and exposures.

cve.mitre.org →

Exploit Database

Archive of public exploits and corresponding vulnerable software.

exploit-db.com →

Get in Touch

Email LinkedIn GitHub